{"report_id":"e2518d5e-dc03-4995-82ab-a5f61f073345","version":6,"status":"done","tags":[],"date":"2025-09-26T17:48:14Z","url":{"schema":"http","addr":"www.tuscaloosaapartmentguide.com/MobileDefault.aspx?reff=https://tdzebli.com/1/%23JH-T2llA","fqdn":"www.tuscaloosaapartmentguide.com","domain":"tuscaloosaapartmentguide.com","tld":"com"},"ip":{"addr":"172.172.234.154","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"title":"The most popular dating site of this month"},"submit":{"url":{"schema":"http","addr":"www.tuscaloosaapartmentguide.com/MobileDefault.aspx?reff=https://tdzebli.com/1/%23JH-T2llA","fqdn":"www.tuscaloosaapartmentguide.com","domain":"tuscaloosaapartmentguide.com","tld":"com"},"ip":{"addr":"172.172.234.154","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-31T17:48:14Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.tuscaloosaapartmentguide.com","ip":{"addr":"172.172.234.154","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2001-01-16","domain_rank":0,"first_seen":"2013-11-13T13:09:18Z","last_seen":"2025-09-26T15:08:02.450495Z","alert_count":0,"request_count":1,"received_data":2502,"sent_data":558,"comment":"","tags":null,"fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}]},{"fqdn":"tdzebli.com","ip":{"addr":"88.214.27.56","port":443,"asn":209272,"as":"Alviva Holding Limited","country":"Germany","country_code":"DE"},"domain_registered":"2025-08-13","domain_rank":0,"first_seen":"2025-08-13T21:10:41.256815Z","last_seen":"2025-09-22T00:59:52.924794Z","alert_count":4,"request_count":2,"received_data":2633,"sent_data":913,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-21T22:11:31.014241Z","alert_count":0,"request_count":1,"received_data":19611,"sent_data":567,"comment":"","tags":null,"fingerprints":null},{"fqdn":"openfpcdn.io","ip":{"addr":"54.240.174.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2021-11-10","domain_rank":9255,"first_seen":"2021-11-11T13:02:44Z","last_seen":"2025-09-21T22:26:07.198547Z","alert_count":0,"request_count":1,"received_data":15896,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2025-09-21T22:13:13.943291Z","alert_count":0,"request_count":1,"received_data":29244,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-09-21T22:11:31.798564Z","alert_count":0,"request_count":1,"received_data":2552,"sent_data":469,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"befjajh.flirtosmart.com","ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"domain_registered":"2024-11-06","domain_rank":0,"first_seen":"2024-12-30T18:10:51.158169Z","last_seen":"2025-09-23T16:04:00.083419Z","alert_count":59,"request_count":15,"received_data":724343,"sent_data":64568,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/js/jquery.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85578,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-10T13:53:56.275171Z","times_seen":269875,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":true,"md5":"8c32790817cef0373f647b021d174988","sha1":"f10f22c0b00ff7bac1a7cc53c3135293a2ae387a","sha256":"37ad240bd0b507dee4ad269be11c630e17cf9049a4d708e2ddc368d857fe7a34","sha512":"838332e20afa62bf6038b7da0f3a8fc321efc454d479ed0b1f21ba7379bab765a6830ca997e62ae0e410c8fccc616ca2735af2748049134b96bf618ccd63194b","ssdeep":"","tlshash":"d59004c0443045c4040077533f01cfc1554143f4070cc3140410c74030c7dd0013d530","size":41,"data":"","first_seen":"2025-02-15T10:03:41.683728Z","last_seen":"2026-04-06T09:48:44.63979Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/js/main.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb2ea8b17782bc25f136586cf9bfbc1a","sha1":"74a74649e82d684f2d9c4fa5b03214ea512c3934","sha256":"ba8b334c9a57119ba9643a6034378cc5541dce29d18f7ee9b8de5046798cd4ec","sha512":"2df32b122f07f3604c725f7c545472d9a595e08a72f34f867f0673a0edfb3b57a15f51e1e8c1a3c268dc87217a97cde15b34d8272544c00ba19ebb87d62a7af8","ssdeep":"","tlshash":"bbb0126d510c88725d3332244ce94154f524000734479101bc4c20135ff4800c2e8f50","size":118,"data":"","first_seen":"2023-03-07T12:23:54Z","last_seen":"2026-04-06T09:48:44.637858Z","times_seen":284,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/just-validate@4.1.0/dist/just-validate.production.min.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"713352ee6a16034c696a6e2785b92280","sha1":"6289cf9b1f0e775ad3feb36b0fcfe5af301a0e5b","sha256":"c08b11b232cea03b467d40d5b0990d7deaee04ae1de7af2d4eb94c3544b4c1a5","sha512":"8c42085cda5010ff9eb71174f3f5af3f94f276ab1b134241ed70cd37b3c8d7b8efc7a0899e964be8cef88474da2bee314158b86e45a64ecc0294f8dd628de2fa","ssdeep":"768:VkW++Jv/0btODUsl7dMrXfSCiwgRgpZ1UuVvw1CByfDwty0HD/h7PCByCrCagSZi:mCsRXaCiwgRgysnY3gSK6U","tlshash":"0ad2d606267109234dd94ae9e08b9543b3d1375da518a4ccf73dacfb9a8dec630937b2","size":28389,"data":"","first_seen":"2025-09-05T11:13:19.031002Z","last_seen":"2026-04-09T13:38:09.623952Z","times_seen":7998,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":true,"md5":"a5ac22b4769a4a20890a15187dec9718","sha1":"5e7f53621c343afc48b1d73997b6c6ee9265bba0","sha256":"d20d873088275e3bd44b953fa18f535368b95688ff19fe8bff25b014e4552759","sha512":"87c03dbe42138e09280aa092e27fb619f348c9b4aa5ac76da3211df2b653cc29118b099bed6391e7f91b807ae78204df19d355f12655eff9750f30dc0171995c","ssdeep":"","tlshash":"e9a00248502196441c3265f84217e35520d918277958c4aaf1ee82442b11383c2ba0d4","size":82,"data":"","first_seen":"2025-09-05T11:13:19.038911Z","last_seen":"2025-09-30T17:17:58.473822Z","times_seen":1319,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"openfpcdn.io/botd/v1","fqdn":"openfpcdn.io","domain":"openfpcdn.io","tld":"io"},"ip":{"addr":"54.240.174.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"234a8c1c15df9b03c65e9e14c82fc872","sha1":"e5ca36727846aede7dfbc07e88b2b025eb0cae90","sha256":"29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89","sha512":"9aeee4e620de49e0ed303917e9afc1806da0815896bc5feef3add9f89e0429678bfe0d9f0ad3fc940bd8e48f7e235e5c8d23463407c42b6fbc740b50c43a0b53","ssdeep":"384:/yKlnAKXPD899vDMKXExXI7EhgKkVGVXvPGt7MD:hfPD899vDMKHLVGVXvPGNA","tlshash":"bd62a4cef996b07553bb34a1503f2206b2362655745e84a0cf2bc2c16879e5ac23bf6d","size":15196,"data":"","first_seen":"2024-04-04T09:37:24Z","last_seen":"2026-04-10T12:44:41.308952Z","times_seen":12606,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":true,"md5":"41d3ca5bc39fdba48b5e6c0db52c7e1a","sha1":"3a20a6949e1fe331ba65a7be90cff19e72ea4267","sha256":"262d4d16bbaddf27125175b4096ed1f82fee2e6010b3749626749d7b6193ecb7","sha512":"d3e5454f541945870b5d8da97802533f6fd4afaac276de39eb0293d7901e6f86bfcd470ac9c8b719f85c012600d542b126e8fb6ec16776e7d4e8e284178c36bf","ssdeep":"","tlshash":"9d21cb5d6091707435f7b0b6aa1e62503133028f202facd2b9dc3305af39e0e0b83b41","size":1225,"data":"","first_seen":"2025-07-05T17:30:26.75814Z","last_seen":"2026-03-23T22:03:17.435522Z","times_seen":3562,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/js/functions.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":false,"md5":"6dcccbd48d18b4cf3b28e067d5b83e54","sha1":"fce6964bc69ac88585f074cd53c0a8741b9e8c50","sha256":"f0004cb110c42b83f161db74bddfc14795c861a66d4198b62404344d660309d2","sha512":"d1ed3740798c7febad58a6e577161b61e6a67ac0b31a7d5f3a21617698795d9c4361e5e5f6d4e9c36805d62d17164997f6d058100f62d60cbff9f749b7fad527","ssdeep":"768:EdDie4eF3d0ovtPSeW+a+IOtJajXLxeBB+IR9+lyVHrFH7bCpqSUQRwVeXSwOQll:ScOP3C7CC","tlshash":"10335305b2d8273a84d762d66035d448e3fffa34a712809935cc8796a49d818cfe6ff9","size":54490,"data":"","first_seen":"2025-02-15T10:03:41.689942Z","last_seen":"2026-04-06T09:48:44.635004Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":true,"md5":"1f3861bba67c4cd9452a024a920a03ad","sha1":"06f02b1fb3aefac8f46be90eda58f607da145348","sha256":"735fbbc6c03dbed0620de72ab489ff8c1c50d6c67f522b270ebb9840f3adcbd3","sha512":"0231911a982d2cf54523605d39a14cb830901e5184b2ca83c53bb39eda746fa9e68e01111eeb6f983b3a67cb5353373807596f78da092322cb9afd43e1bf0f8e","ssdeep":"","tlshash":"63817d902ded217b5ae4417cea6b62ad54812f135370448c3b9c389d314a9e9b6d9b30","size":3927,"data":"","first_seen":"2025-09-26T17:48:16.484445Z","last_seen":"2025-09-26T17:48:16.484445Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":true,"md5":"e7d6b85edb141824af8951e19333337c","sha1":"76600b2cb1978ca24d9fe39b1412f052da855ddb","sha256":"6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e","sha512":"caeece2e9f68aeb3ae0f077644afc417304c4c867674e779cc0acaa30e372ccf7cd42080fea47f986508082f15f7dfca6071def8dc77206af61167220c34c686","ssdeep":"384:JUr/AGPMPeRBiJRBxdMCD6AvSEzZMOC51MACXvAbXIORv1QpjXuBsb6ec3x7ZonL:JqAPbBRvB3ACfaYOTQpz0eEdAL","tlshash":"bed23a4d30df343a03a266d5212fe508b5795ec4700d4440eaba9a943df4eab627ffe9","size":30685,"data":"","first_seen":"2023-03-07T01:14:35Z","last_seen":"2026-04-09T02:01:05.404041Z","times_seen":8039,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"introduction_type":"scriptElement","is_inline":true,"md5":"15c68e7f6d8c95b693647a795bdf321f","sha1":"59a0ff67328c5148ff1078eabd58d10c9ef7d00c","sha256":"dcb062b1ab78cdbe580afa64059f6196e0de76234d4231b3da97f61f9acedd18","sha512":"3a69f8c647d8b4d47bd63acf26a212a4fd13ecad7b2606490e51837f2181d7bf592c40159773c11ce0d419f7c980d2bff2142faf4e2555713bf607d50563d756","ssdeep":"192:5pj5FsCEQ0p7/OorR28Bbp7AA1TKXjyLNLwzTLWI:zHup3Bbp0Ad9M","tlshash":"86e1dd9925f2616509bb70bc9fdf9224317a541f28899a10bc5c17d06facd3da3b0fe8","size":7300,"data":"","first_seen":"2025-09-26T13:37:00.928299Z","last_seen":"2025-09-30T17:17:58.47322Z","times_seen":176,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tdzebli.com/1/#JH-T2llA","fqdn":"tdzebli.com","domain":"tdzebli.com","tld":"com"},"ip":{"addr":"88.214.27.56","port":443,"asn":209272,"as":"Alviva Holding Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"081c57654359c9e98068f585d63f6f32","sha1":"daa034a3062372016572618110ae892e9ba48dac","sha256":"51d0aca0b92ffaf13ee49cad5f8dd0bda4352a93fbe614ab6b7c98cbe0ecaf6a","sha512":"26519650edf17286aae37d3228a06e5763fb338213e8062a76a3821b3ca0d113a817fc31418294609864e67ea5fcca03247151c52868fae66dfe29a513e86cd4","ssdeep":"","tlshash":"38211c671897002e2f93005e3b6fb6ab70a264272449f409b0ae8f2d1fd0e21e4b35dc","size":1243,"data":"","first_seen":"2025-08-26T14:55:44.85854Z","last_seen":"2025-10-15T18:50:56.022624Z","times_seen":2250,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/1.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/1.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":75150,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x839, components 3","md5":"e8943746c12957d0dc0f9ec4abd1ee3d","sha1":"d7e33946879c736e6ea7ae6f4c4380176a9065ea","sha256":"a282df185d1c32c2806d740f336da80eb651459db69e5eb6c2823416311dc3ef","sha512":"9caee607f396f9386b71fb8b846a39777e658b6ea42dcce2e9ff612cc16fffd7c29f630b98d0663ac3967f97e8e5f575181c8d61539b6e1bfa5215f4c0090773","ssdeep":"1536:RAkkge0ZB+SVeNNyMn6mFyUbTiyuUkf4KOnKphbHS8n:Rle0FUbTCanKHLS8n","tlshash":"017302632d1a07536a746e6e184f0851108ad576eb72ff980b09fb55e333a8073f19be","first_seen":"2025-02-15T10:03:41.679733Z","last_seen":"2026-04-06T09:48:44.63645Z","times_seen":70,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/3.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/3.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94276,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x887, components 3","md5":"f4bece559c90cd12ba805df5aa6fd617","sha1":"7c1148718e42dc958b9c66b001463168d702ef95","sha256":"4142c079abca6da9b90e7e3e0be7ca75b06e5ffbdc1bbf73fff2c30d7dba3d07","sha512":"3ecef4d12dff3db6cbe7d642d9ba4e2579c6ec4135dc1b99e470501ce592bdf00d3ac794aeeb9129ab8e541183cc10d0fdf59477b64ffc6bb4a72c4ec8dc97a8","ssdeep":"1536:8WlF4PdmZXH531lFDQTWQktM8inyFeFPvpR1xDi6m0I7Yu8xBqM2QkJSSVlZPj/O:8WJP31X8TWQc8yFex5x26Tu8uTVld/wR","tlshash":"d29312569ebc94ec5859452b9510a7003f0c61a3f9078ff82d6aadac2b9f54a4dc325c","first_seen":"2025-02-15T10:03:41.652208Z","last_seen":"2026-04-06T09:48:44.618592Z","times_seen":70,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/5.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/5.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49395,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x833, components 3","md5":"68879fbe12f2b0b66101f45d63617645","sha1":"cc0ad7541ecaf45fb4f94a7fdb34af84afb9ed35","sha256":"fa17772b48aabc7dda6386fb41e7451956fb6c0761cbf41834c5bbb66d50c493","sha512":"2c2888d75231da0afee657fc9e3a360cee7ceb8f1954b82182525d6d8becb82968b6809a1f93f37fa78d296d6a634c79832d9e7bcaee5484113e0c72111b3267","ssdeep":"768:125KPYqCBz3sFksUcEkUXM0iSvYpEhmqCAzZlzCOCYcs63id+v9CecXrJ:SKYbBY4XqSrhuAVNCGBU01","tlshash":"8623f25896cd886d3b79e26544d7a47aa030d26dbccec6f1c53c7045dd6c2b0a98e1e3","first_seen":"2025-02-15T10:03:41.65317Z","last_seen":"2026-04-06T09:48:44.633763Z","times_seen":70,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.tuscaloosaapartmentguide.com/MobileDefault.aspx?reff=https://tdzebli.com/1/%23JH-T2llA","fqdn":"www.tuscaloosaapartmentguide.com","domain":"tuscaloosaapartmentguide.com","tld":"com"},"ip":{"addr":"172.172.234.154","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-26T17:47:48.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.tuscaloosaapartmentguide.com","organization":"Litho Publishing, Inc."},"issuer":{"commonName":"Starfield Secure Certificate Authority - G2","organization":"Starfield Technologies, Inc."},"validity":{"start":"Mon, 20 Jan 2025 16:33:17 GMT","end":"Tue, 06 Jan 2026 21:28:46 GMT"},"fingerprint":{"sha1":"87:79:25:0C:54:6A:55:F3:37:D9:F5:31:2F:6A:28:2F:19:C9:3A:15","sha256":"D6:86:B9:4A:DC:D9:59:61:CD:60:46:01:0F:8F:D7:F0:C4:05:60:4C:21:0B:E7:4C:3E:21:41:E0:B0:06:16:CF"}}},"request":{"raw":"GET /MobileDefault.aspx?reff=https://tdzebli.com/1/%23JH-T2llA HTTP/1.1\r\nHost: www.tuscaloosaapartmentguide.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: private\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://tdzebli.com/1/#JH-T2llA\r\nserver: Microsoft-IIS/10.0\r\nx-aspnet-version: 4.0.30319\r\nset-cookie: ASP.NET_SessionId=bpsgrvvhepzal1zo1gckyxi2; path=/; HttpOnly; SameSite=Lax\nai_session=bb7de40f4c0040159d23b0eb095eb111|2025-09-26T17:47:49.2352756+00:00|2025-09-26T17:47:49.2352756+00:00; expires=Fri, 26-Sep-2025 18:17:49 GMT; path=/\nai_user=ba160df899784bc195920fec5f17981a|2025-09-26T17:47:49.2352756+00:00; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/\r\nx-powered-by: ASP.NET\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=0\r\ndate: Fri, 26 Sep 2025 17:47:48 GMT\r\ncontent-length: 148\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Microsoft ASP.NET:4.0.30319","description":"ASP.NET is an open-source, server-side web-application framework designed for web development to produce dynamic web pages.","website":"https://www.asp.net","common_platform_enumeration":"cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*","icon":"Microsoft ASP.NET.svg","categories":["Web frameworks"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]}],"data":{"size":1756,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-10T13:55:53.446124Z","times_seen":13580227,"resource_available":true,"data":null}},"time_used":747,"timings":{"blocked":265,"dns":37,"connect":110,"send":0,"wait":218,"receive":0,"ssl":116},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tdzebli.com/favicon.ico","fqdn":"tdzebli.com","domain":"tdzebli.com","tld":"com"},"ip":{"addr":"88.214.27.56","port":443,"asn":209272,"as":"Alviva Holding Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tdzebli.com/1/#JH-T2llA","date":"2025-09-26T17:47:49.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tdzebli.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Thu, 13 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6B:CF:51:C0:07:A6:AB:B1:31:F3:75:5C:9E:6C:A2:90:7E:9C:BB:DD","sha256":"FC:CA:17:A5:17:E6:93:7B:E9:36:BD:D2:95:00:67:38:12:F3:92:28:5A:4E:21:4C:78:B4:08:37:F0:13:0F:FB"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: tdzebli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tdzebli.com/1/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Fri, 26 Sep 2025 17:47:49 GMT\r\nServer: Apache/2\r\nContent-Length: 315\r\nKeep-Alive: timeout=2, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-04-10T12:44:41.310988Z","times_seen":144002,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.756Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/montserrat/v31/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://befjajh.flirtosmart.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18780\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 26 Sep 2025 17:46:12 GMT\r\nexpires: Sat, 26 Sep 2026 17:46:12 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:09:31 GMT\r\ncontent-type: font/woff2\r\nage: 99\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18780,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18780, version 1.0","md5":"e7198b2dcb57c0193b0e9765353994ba","sha1":"6e2658ad73dda183d4fa2979809a73a0c29d21c9","sha256":"e66bcd2761ab6924b25ce70dafe10e57a39193c4fea1516730bd9cb5240af6c8","sha512":"01054290f69d0e4232687f67e5d2522f186f87fe833bd1b13016d0e79a1159c49e767a5c6e9c61f9b3fea0c27df2194011bf46d6f6c1ee46d1f4313ac1950f9c","ssdeep":"384:pJOL4DxNfzRV4g4Miv8HlK3z114ow92D4bH7CxPhdWS6UJ836u8K+ylyr:p5P8Mq8Hlqo92D4vOPhdWSL+qu8Kqr","tlshash":"ef82d0ec209846f9fc0a6e97dfc49bd522430cbd87166e3093ab0dc84b875a4d667693","first_seen":"2025-09-05T00:54:05.741935Z","last_seen":"2026-04-10T13:55:48.763153Z","times_seen":29493,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":82,"dns":0,"connect":16,"send":0,"wait":17,"receive":4,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/2.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/2.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":63662,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x843, components 3","md5":"d78677a7b717123ad8cddf0021ce0496","sha1":"ec9ae258a7d416c9a4cede9b37b9fe71325d5ce9","sha256":"3b2d19b416dc15106bbf10ecd1234fcf359a0fe555c9d4dd7fe10dd7a65b3334","sha512":"18a378ba752b9900be3e5d9153b3398fb622e9d4d9578d08bbe9f4434f7741b7db2fb4647aa050ccc8d03b3d587e00f284b0478fe50d68c3fca4a8dd8c4591eb","ssdeep":"1536:qxHKqjTJvZ6iOWMEaeNG2v19Q3wXnW4zhFw:qx3vhOWJGUU3wm4fw","tlshash":"5353026d6b455d8cc72403765e2f303e8968382ea7e108f90e8c3673bbda1274d467a3","first_seen":"2025-02-15T10:03:41.648992Z","last_seen":"2026-04-06T09:48:44.631423Z","times_seen":70,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tdzebli.com/1/#JH-T2llA","fqdn":"tdzebli.com","domain":"tdzebli.com","tld":"com"},"ip":{"addr":"88.214.27.56","port":443,"asn":209272,"as":"Alviva Holding Limited","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-26T17:47:49.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"tdzebli.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Thu, 13 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"6B:CF:51:C0:07:A6:AB:B1:31:F3:75:5C:9E:6C:A2:90:7E:9C:BB:DD","sha256":"FC:CA:17:A5:17:E6:93:7B:E9:36:BD:D2:95:00:67:38:12:F3:92:28:5A:4E:21:4C:78:B4:08:37:F0:13:0F:FB"}}},"request":{"raw":"GET /1/ HTTP/1.1\r\nHost: tdzebli.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 26 Sep 2025 17:47:49 GMT\r\nServer: Apache/2\r\nUpgrade: h2,h2c\r\nConnection: Upgrade, Keep-Alive\r\nLast-Modified: Tue, 26 Aug 2025 14:41:22 GMT\r\nETag: \"6dc-63d45aa738880-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding,User-Agent\r\nContent-Encoding: gzip\r\nContent-Length: 701\r\nKeep-Alive: timeout=2, max=100\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1756,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"9e59d2085fbd522816ad5070068cdd43","sha1":"1ba814b9d1fdd9a50851cb776bf7b11d1a12d660","sha256":"e8ce51106238701772193096dc28a411356eb152398117fc3a00e56adfa49569","sha512":"6d9ec1064d89a4d1b1129b067a260466cbd2cf8b6d028bf276629456527e5df48a2a45867835ea6fea4ab4edb947fb704c683246b7eeda12a824f48814ffcc08","ssdeep":"","tlshash":"7531535789c9045b6a730139f7b1f3a7f4a225231681f118b09dab3a1ff0e40d863ac8","first_seen":"2025-08-26T14:55:44.850355Z","last_seen":"2025-10-15T18:50:55.962421Z","times_seen":2250,"resource_available":false,"data":null}},"time_used":326,"timings":{"blocked":141,"dns":0,"connect":45,"send":0,"wait":45,"receive":0,"ssl":94},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"tdzebli.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"openfpcdn.io/botd/v1","fqdn":"openfpcdn.io","domain":"openfpcdn.io","tld":"io"},"ip":{"addr":"54.240.174.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tdzebli.com/1/#JH-T2llA","date":"2025-09-26T17:47:49.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openfpcdn.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 27 Nov 2024 00:00:00 GMT","end":"Sat, 27 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"DB:8B:1E:08:FC:EE:6F:56:28:0B:74:80:37:E0:DE:69:D3:59:96:8D","sha256":"C1:3F:58:99:2C:D2:A0:B9:C0:DA:6D:01:AE:FD:93:AB:09:79:09:0C:A8:0B:EB:21:23:E9:A8:78:90:96:EE:55"}}},"request":{"raw":"GET /botd/v1 HTTP/1.1\r\nHost: openfpcdn.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://tdzebli.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tdzebli.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: CloudFront\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\ndate: Fri, 26 Sep 2025 16:46:01 GMT\r\ncache-control: public, max-age=624733, s-maxage=10758\r\netag: W/\"5co2cnhGrt59+8B+iLKwJesMrpA\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: 2_H1fVfR2bZetPI2Z8UUSW1vWaE8kOJIcxLSkCfwnqKRvKFMvDq2zA==\r\nage: 4189\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15196,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (15005)","md5":"234a8c1c15df9b03c65e9e14c82fc872","sha1":"e5ca36727846aede7dfbc07e88b2b025eb0cae90","sha256":"29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89","sha512":"9aeee4e620de49e0ed303917e9afc1806da0815896bc5feef3add9f89e0429678bfe0d9f0ad3fc940bd8e48f7e235e5c8d23463407c42b6fbc740b50c43a0b53","ssdeep":"384:/yKlnAKXPD899vDMKXExXI7EhgKkVGVXvPGt7MD:hfPD899vDMKHLVGVXvPGNA","tlshash":"bd62a4cef996b07553bb34a1503f2206b2362655745e84a0cf2bc2c16879e5ac23bf6d","first_seen":"2024-04-04T09:37:24Z","last_seen":"2026-04-10T12:44:41.308952Z","times_seen":12606,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":33,"dns":8,"connect":11,"send":0,"wait":8,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/s/42cf1c2250951","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-26T17:47:50.844Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /s/42cf1c2250951 HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nset-cookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm; expires=Sat, 27 Sep 2025 17:47:51 GMT; Max-Age=86400; path=/; domain=flirtosmart.com; secure; SameSite=none\r\ncache-control: must-revalidate, no-cache, no-store, private\r\npragma: no-cache\r\nexpires: 0\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]}],"data":{"size":48847,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (30569), with CRLF, LF line terminators","md5":"81872e48ac1031fbe769e849352467e8","sha1":"5bf9e88bd50ade102bba3a243cd58c048b6c67d9","sha256":"5a8b5a05ef4cc78e66fb888b8903d2ac55bfb4bd5e7041c3223684db24955d1c","sha512":"82e9feb67e8e3c47f00e82063a2cb6929d0ed42b432043e5409427770f7e37955dfe86c85676dc39e5c4eb4a8b81317d08a1483cf4a060609ed24d6cab151128","ssdeep":"768:nAr4n25qAPbBRvB3ACfaYOTQpz0eEdAQHupxbpRA:A82ZVRvB3ACfaYT0eEBHZ","tlshash":"ef232a5830da343602b361e5263fe208b5b94947710e8840bafd57c52ff5d6aa27bfe4","first_seen":"2025-09-26T17:48:16.451565Z","last_seen":"2025-09-26T17:48:16.451565Z","times_seen":1,"resource_available":false,"data":null}},"time_used":831,"timings":{"blocked":301,"dns":63,"connect":115,"send":0,"wait":229,"receive":0,"ssl":121},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/css/style.css","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/css/style.css HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: text/css; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9186,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with CRLF line terminators","md5":"529b9124b797c96a9aa64e2697168364","sha1":"0b94035418900147b7c9676a133f5ba2793dd0ed","sha256":"7b91a772388cf0d234ec979c943d05e9efe129f3bee7c673db8cc05d995934de","sha512":"7d7352b86c34eecde13858ec4bfcc6d21d33e84caafdb837676c31d7e31ffc1559d70ead757045d5233609336ff1e983ae3f857660c955912b5d6e5a3be364c1","ssdeep":"192:ttwMo9GLX7mJiDPcVzBnVcxtxYCsv3EZmzVAxdtV3:/w19G6ijcVtnVcchVAxdtV3","tlshash":"ad1218245627208f9303eba877f05b799ded50609f1b016db5d2761583ce5f43aa32ce","first_seen":"2025-04-20T10:32:14.623143Z","last_seen":"2026-04-06T09:48:44.62295Z","times_seen":69,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/js/jquery.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/js/jquery.js HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85578,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32065)","md5":"2f6b11a7e914718e0290410e85366fe9","sha1":"69bb69e25ca7d5ef0935317584e6153f3fd9a88c","sha256":"05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e","sha512":"0d40bccaa59fedecf7243d63b33c42592541d0330fefc78ec81a4c6b9689922d5b211011ca4be23ae22621cce4c658f52a1552c92d7ac3615241eb640f8514db","ssdeep":"1536:EYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a986:v4J+OlfOhWppCW6G9a98Hr2","tlshash":"1e83c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-10T13:53:56.275171Z","times_seen":269875,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/7.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/7.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":51232,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x825, components 3","md5":"38d60e2ef7e371bff74a4eada91eceb2","sha1":"596e707439e3bd194bee0133c15369cf5720663b","sha256":"e08a083735becb3678d6bb75340c81c31c8e412063f00171419a5091817157b0","sha512":"5929efd6397b5ecc46957f1b063f83e9314ed6d6e20fe2eae7d747ff1b0beb38a446f77eddaec511070ff5711462ca4504f0ef68e1d2cffa87f87cf1f2e65481","ssdeep":"768:4uZu7mpZPuMlHyfwdliYQoeH2aZdOT2mJiVd1cBQK+as4Fr8lpCHbAV:PMqPTHTnAH2mUiVdwX+OFLHbG","tlshash":"9133f136ea591727d23a79620a3653e4e64dcc6eb8dc3dbda08eefd5d002ac00575019","first_seen":"2025-02-15T10:03:41.680735Z","last_seen":"2026-04-06T09:48:44.626967Z","times_seen":70,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/8.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/8.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":46067,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 531x730, components 3","md5":"489b2d96433c566d2ff7a216db99a194","sha1":"b918020ce62b7601adcf09c4105e6fbd9b5f5758","sha256":"1e4b1812bd0d29fa2728e06e52bad95b21e571276adbf5d4e4b0a37ddf0c9f63","sha512":"601f6843931105ccb3231e4994937f5deaaaa0216ba6ea08769999ad97e5ba082adfee920d9fc2397c8b558130acd737f95061de34f32a331d88760bfb17eaf7","ssdeep":"768:uA8IhOWVLkzYmN/YsLbtlOHyzR3lDSZHV4GgQS2UoQWivfboCrxRRQitzts09:d8apY9pdLyytRE3N3PQWcNRS0b","tlshash":"e523024825fcdcd4ad6210561b13d1d6c249e2cfa063b673a6ed780a1b9e5938d50cfa","first_seen":"2025-02-15T10:03:41.682397Z","last_seen":"2026-04-06T09:48:44.632233Z","times_seen":70,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/just-validate@4.1.0/dist/just-validate.production.min.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.1.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.444Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 10:31:15 GMT","end":"Sun, 23 Nov 2025 11:31:12 GMT"},"fingerprint":{"sha1":"77:EF:87:8D:9A:D6:8C:EF:F9:8F:05:89:BF:F2:6B:C2:CF:78:19:EF","sha256":"3C:23:A9:CF:90:2C:6B:74:27:D0:FC:3B:92:A8:A9:AD:66:5F:B0:D4:DE:28:80:4D:49:D0:4C:22:AE:D2:F3:90"}}},"request":{"raw":"GET /just-validate@4.1.0/dist/just-validate.production.min.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\ncf-ray: 985496be9b5b0b02-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 42015\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 26 Sep 2026 17:47:51 GMT\r\nlast-modified: Thu, 04 Sep 2025 18:07:59 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncontent-digest: sha256=:wIsRsjLOoDtGfUDVsJkNferuBK4d568tTrlMNUS0waU=:\r\ncross-origin-resource-policy: cross-origin\r\nfly-request-id: 01K4AYKYJ8CZHGB7GS0VB37ANW-fra\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}],"data":{"size":28389,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (28388)","md5":"713352ee6a16034c696a6e2785b92280","sha1":"6289cf9b1f0e775ad3feb36b0fcfe5af301a0e5b","sha256":"c08b11b232cea03b467d40d5b0990d7deaee04ae1de7af2d4eb94c3544b4c1a5","sha512":"8c42085cda5010ff9eb71174f3f5af3f94f276ab1b134241ed70cd37b3c8d7b8efc7a0899e964be8cef88474da2bee314158b86e45a64ecc0294f8dd628de2fa","ssdeep":"768:VkW++Jv/0btODUsl7dMrXfSCiwgRgpZ1UuVvw1CByfDwty0HD/h7PCByCrCagSZi:mCsRXaCiwgRgysnY3gSK6U","tlshash":"0ad2d606267109234dd94ae9e08b9543b3d1375da518a4ccf73dacfb9a8dec630937b2","first_seen":"2025-09-05T11:13:19.031002Z","last_seen":"2026-04-09T13:38:09.623952Z","times_seen":7998,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":14,"dns":4,"connect":2,"send":0,"wait":29,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/js/functions.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/js/functions.js HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54490,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2374), with CRLF line terminators","md5":"6dcccbd48d18b4cf3b28e067d5b83e54","sha1":"fce6964bc69ac88585f074cd53c0a8741b9e8c50","sha256":"f0004cb110c42b83f161db74bddfc14795c861a66d4198b62404344d660309d2","sha512":"d1ed3740798c7febad58a6e577161b61e6a67ac0b31a7d5f3a21617698795d9c4361e5e5f6d4e9c36805d62d17164997f6d058100f62d60cbff9f749b7fad527","ssdeep":"768:EdDie4eF3d0ovtPSeW+a+IOtJajXLxeBB+IR9+lyVHrFH7bCpqSUQRwVeXSwOQll:ScOP3C7CC","tlshash":"10335305b2d8273a84d762d66035d448e3fffa34a712809935cc8796a49d818cfe6ff9","first_seen":"2025-02-15T10:03:41.689942Z","last_seen":"2026-04-06T09:48:44.635004Z","times_seen":70,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/js/main.js","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/js/main.js HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with CRLF line terminators","md5":"bb2ea8b17782bc25f136586cf9bfbc1a","sha1":"74a74649e82d684f2d9c4fa5b03214ea512c3934","sha256":"ba8b334c9a57119ba9643a6034378cc5541dce29d18f7ee9b8de5046798cd4ec","sha512":"2df32b122f07f3604c725f7c545472d9a595e08a72f34f867f0673a0edfb3b57a15f51e1e8c1a3c268dc87217a97cde15b34d8272544c00ba19ebb87d62a7af8","ssdeep":"","tlshash":"bbb0126d510c88725d3332244ce94154f524000734479101bc4c20135ff4800c2e8f50","first_seen":"2023-03-07T12:23:54Z","last_seen":"2026-04-06T09:48:44.637858Z","times_seen":284,"resource_available":true,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Montserrat\u0026subset=latin-ext","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css?family=Montserrat\u0026subset=latin-ext HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 26 Sep 2025 17:47:51 GMT\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1866,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"bd8eb785552dd14048bc05a0caeb4e53","sha1":"2e4baf02179f4413cba26cab547282e82d40ea0c","sha256":"3e4fc43d2973ddc920952f6c69750e388386b105591ae0867b600561ab37a2af","sha512":"8108e1541230f771d159544bc4cb927706064f6e6423b17aecee27ccdd236eed61d950672ccc92fba4b8cc5eee479692b98aa3970e1f52168e8b96cd952ab0ba","ssdeep":"","tlshash":"26319b411216e900a7431cca23ce7d26ce8e626275a0c47abffd5ca8ade5c261735b6d","first_seen":"2025-09-05T00:54:05.746777Z","last_seen":"2026-04-10T13:31:52.517301Z","times_seen":14693,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":109,"dns":0,"connect":15,"send":0,"wait":34,"receive":0,"ssl":91},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/favicon.png","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/favicon.png HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/png\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"ac8f9e2258011312bddde9065ba3bacf","sha1":"dd638f6aa65cbaf1e5579bac1dacbef8736a68e8","sha256":"ccbbc984010cbbe821b1237f0bf747d8ae0f064ac9f525f0ec8623b4033b81bb","sha512":"9aab4e747970e615b514bbe8a5f69c59cdabdfacab49def69975964545f74b5722fe0818bd04f5b864e1d97408cf92a64860733ed7aaa7b0a00027767b625f0d","ssdeep":"","tlshash":"1d21b7ffd600869b2df57f6551c8f8edb8a1bd4a879fad320090204c281556a1ef93db","first_seen":"2025-02-15T10:03:41.661625Z","last_seen":"2026-04-06T09:48:44.639224Z","times_seen":70,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/4.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/4.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73889,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x855, components 3","md5":"1e13113abb8ed60758dbbf1627dceedc","sha1":"98a661e0b7ccbb72f3fcf9d5c3df3d5c73aa5f8e","sha256":"572a0204c71586eb128529db03145d40476bec51ec4f0b3f443a7605abb1560f","sha512":"58880ded33e4115cddba514e86f9ebac274de95569d5a146a1febf8eab66c1550e33dec0bf04f9c5a3e7dd755e544079f3ed8a80a06567c8b89e9d2b03e2ebf5","ssdeep":"1536:R5GJMkCjBEld4v+2OnW/zrYg3XSGGrDDa:RuYAWnYg3XSGj","tlshash":"3973124e4920db9ded979079e209808862f0c26ba5e6deb1f030e92c4d476e7357c66f","first_seen":"2025-02-15T10:03:41.659061Z","last_seen":"2026-04-06T09:48:44.632972Z","times_seen":70,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/6.jpg","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/6.jpg HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/jpeg\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":61628,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x747, components 3","md5":"1e3b5be57dd414ecde44b4a94699ee9b","sha1":"282d87f13976ce06dc09965c11551f88b1afd0fe","sha256":"120be8d001981a0e48f0fa6cd63402b617e9d798486a09bec3d84ec002a220dd","sha512":"6d27958cc22f3bd3957cfc0577c18f5c757069a081bb27c0dac3276bb21f30614d9f1ef468bcf41854cafb9a6506ecb5c8b23d8751fc8c8b9fbd88e7970041d3","ssdeep":"768:W5v9ZKX94vAI9Rj5X2auRSZYDfp8EdQXn+kmLEXFO/PHWUhJf94AluRuIQCny:WVXKI5Rjl21sefp2YaFkNHfDj","tlshash":"b6530115e32837f7c45fb06d179d26bbe64b9ea76643302611902a261930b37c88e67f","first_seen":"2025-02-15T10:03:41.655524Z","last_seen":"2026-04-06T09:48:44.637155Z","times_seen":70,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":340,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"befjajh.flirtosmart.com/bundle/128/assets/img/inspiration-geometry.png","fqdn":"befjajh.flirtosmart.com","domain":"flirtosmart.com","tld":"com"},"ip":{"addr":"149.56.106.131","port":443,"asn":16276,"as":"OVH SAS","country":"Canada","country_code":"CA"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://befjajh.flirtosmart.com/s/42cf1c2250951","date":"2025-09-26T17:47:51.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flirtosmart.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Sep 2025 15:51:39 GMT","end":"Wed, 03 Dec 2025 15:51:38 GMT"},"fingerprint":{"sha1":"72:A5:5D:EF:6F:72:25:F5:A5:48:90:33:1C:43:68:A2:0B:FA:D1:45","sha256":"AE:EC:CE:D6:07:C0:01:51:F9:F0:94:E6:33:9C:9C:D5:A7:4F:09:F9:9B:7D:12:81:D2:9F:CE:C5:CA:EC:D5:E1"}}},"request":{"raw":"GET /bundle/128/assets/img/inspiration-geometry.png HTTP/1.1\r\nHost: befjajh.flirtosmart.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://befjajh.flirtosmart.com/s/42cf1c2250951\r\nCookie: s=l17NnKFCap7gp0SsW1wdFbl8EW9CIHj%2BoI9keeN2%2FpnTMspH6jWFdtbQ%2FnIxDssFZrKBN4jo87RN3Mc5L%2BLWVyB%2BNvShHptb%2Bxe4T6QKZU0S6w4EBo6Wggdn0czk0la67qLnnINeQu3Pnpx%2BANGUvVhx2FIDBy22RdMOYqG93JwuHaWZi4gbG3hHq9ACtOfHosJ0qIOH%2B0lq4xyPa9yIde4hKTZrS9rzRBnzxY3eKLLWiMhbZOXm2twblTc1ET9M1cvNc3QInEIhPdMOhQGfmJak0%2F0QecKbw4RVJjO9ilsBLxNXuOf3e2JGIKb7qIHeMkHixoCJnlVrwVv2TdGfmjrZq9wCUJUYrg9qbjKNzmoUlekYjfmxpCsbusCkdcD7Pze9R2oXO4gyFdUcOPveS6jtEHRv0ii2lgfbUTFyQgnfIDfxtLESgXUdYlN7WEcvNWgUs2jviWCJKRjbEVenIj5KMWqeHXwXEpY33g%2F7n%2FBajRUvaXBQhVQG%2B1THWsr5SpqX5VwAPA0c%2F%2F1mlc0lcz%2FaXxuaCdCtR5D4H7ENQZgWB6yPRP8FBlsH4styiPNv5nZKGgxrO05FMQQXQUrNhqN5NErFZfzVnXNQzkY4bu74SEQTw6MbCERNpLsYuwAniuEBjSBzntrGIWPRgFhKl305hJljOmJz%2B9okfIJvI%2Feh%2FozbLRgvlNMU7rfS3QbB5JIPdGRU%2FwrREukkdlFezU0HiXBt08Xfk5HLmq0i4X69bKnEaOfSqjTlFl4W%2BJDMXHvKviW5jkp8KVDu%2BMceC%2F%2FMbSXgVhXr0Loydg21usjOa5qwzLyks6SmnWrJHBNaYBXZxzBKt9DKr3r86COEp8ieZQbjDX58g363wEruRx2IWyIxHdHrCvjMWFumrJvaOM11IiX5lcwvRGEdus5j%2Fr0zNTWJyDVknsj1ZuAlq4reS%2BpAdCxKvS7J8%2FGNVBsYJrKqbhlyws9sU%2B3bKZi4DPBwz910HMC2WxDweqFGI3eyVAL9O%2FjDLpRT2K7fGLOS76Z%2B6OxRiQacz9jQxsolkiiwhVdrtaej1RTQfrZJ4qAobVNLE27yfLoE1D5na1vMmbXmcLelb%2F%2FyMZDlNEsg1KDzN1nE4HHPOl3pA370SyU1KIbmT0lS93SVVSOsvWI1ng7eEAftIFF2AA8IVDHloFbj%2F9rtMWSaPDG6GBmsnoIpy0RcQDqM9Na07182B1KDhrChPB0FM58gYjiltfAsTBIaPRGGvP1izrk2zN2sfxn%2BhYjPek4svJIaAOJ4nsjTvBEoNjnoBquF9SzCABs%2FJ%2B1ScGxYRxVOKmJ8J7yiNNdWbbsb4Dt%2FQps%2BMVC5U2b0gkrLIJWoqVC9nxBpirAbyvVuoAkie8IGJnL1vrw0C%2Bg5sgbLfXoFZbPrZm8sHseuUviR10In1SMDtnz%2BJ3etRTB3r4ybjBqbb1chXe28wpqsO91oXpKcTM70%2B%2B04HMXm%2FvsERiO429BOTs1WX6BFGm5Iet8G0FPurHnd0npUetVz6TW1nY2Uaq8GN3pQw2HtdhVVDI9rCa7O2RUDy6n8b9fZfjXru0ToY35nreNVjzEDEDNFmZAtvL9Zwk7m%2B55ItjDTR00ljRFU%2BnYCUkCfi4cSOUtWJMfWXc4T3IIIINogCcfdr4%2BKaN%2FZErh%2BZrnmp7HjftNb73zkbb2%2BCf6S3qkVD4eMJS6BsFJX2LJkrdzUomDgcERf%2Bc3YFnpYQbfLFwm7Zq2jYIpGAbHHI0Y1pGMk%2FBrpP07s6pDOOrYTWtCR3peZdIBGCHjXC9BcquuiQ1ZTen2Rqo6mal8gUE3BlDgA%2BHUYQ0SFTNrNs2rZRUnk%2BndyOWcKxO3TBdwZPZIDZRZ5cZeJ0LV8NxjZ7O37eYZbAYxe%2FFZF4JfPICHyMbAR77lSEEhyo2PDwhFYR1DLu78nKqeIFp%2BpyOn3kgUBoGIzfbGSA8t94vx%2FmYuAMlCMAFFGLr213bMhzx%2BCpVTI65CxnwZix4y0QwBxTOBVA6rwCWPbwsxwG9agNG2%2F3SU32RacRjKELx1%2FNYaTAQbNWc0%2BrHzt2p85Y3fnPt64oQJVdfFM6wwbNuDkmfuh7a3BnVNjdXAHaZIaNykPKLPQmDjTuQNBTHDMHY95UgUUS0a8m9nbylpeP2xT5vqjEmh71Y%2Bx9Le9EZHoi7T7JJeRmkbMF78aEypNK66M9ug2jGoKfJoNTb8SlcfdQaJkXa%2BySw1PfQBasHqoWgni8IWOjBswhiQ3Anf%2FchbZF8IJa%2BszRLsEGGtfqxbABci1GU1fg8vig4Iq8W5BKv4P9KU288wgLLJGKNb3eVnkTIJ3egcXVIda%2FPVjODvXSzI0TfTsHAe02iCSK5anJIEHSFJwzblB3kGIndV22o0iOHXbFBOMODNPGDuUm9N0aTawS6hhXfjswn16Fz%2Ba8E06KTNM%2Fwa5r4WzldLa2gDMX%2FVuadqV5t6VLl7AvsN9dW%2BnwEgyuvXIQf%2F9lmqRdkTsTksHRQMPHJ%2FdZEwOp9CB095DaZ7obCLesGfpkEgmaY5edVZw%2F9mmQvHBpeMKmB5WsvBvxBCY9Hp94YVPu9g1BdzwmZIFyXEm10VAXCKEoQDCUYdkEJ46BI51qhUij5tl4XK8LnhsqUzDwEWqMl4oe6bkUCrsIJCs3v04u0b85i%2BrX8LNXY4djljyMeqNMS7%2FoXUEC8LXE4Sa7dqOTIX451%2BHhJydu9wu5oFI1vvIwwoE8nv6nom6GjQ4lYBRAI%2FU6fcb5OtjZMHrt0Uw%2Ff2qcKmNG8JqFYHFmceRhhp8F5Si3TJbLWy8IE2M%2BzpKYDb7LeJHKUIb2cK7ZExinAHlN53dcw%2B%2BoHXwhm1zOCbDBFfrx6%2B5eyMo4Yh5n%2BGA7n0EbCRpqcTTglAWZB0maR6dumybBTgIiscCAKF6J2yCeSiJtU3PRkRbVdZ6FbeLIRVQ9XkrR%2BnUFg42rZcbXFBPjQtRJ1PC%2FH5VMs0iuIod2QjDHBN%2FxQP865tjhGGR9hzRam1JJWCeqhCP2UYPJTv13aksssD40SZ%2F0eIA3Y4y35y4sDju6GzFEcrqjyr%2BBc%2BfzQ27EwsI%2BFcnE891g4WGdJkPK%2B%2FftU6X08r0a50citzbg2BYooDr2s5eenCtFfEpE35AQICegqCMcGakm7MbZC43UdOdd5euqKfhwkky2vPyYw5zJDMOlHpSVZ3rGiyg4GtVMn61mv05jDHfdKEE%2BfA4dmnre%2Fs8fnPH35Faln%2F%2FZhFtGbS9jt9eEuiNRHKpKHCv6tmgbgRSMLppp8Ud53FUmlUu3I2i0yOnr10amYDQGFkFfWGFgoNq5A6yFdnJ%2Beybl9py3nNOQQtxA3gYV6KiqabtSkpJYd%2FC9kv3bkXOiZwT67AMTeJoLCuyqQ7aOIeFwF0yqWLd4VWVtm2KVvtAMMiKRpQNmN2B0NqHa7cl7WxYwZsXnMlMEj7%2FjaTduT6n7gJQJXq0MyliamnlQWEkuIFOvKI6SjeDNhOJXsmQfI%2Fybgy7P3b7nrfA4JHSciiMldN7JknHM%2B06mp6T7VBITPVPIc7KIV%2FqKuGPKOGmz3%2BvvyvIx5WF89PgDE%2BS%2FBQ%2BM9HFj4pAPvNvKpY2GpA27lUlYQYkaPIIn3BXFcr3P470PxmcgjbKw46c6SObSFUWDJJOhu7OBgtwkVRNwysSUN8lyBogPxmtp1LKu1nvfIP7uFn9VFcfMRhVc99UcfRMvSqkVU1l0uAi9OgyaHaUDhh5HfrQcPmI0vlP%2FzL52sxNg2KdvXnp%2FZ%2F48R%2B1PXkAjDi3mtLMEEoKoPjf4118T%2FkrDsLwNA97kj33BLIf55XlbHDi4srLPiHID1OqE7pOPDm5075YuZOoOKTqdunuiuKm\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 26 Sep 2025 17:47:51 GMT\r\ncontent-type: image/png\r\ncache-control: max-age=86400, public\r\nx-cache-status: HIT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2392,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 412 x 412, 4-bit colormap, non-interlaced","md5":"a9a1082cb0c1155aba048b1dcc9297ec","sha1":"c42dfd3a4804f39d507b9259d39ad551912aff79","sha256":"e6d012ee6e4eb2dd4bb8c9b19b0ec6b3d36aded7fcbe2c7f6be94ae09f878766","sha512":"bd942d3880165d3ca2427696047635651f6d0e89f34a1c184a7c594b60ed31e9f0a798684934c67ded25f1a61e10d99510651af271041603dc4e665a33934cd9","ssdeep":"","tlshash":"5a415b85c7959dedfac3363021bb3a6843ae05ce9d105974020b6531ee746473c8a253","first_seen":"2025-02-15T10:03:41.659975Z","last_seen":"2026-04-06T09:48:44.628795Z","times_seen":70,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-26","alert":"Sinkholed","trigger":"befjajh.flirtosmart.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}