{"report_id":"e37f6803-e765-43fc-ae1c-f23abcb62050","version":6,"status":"done","tags":[],"date":"2025-09-30T15:55:05Z","url":{"schema":"http","addr":"druszczpiekarnia.pl/join/3786","fqdn":"druszczpiekarnia.pl","domain":"druszczpiekarnia.pl","tld":"pl"},"ip":{"addr":"104.21.21.239","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/gaw21lf","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"title":"Are you looking for hot dates in Oslo?"},"submit":{"url":{"schema":"http","addr":"druszczpiekarnia.pl/join/3786","fqdn":"druszczpiekarnia.pl","domain":"druszczpiekarnia.pl","tld":"pl"},"ip":{"addr":"104.21.21.239","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-04T15:55:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"bigdatajsext.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"xrbpmr6tj.romanceswoman-romance.com","ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-12-13","domain_rank":2735084,"first_seen":"2025-06-08T18:54:01.591544Z","last_seen":"2025-09-30T09:22:27.35327Z","alert_count":75,"request_count":25,"received_data":1137926,"sent_data":13850,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"druszczpiekarnia.pl","ip":{"addr":"104.21.21.239","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-29","domain_rank":0,"first_seen":"2025-09-30T09:22:26.622472Z","last_seen":"2025-09-30T09:22:26.622472Z","alert_count":0,"request_count":2,"received_data":3267,"sent_data":998,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-09-28T22:11:39.889585Z","alert_count":0,"request_count":1,"received_data":20301,"sent_data":510,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bigdatajsext.com","ip":{"addr":"136.243.216.252","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2024-06-21","domain_rank":607875,"first_seen":"2024-07-01T12:08:48Z","last_seen":"2025-09-26T11:52:39.010873Z","alert_count":1,"request_count":1,"received_data":753,"sent_data":544,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"jupantofle.pl","ip":{"addr":"172.67.156.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-28","domain_rank":2833644,"first_seen":"2025-07-31T14:31:44.89771Z","last_seen":"2025-09-30T09:22:27.095377Z","alert_count":0,"request_count":1,"received_data":7891,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:5.6.40","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/bb.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d553e4bac91c74bfee2dbabba61e99e","sha1":"5af71e2377c9c012a7826a695f2724901941b19b","sha256":"1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68","sha512":"105e5b23733e7bb443ba2080d606c2814b0acd2aaf228467d2ce532ff2f2ec0b292f8eb5189a24cd9f79b69a7e983b176dbd29e2d539dae7ca443821084f2894","ssdeep":"","tlshash":"c5f02d81bd1878f685cf3355871f2230903f08dd720ae982a8a46e622e2038dde1b7e0","size":639,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.592645Z","times_seen":13211,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/js/trls_loveme_casual.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe9bcd27c507ed339bb6e127e0ba5a9e","sha1":"d42529b16b5385bf270678bdb5afc4dd62a0333c","sha256":"438d3925fc872661a31e1f5b8ddd550e8c5b2113cfd23ed7e9a727bf4ff26969","sha512":"913673007b15c5a0d0401f91fe03d3a1f0b1199c7d84c84893f738e115ad2d1993aceefed3462346f0597dddac69b246d8d908b8d99b2026b91bb4da5b54311f","ssdeep":"384:SCOCsgtymBJ+Qx79dHbubiNP+ypBP2AcqYCOr3Cf0:rfsgtyM9bP+oRK","tlshash":"8d624e7bfb8f44f9fad023409672e902a41df1bfc399e069356e54aa1191c1482af58b","size":15968,"data":"","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.886522Z","times_seen":1857,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/gaw21lf","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"db729bd514a0007c066008ad877bc973","sha1":"9309d3e99cb92ecb72b0d8982c4f434328730940","sha256":"45f3a3924d295750da2184ab3e621b3a126b14ab7cc465d4c26ef4b83c6ca401","sha512":"4016377b48e8c6231ea91609766776c63e79e3baf14759e03ee057f9aa848615ed35e269fa7f60e0ace610284efa834768bf5f9bc1cf171c1f5a5ca5b50b1312","ssdeep":"","tlshash":"63f04c942c1a7d1a9f6ed1eac41fd44321e164dc909de5c64107cc04d150a6870c48b2","size":592,"data":"","first_seen":"2025-09-30T15:55:08.731737Z","last_seen":"2025-09-30T15:55:08.731737Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/gaw21lf","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4413aca8d7beaf1ac99bfb95e960f845","sha1":"fd8b0e3b77a20b3936c529d87c0f56d90ddfe007","sha256":"a228644d318feff53bb898889a4da7bd08f26508a85f3deb1bf22b8c1f602d86","sha512":"4176602672380cc7c5134231a1e96533b6426d4dcd6e844c93bf1027cc30d1106fd85c0a20c4ec63f2854eddc56158d21dcc210da6e95f4711d5e466ea44ff6b","ssdeep":"","tlshash":"54218f08eb98a84d53b532745b3f40dcf93c15f3548605ddfe6806118da562b6326cab","size":1392,"data":"","first_seen":"2024-06-05T11:36:24Z","last_seen":"2026-02-01T00:37:34.911744Z","times_seen":88,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/gaw21lf","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3bca9d5bc985aef698ce489f5c8701ec","sha1":"fa75d9adeaebf66e4798b66ec1b4676f62a2c97f","sha256":"a29d4f019b0ef74ca0453dc64af4aa7f9bb2425768eb6c807cbb186716483dab","sha512":"ef2bc93100cd274af62b8e9e58c6e5b4c366e003fa03a620cde5cbcb6bae126f86a5b0d661061284f6aa7fe5d9992eae8d65578bbfe71dcbf216d7dba9ea2fbd","ssdeep":"","tlshash":"6ef0f09ac34f63cb1503864e8c7e5148c61d8a28a0db5e2e7aee8903870313b145ef20","size":570,"data":"","first_seen":"2025-08-10T20:52:33.420133Z","last_seen":"2025-10-07T01:21:19.69164Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/cookie/js.cookie.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7e9883924072f15259de6888d5ef515","sha1":"7f4f6e5938e68f55aef81e0cd0145f008cd28382","sha256":"985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c","sha512":"f6f2859b644b249cebe21b0af49c0efa046eedc95814ad4cac400b25d6fddbb7a155db420359ccfc8570eb18899cdc369dcbf5c137f4cb21f24b27f8f297be48","ssdeep":"48:MnCmrorDzy9AVYnVReoHEmFZqLghLVQiAdHy9QShp8dLocCTRTvg84Re6YzMtpyX:iCyojFOJEiXA1hyvt4T7tpyD2bm","tlshash":"4b91a5a4344535b9053b237513bf678bf575e8a22c8aa644ba4dc9a07f30c5f031afe6","size":4264,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.580912Z","times_seen":6123,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/js/jquery.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"261c2803d4c5f060a7bb9388a85533be","sha1":"90a234032123056ad72e3a35eabe88f9042923f2","sha256":"4d62766346c8fd39371d0c01f931efae320a5ecceb96f7c8e4716036741e19df","sha512":"6a505adaab6bc468e0aaa728089a44cb7563ba180287e511304b34df0334b32b1987984b9a11bbb95b0ce3edca52661a5754269276b2ae25355fd4fce618a487","ssdeep":"1536:c4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0sFy:cGsKXAI2p0WP9bDrstfa5","tlshash":"3a93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93068,"data":"","first_seen":"2023-04-01T11:04:52Z","last_seen":"2026-04-03T03:13:40.277578Z","times_seen":1170,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/util/utils.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67f83bb8309524daa942af9cec436419","sha1":"df63410e039476a6dde6eb4200b5c1666c52af21","sha256":"57d2fd3a46ef70b606d7dcd83f70b6a2107725cd910ca1399c70ef52b2c72b9d","sha512":"d48b08d4209f4313706376f312ccc8d08f9a34c22f4428a5bce059242442097a15a4581673259de0a2eb27bacb508104248703feed52a9d38a74d6e9470599ce","ssdeep":"192:nv6UDdoxY4iYiXKF3nwx16qI9S7q6uRIpauZy4hpjgRxtSY8xd:nv6wixY4iYi+3nwx16q97H3Zy47jgRxE","tlshash":"3df1b89e334f311e87c633b1087e9408ac7ef8352796e095b9ed949464b0e1d3762ee8","size":7514,"data":"","first_seen":"2025-01-16T10:08:27.907414Z","last_seen":"2026-04-03T20:17:39.599343Z","times_seen":1461,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/js/timer.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"db12eacb17d6d147e21495e2f8787fff","sha1":"32c7f9200e989eeb54df98b8ee70331a3b22789b","sha256":"b18fa00e948ce4a17e7cfa703c82e27fc8e1bababa97327ead9562c2281aff0f","sha512":"dd098bf6f1fc64bcd7efec3b6120fa2b5dbba0c063e99d8618c77e638a7765b23b8bf1b1821e52546af7bec6cba3f70be97594be438372da9f006a19b456e0e4","ssdeep":"","tlshash":"52f0f44837177b491eb1086e1bbde508d62ee522700f580924ccd0e19c9ee3a838ee6d","size":639,"data":"","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.905886Z","times_seen":2626,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/exit-new/exit1.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"625e5e2950612f771e246beb33c9ea61","sha1":"e4fc251c6c000496c285f8dc3fa097040b031681","sha256":"618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46","sha512":"655f0b373c605d0a464bedca4df204fb3aa12442c5b0aa3b8bf13e0604fd1e89480356e9c6cc9a432f81305bf1151caf4ac4ad9d8eb24eb78cbd11318e5b9657","ssdeep":"","tlshash":"e36156e4720e31ad93db3764c27fb11a7876e4b2d416a0b5a44c5c907434a1d6376cfd","size":3473,"data":"","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-01T11:35:43.37734Z","times_seen":13050,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/js/vegas.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ea8391e9e4f905102fef9737e225aba3","sha1":"2111929b9d64a20ecdeea04e3cf2a6633e09f428","sha256":"586607fdd9a798760719c89e72801e7f9f4af96a830fbbcee2889cffd521c239","sha512":"99b74beba57f023eeac792b77f3e3e7109c8fa279f1290d94ea056cd1a6ae784514eb24b3d2d01d511ded74d13b1934724033ea750aa9bdeb471c189b6ded131","ssdeep":"192:hzdEiLcmBWE4spGE9OICxPh+6Qw05RbJ1u1vqGDG2hYSwHSOV9Mfjsf5s9nhaGIt:hpE2/bJ3GLdM9MfjsfohNZvKz","tlshash":"aea2bd897f66510989b7e37a9f6a810ceb7682276503922d3cbd41c45fb1438436affc","size":22473,"data":"","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.906867Z","times_seen":1916,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/favicon.ico","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\nvary: accept-encoding\r\ncache-control: max-age=14400, no-transform\r\nage: 4303\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Cavl9JVo%2FFyL9iggTPUWmCo9uG09j1wA02NU0OLi6f3u6NlGI85GkDHS5DQ2Qn50yUCcl3Yznbgel2ghDRVuliPWz3Cv2rHRaEYXI6sJdzVqe%2BEP24cyx8LNdJEJvj59F8o\"}]}\r\ncf-ray: 9874e680c93a783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/x-icon","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:31:09.46171Z","times_seen":13315120,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/util/flag-icon/css/flag-icon.css","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /util/flag-icon/css/flag-icon.css HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/css\r\ncontent-length: 40627\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"0a47b937981e7389e3ebe63e4a503066\"\r\nlast-modified: Wed, 20 Sep 2023 15:26:15 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866DE8F22AA2509\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134513#296037122/gid:0/gname:root/mode:33188/mtime:1655386274#684017000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:31:14.684017Z\r\nexpires: Sun, 20 Sep 2026 03:24:21 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 909020\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PteasI%2BbFCYZqjb%2BqqTuVwsGkoPlDpD0mNOjZVTswA017nb1Yafc6RpH4l%2FoO0H49afCi10uXuZHeyByJFZkrn8syr17ptj%2Fy9SApCQbUYxmQT%2Bq7BheNkflGE0CIq4Azw%3D%3D\"}]}\r\ncf-ray: 9874e67f1a19b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40627,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"0a47b937981e7389e3ebe63e4a503066","sha1":"01b395ad016a1d9d15016d765f7d2c51a6e2809b","sha256":"d6afd8d9abc2967f29ad396854cd05b1a12dcf9b7084f944c136ca6f540c5a39","sha512":"bca846a7ebd76adb4ccf01805cda0bfc53673570b58289057b2f595ac5700e83a80b574ee5e005c9ffbb003aa7872e45a9d35fb728bd35701b040435b2425e24","ssdeep":"384:94fWpOSJ/TqlgSxMUj6/GlQ1EzvxqFbyqVD:94+pvJTqlgSxMUj6/GlQY4yqR","tlshash":"9103096b9643e14fb713cf352b16a1086b9d2492dec18f2b297935ba99f7040b436f70","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-04-02T19:40:42.956581Z","times_seen":6766,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/js/trls_loveme_casual.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/js/trls_loveme_casual.js HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 15968\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"fe9bcd27c507ed339bb6e127e0ba5a9e\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:38 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866EA45FFB27DDE\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028651#241820112/gid:0/gname:root/mode:33188/mtime:1732177659#332045504/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:39.381Z\r\nexpires: Sun, 20 Sep 2026 06:38:10 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 897391\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WYKdpNADuOAmituFOauBiAgHyL7t0TbDfbb2KBkNdmFp1nVRKjGAGRmjvNDrrjOseEvhiUQqfhw8F8aWW%2B5t4PlYFU4PhRklamkDwFCe4joRDkeYr4PTcgRS%2FQwblCWjkg%3D%3D\"}]}\r\ncf-ray: 9874e67f1a28b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15968,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"fe9bcd27c507ed339bb6e127e0ba5a9e","sha1":"d42529b16b5385bf270678bdb5afc4dd62a0333c","sha256":"438d3925fc872661a31e1f5b8ddd550e8c5b2113cfd23ed7e9a727bf4ff26969","sha512":"913673007b15c5a0d0401f91fe03d3a1f0b1199c7d84c84893f738e115ad2d1993aceefed3462346f0597dddac69b246d8d908b8d99b2026b91bb4da5b54311f","ssdeep":"384:SCOCsgtymBJ+Qx79dHbubiNP+ypBP2AcqYCOr3Cf0:rfsgtyM9bP+oRK","tlshash":"8d624e7bfb8f44f9fad023409672e902a41df1bfc399e069356e54aa1191c1482af58b","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.886522Z","times_seen":1857,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/bb.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/bb.js HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 639\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"0d553e4bac91c74bfee2dbabba61e99e\"\r\nlast-modified: Wed, 20 Sep 2023 15:21:05 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 18683AACD835343D\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134512#756035434/gid:0/gname:root/mode:33188/mtime:1659030913#852764000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-28T17:55:13.852764Z\r\nexpires: Thu, 24 Sep 2026 13:22:48 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 527513\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BAe1mLSWKpgezCqXx%2BlEKRep5Zm5X4GB8TayIwOn7LrmN%2BcSFXcPEptIgPIA3ByFAmorqQo0bA6yXn66iylac57fW8fV8sdp2IDtDQ96LmxngyDihk606ab3FqyyFbQmaw%3D%3D\"}]}\r\ncf-ray: 9874e67f1a2ab505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":639,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (639), with no line terminators","md5":"0d553e4bac91c74bfee2dbabba61e99e","sha1":"5af71e2377c9c012a7826a695f2724901941b19b","sha256":"1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68","sha512":"105e5b23733e7bb443ba2080d606c2814b0acd2aaf228467d2ce532ff2f2ec0b292f8eb5189a24cd9f79b69a7e983b176dbd29e2d539dae7ca443821084f2894","ssdeep":"","tlshash":"c5f02d81bd1878f685cf3355871f2230903f08dd720ae982a8a46e622e2038dde1b7e0","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.592645Z","times_seen":13211,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/images/scandinavia2_alt.jpg","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/images/scandinavia2_alt.jpg HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 146528\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"af26061e4eee0ad8268416168c349fac\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:53 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866EAABA385BA07\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028640#892786843/gid:0/gname:root/mode:33188/mtime:1732177674#213374736/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:54.261Z\r\nexpires: Sun, 20 Sep 2026 07:14:51 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 895191\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VFvjnIn%2Bb1hmn3jFn0f0I8k%2FkCc9PZE1YODJlBgLio8NTFDZAw3I%2BVXvybVbjCPZq3PN3zrUKKy8KOs8qQ8c7XhslMkww4I0nd8Hk8fkFca3i%2BHPE5AWriWllp%2BiMzLvopRW\"}]}\r\ncf-ray: 9874e680091b783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146528,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"af26061e4eee0ad8268416168c349fac","sha1":"5820f240a3c6f0eee93ff60131e10faa88ac460b","sha256":"0e7108ec937b3039342591ac96f32ce20a4f7b65996a444a452163626b62eec5","sha512":"36a617d7bde95910e24b0f0532067ade2695d08afe1fb0b21df6b824761e5a634aa64aeb4e88141d17a37e80b06444e280b82c3a03835d7b56b8a3da0955664c","ssdeep":"3072:R9FU23miGbfhMwNgdQVv+QDgF8+IBiO684Hb7mBrw7CAh:tUAafzN9v+Q0FnkB5B+C6","tlshash":"7be31292592bb15b84e3f931985a68a8cdf745d1d358381f026ea4cc142fb21f34e6fe","first_seen":"2024-01-16T04:09:26Z","last_seen":"2025-10-07T00:50:04.256346Z","times_seen":1820,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/gaw21lf","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-30T15:54:41.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /gaw21lf HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://druszczpiekarnia.pl/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/html\r\ncontent-length: 6830\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: private, no-transform\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5wSqR1kycyZ%2FOenqmc1MO5uM1cp8%2FYdpZA3C7KGrN3olXESoSSfQEhK5xCerr3FF23zXQd1a9vJBf%2BIbtP56eeyo7QaJJhBtCDsDgRP6T36nCyI7UoiYQNp1b53pgo%2BQfg%3D%3D\"}]}\r\nset-cookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg; Path=/\r\ncf-ray: 9874e67e1939b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":6830,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (572), with CRLF line terminators","md5":"d4df1667828243dd6828f17e287637e7","sha1":"cf672bb1385e640aeb8bbe22bf55b353dffdf220","sha256":"f024db10048430c8b9c37657c9549b7b8c92690df526132efada5f546d84831d","sha512":"101b4cf64b62cee5a2464d461ece89663760759cf2ce57ff17a59493d31cd01cae3f02cb81792c8cc43b7a9b9886650a21b2006bf07b4eecc1db112bab4f6cfd","ssdeep":"192:n7yVCtGMRoHcj7x5CiaiGgX9tA2D3edwX6YdU2o:WVW7CJ4tA2DedwX6F","tlshash":"91e12008be0e960e036203ebd13fe218d4aaed74d3639449f2fe493b57a1a195719896","first_seen":"2025-09-30T15:55:08.702612Z","last_seen":"2025-09-30T15:55:08.702612Z","times_seen":1,"resource_available":false,"data":null}},"time_used":689,"timings":{"blocked":289,"dns":8,"connect":3,"send":0,"wait":110,"receive":0,"ssl":278},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/css/bootstrap.min.css","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/css/bootstrap.min.css HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/css\r\ncontent-length: 109540\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"03d06426a30f77095d7511e1ca74d225\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:08 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866E97FC42C1270\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028622#90909633/gid:0/gname:root/mode:33188/mtime:1732177688#477455732/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:08.524Z\r\nexpires: Sun, 20 Sep 2026 06:38:10 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 897391\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cuVi5TQUd%2BGm15iAhOb0ZrFBvGV1xZnb76vtUGsRZPTXaVESv3CWx3yV%2F13afm374ux%2F7yPKFnYEvrZKRAir2irfXkpOzkOhv6ddA75venawd75EmL%2B78bZJBNLOqyBHWw%3D%3D\"}]}\r\ncf-ray: 9874e67f0a0db505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109540,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65367), with CRLF line terminators","md5":"03d06426a30f77095d7511e1ca74d225","sha1":"d1a349294f6fe94ffb17a50097b37bd81e9ba56a","sha256":"3f7e6f3cb6ba8e2effbdd260131ce0d2f332fb00ba3feca1a5bc9c3ee7f9e2a6","sha512":"d726efc5415efba1b060bcd4a24175ae7126312731524e970037b8a8b2fb9be60ba9628106e32781050d34f5c8144bd2c9e7ebe1351ca3e37b9506c832533b7d","ssdeep":"768:PbGxwUkB1mlpztzuRdvGN6eABkdIUIbZbnbJN8gwaKNhL3tqNhkRQmNae:wwlwERdvGNIkabbRk3chs","tlshash":"b6b3d7a0f11031ea7223c55a71d0ed872619a053e66b4fb7f22f25d88f895ca1773f1a","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-02-01T00:37:34.90484Z","times_seen":4010,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2 HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/css/style.css\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 22284\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"5c92d5d3e39a260d5dd06ced7eca070d\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: af968cfc53e5d4d46c2a7314ea3774fe010d1d1a8defca6495a09901b4f201c0\r\nx-amz-request-id: 18683621D4C91686\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028624#863186422/gid:0/gname:root/mode:33188/mtime:1732177691#353425218/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:11.4Z\r\nexpires: Thu, 24 Sep 2026 12:12:18 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 531744\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J3UpRpmmVkNxirEIOAaQdwRUsknP3DF3yTijGJMx82F8htkchzj5LIeHuK65s6VXLbBWi7Pn2Rr37I2dsdXRQLvaeyglxPp%2FFbyrLE0gODstpTc3FpXB8QJFVTTkALiWjiZ0\"}]}\r\ncf-ray: 9874e67ff915783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22284,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22284, version 3.786","md5":"5c92d5d3e39a260d5dd06ced7eca070d","sha1":"64df09fd462e6bb76890b7782578777b901f2003","sha256":"2a99c11dd137ef8b515b3a95d2bdb38ec99bf745b2865196aa910628bcb144b9","sha512":"973d8236ff36779be71c75694a1ee5e6ccb6ce656260071e6ff6309a391a7de1357fc00437986a8b42ab3c409e821a58c810701116867b3833df0873dc05b7dd","ssdeep":"384:EWQxHPyVmkdQDmRCsP5V0BKWbOCamb323fyFeP7mplzfHar43CF5Gjru3JFU:EW+HOdeGCsP1/CG3dPqrz/ar005KWJy","tlshash":"3ca2e11c4e18f813b7203a5c99adb965f21e1617da99cc5d0f677ae4b2c0c4e4a51f43","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-01T20:01:44.285452Z","times_seen":4407,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/fonts/b796339b324ec08006ca04dca90284cf.woff2","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/fonts/b796339b324ec08006ca04dca90284cf.woff2 HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/css/style.css\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 21796\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"b796339b324ec08006ca04dca90284cf\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:11 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866ED952F8A2A54\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028625#187218772/gid:0/gname:root/mode:33188/mtime:1732177691#705421484/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:11.753Z\r\nexpires: Sun, 20 Sep 2026 08:05:01 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 892180\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bzlinv5PPVpZfTyoGnMXbbXg4FhIOr4aYjI%2FXXg0JGr%2FLX58JAvJ3oAl9kgyhBd3HyVeB225OWNkPQ7I9ylj3WGRMtj27qnMUpRodr9BvLQGAyS48E%2BnwcfzIRG5gzyUlzhg\"}]}\r\ncf-ray: 9874e67ff917783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":21796,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21796, version 3.786","md5":"b796339b324ec08006ca04dca90284cf","sha1":"4283d779705f09e68939572df76c52cb41a3ec68","sha256":"d65bbca022f8953936d6e60b9a59fc27f9bfd74ba96257ffe14df83b3d8eb0e3","sha512":"912eba7649b612ea851ceff16addef13222fbc90656d1f6af737a55f34a24ea6154012afbbe8846d3e6fe1ebaf241de3c331ed97a212060bb979ac449823935f","ssdeep":"384:XuEqeSLLtQo1wtvqD67EE1LagdLGHkTU3brpWPGJyuHabAZOZ7EPmH:sHt5wtvtEEha5HkIJ0GJrFZOZEeH","tlshash":"29a2d12a6c85818c8291d435b3f6222e3572f970e6f1d3db753af478226b44ca35ecd1","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-01T20:01:44.010057Z","times_seen":4410,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/util/flag-icon/flags/4x3/no.svg","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /util/flag-icon/flags/4x3/no.svg HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/util/flag-icon/css/flag-icon.css\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 331\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"c7ecfe59439b5fd23924fd206cf2fded\"\r\nlast-modified: Wed, 20 Sep 2023 15:26:17 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1867962C3B782507\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134513#304037147/gid:0/gname:root/mode:33188/mtime:1655386305#848080000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:31:45.84808Z\r\nexpires: Tue, 22 Sep 2026 11:08:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 708386\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TzH5R%2BZ5%2FsZQd4%2FqtLxQRoVQl%2BP%2FwDfOGWwjZAibZQ9dHlqkZSwENXcQS8tcp9NiJkQBON%2FHDXk9zpALL5xg0v0Qd4h2hlb30kBTgSfiarCtXxtzE%2BNoeuWR47ld7ZIH4w%2FZ\"}]}\r\ncf-ray: 9874e6800918783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":331,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c7ecfe59439b5fd23924fd206cf2fded","sha1":"056fbd2b17c7f08bfb480d21973a96bf86fbd72a","sha256":"4027f3320608508754640a6de4cb1cdabdef4654b5a214e875c134802345683f","sha512":"b599bc79feb6f5f93d191b92beade2c05935b10788e4b31f01ab480695ecb131d007816185cb7f5559a6d94bb7bc7720106fb5e54f60970ce43d3994f7f7f7a1","ssdeep":"","tlshash":"68e0cded91bcfc148b3083102f2d7ae288a5f4c6a09506f7fc51311a615f596cdc3605","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-02T19:40:42.987349Z","times_seen":6404,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"druszczpiekarnia.pl/redirect.html","fqdn":"druszczpiekarnia.pl","domain":"druszczpiekarnia.pl","tld":"pl"},"ip":{"addr":"104.21.21.239","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-30T15:54:41.539Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"druszczpiekarnia.pl","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 10:28:41 GMT","end":"Sun, 28 Dec 2025 11:26:56 GMT"},"fingerprint":{"sha1":"7F:4E:4C:09:8B:49:05:88:6B:B3:18:17:55:37:D9:67:D1:5C:A4:73","sha256":"EF:14:5B:5A:71:0F:5B:F8:C4:89:2A:79:E9:7E:44:D2:A5:A9:EF:70:EA:B7:29:A4:CA:9A:F5:F2:89:11:85:F6"}}},"request":{"raw":"GET /redirect.html HTTP/1.1\r\nHost: druszczpiekarnia.pl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:41 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nx-frame-options: DENY\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 16 Sep 2025 09:41:52 GMT\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JykM2Tv%2F5NScLrXUs98sv5XoA0dbE5JiCnsSIH6WeizZFefSs7cI8DfMSSEvtPhIZh9aQwAAtUUoWyqxRzaRQHJDvkM7N%2F81Qc2ZEKrm5SYMiZs%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9874e679bc181525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1034,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"677a0dbd989b9dbd6b8b078ef12ed0d1","sha1":"6e36f9c6f0c29796e428d8e354ea5e2d81b597c4","sha256":"127df369f82fc7155578a785d77fb630782c4372c999dcc2981913e16fe22224","sha512":"4ccdf274b34e989003fcb9fd1f9f30bac625c6351e0851de1b26a52f62e596406b3e663d6c9f5743df62a84523bdeec39a1b7af127d4f38e08365031907183fe","ssdeep":"","tlshash":"a811af4a5cd784180cf0694954b1f93834e524b99a66d441b5dcc52dcf98fc98c46adc","first_seen":"2025-08-11T03:14:39.381113Z","last_seen":"2025-10-02T07:46:21.692857Z","times_seen":12,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700\u0026subset=latin,cyrillic","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css?family=Roboto:400,300,700|Raleway:400,700\u0026subset=latin,cyrillic HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 30 Sep 2025 15:54:42 GMT\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19615,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"6efb46d1204a2ab3f478a465bc964913","sha1":"792e40e73dab0d5f4a002ed7b0c8447e3834e7c0","sha256":"e3e1e20725f54216dd1273bf9aeb1e94f01596326ebad47e038e950d2d771a7d","sha512":"9ed31d8f8a911101649d06660eaea3ddb5cbb78fada45d6fd4b7fd4af75d5bdf12bfae5d2df86022065cc139ab29fc7a20e81fddd438905f98605cf336051a51","ssdeep":"384:PYrw3E1wfnw+whwdwySw/qY4owmwGw3wfawDwwwkwyfw/qY45wLwrwmwf7wCwFwX:YKNyEfSQv3rgXU/9ffQiqG1GJuofOQj1","tlshash":"1892fca10817400097835ce223ce7e31fe4f92147146d0b9abfd9b6beddbc6652a936d","first_seen":"2025-09-26T11:52:46.057244Z","last_seen":"2025-10-07T01:21:19.646279Z","times_seen":68,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":75,"dns":1,"connect":15,"send":0,"wait":36,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/js/vegas.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/js/vegas.js HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 22473\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"ea8391e9e4f905102fef9737e225aba3\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:39 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360\r\nx-amz-request-id: 1866E97FFD00B174\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028651#909886812/gid:0/gname:root/mode:33188/mtime:1732177660#44109095/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:40.097Z\r\nexpires: Sun, 20 Sep 2026 06:38:10 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 897391\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HJb9PZTVcufsvYtmcMCCPQVudNCKCQOWcsUHtDaq%2F6uE%2FGUZXn%2F2S0vfeiIltNmWLfuJwPB1dzwKoLXA5Px0p%2FuKBy9BdFtPH4cwqhlbfBHxFrxg6j%2FEqpwBOLyhjCCfLQ%3D%3D\"}]}\r\ncf-ray: 9874e67f1a1fb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22473,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"ea8391e9e4f905102fef9737e225aba3","sha1":"2111929b9d64a20ecdeea04e3cf2a6633e09f428","sha256":"586607fdd9a798760719c89e72801e7f9f4af96a830fbbcee2889cffd521c239","sha512":"99b74beba57f023eeac792b77f3e3e7109c8fa279f1290d94ea056cd1a6ae784514eb24b3d2d01d511ded74d13b1934724033ea750aa9bdeb471c189b6ded131","ssdeep":"192:hzdEiLcmBWE4spGE9OICxPh+6Qw05RbJ1u1vqGDG2hYSwHSOV9Mfjsf5s9nhaGIt:hpE2/bJ3GLdM9MfjsfohNZvKz","tlshash":"aea2bd897f66510989b7e37a9f6a810ceb7682276503922d3cbd41c45fb1438436affc","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.906867Z","times_seen":1916,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/images/flirt_logo.svg","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/images/flirt_logo.svg HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4939\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"037c209aa2e3d00d37633d832af76752\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:49 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866E9800A3C1B7F\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028637#8399019/gid:0/gname:root/mode:33188/mtime:1732177670#109008066/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:50.158Z\r\nexpires: Sun, 20 Sep 2026 06:38:44 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 897357\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7nRlvwjPkROJgkXp%2B0iqcSCSaQzwz3ueQIsdW39mr%2B2O4L%2Buy1kwGbZzGgVc5AVN6URvNidIf4ZgEB8hdGXdekB6k0TlYkPdyjzFQW3Yr8TpH71SfjgHzvSa9RODoYs29A%3D%3D\"}]}\r\ncf-ray: 9874e67f1a25b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4939,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"037c209aa2e3d00d37633d832af76752","sha1":"4eab6ad305760586453c1c87ee34b23f03806b8d","sha256":"ea1161fca6b102661f5c1f2b1b10bdda1b7887f608ca13d900c9c596e4480d62","sha512":"88f60e11cd08e3ee5e6264654a124372ceb563fdeedb8812e5a0c644dcefa9217728b2ccaee6526e9441675241102d9c2db4ea16204bff1850ac61213fcb7c3a","ssdeep":"96:mZRnh2Noj8WjtgghNMcwfEb+VtUO3tTRL31Bnh0AF7UdUzKPXG8R:mRLjDZggIcpb+3Z3tFXuAxiUzj8R","tlshash":"d1a142980ba75be8a98473da88131271376fe4feaeb78254c245d732381245cdc408db","first_seen":"2024-11-21T16:29:51.957938Z","last_seen":"2026-02-01T00:37:34.892987Z","times_seen":1139,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/images/scandinavia6_alt.jpg","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:58.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/images/scandinavia6_alt.jpg HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:58 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 164464\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"d3a0904ff1e85ac9203f192477ccea32\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:55 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: 5bbf9b091ca9dd795595b773b0f1d036407937e2098457815217f1ddbc67c996\r\nx-amz-request-id: 18671302C33A08CA\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 343\r\nx-ratelimit-remaining: 343\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732177676#153548078/gid:0/gname:root/mode:33188/mtime:1732177676#109544146/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:56.156Z\r\nexpires: Sun, 20 Sep 2026 19:04:42 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 852616\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S3tgfh0z6Uh8f2AwQ3ClrSsnSDa0kICGeS3Yc0Wpj14N9VQy3voihPhEVbxu07edmQ2JtpLmcqPsW680ls55SOocNOrrptI%2FxDnroK1sTJ%2BTa7DpoqXUfv13awOgeaCmUfMG\"}]}\r\ncf-ray: 9874e6e16d90783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":164464,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"d3a0904ff1e85ac9203f192477ccea32","sha1":"3dc2eb88095e93448fd627cc53e78bda983ce2a3","sha256":"96884c8509dee0360a0d7e39156b38f067bf977bceb6524a189fe21872dfda1d","sha512":"362ad985617f55ab1b6f6dd9764d3304eb5e28b4aa1c178e9e58332a3e0091f6fe6b134236eb08cfc0ac6df15a4437d4cc0a73a871429f864b7f49b440939d77","ssdeep":"3072:JjA96/O2b3Q6euT8me+BGQ/DnIANEcLs5ckJiscNw3e5wZ7Mfa6e9uWaOqcX:FmIOaQ6euTfX7dA5H1ZwfQ9ugqcX","tlshash":"23f3124ff68058ebec0de18e41497d7eedc2ce39af68189e6138c2247b09d1475db668","first_seen":"2024-01-16T04:11:19Z","last_seen":"2025-10-07T01:21:19.654987Z","times_seen":1798,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"druszczpiekarnia.pl/join/3786","fqdn":"druszczpiekarnia.pl","domain":"druszczpiekarnia.pl","tld":"pl"},"ip":{"addr":"104.21.21.239","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-30T15:54:41.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"druszczpiekarnia.pl","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 29 Sep 2025 10:28:41 GMT","end":"Sun, 28 Dec 2025 11:26:56 GMT"},"fingerprint":{"sha1":"7F:4E:4C:09:8B:49:05:88:6B:B3:18:17:55:37:D9:67:D1:5C:A4:73","sha256":"EF:14:5B:5A:71:0F:5B:F8:C4:89:2A:79:E9:7E:44:D2:A5:A9:EF:70:EA:B7:29:A4:CA:9A:F5:F2:89:11:85:F6"}}},"request":{"raw":"GET /join/3786 HTTP/1.1\r\nHost: druszczpiekarnia.pl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 30 Sep 2025 15:54:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nx-frame-options: DENY\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlocation: /redirect.html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xL1qbf9qWg9ShP6XvzujCX9oZ0a1toj6ceYeKBZmhI%2FftNkTWi9fqKSiAF7KYwqXYlBWT2Uw%2B2HMLWPcKO6EhZs8PX2u9F6C%2BktEleGQGz%2BRD%2FA%3D\"}]}\r\ncf-ray: 9874e6793b101525-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1034,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:31:09.46171Z","times_seen":13315120,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":10,"dns":0,"connect":1,"send":0,"wait":73,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/js/jquery.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/js/jquery.js HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 93068\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"261c2803d4c5f060a7bb9388a85533be\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:36 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866E97FFACC7B82\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028648#701566486/gid:0/gname:root/mode:33188/mtime:1732177656#859824738/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:36.907Z\r\nexpires: Sun, 20 Sep 2026 06:38:10 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 897391\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=35JKqq4GEYpKN7Cw%2BgIoO2Gl7juNVKeTmJipcVq04dZOuZHmcjxQAhwF%2FKc5pvtSaksIoG0ymogiRX1m2ApAVn17mGcSNVoMj51PeRHRrZ9yH8PnuinrDo546GAU2nPbNQ%3D%3D\"}]}\r\ncf-ray: 9874e67f1a1cb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":93068,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32072), with CRLF line terminators","md5":"261c2803d4c5f060a7bb9388a85533be","sha1":"90a234032123056ad72e3a35eabe88f9042923f2","sha256":"4d62766346c8fd39371d0c01f931efae320a5ecceb96f7c8e4716036741e19df","sha512":"6a505adaab6bc468e0aaa728089a44cb7563ba180287e511304b34df0334b32b1987984b9a11bbb95b0ce3edca52661a5754269276b2ae25355fd4fce618a487","ssdeep":"1536:c4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0sFy:cGsKXAI2p0WP9bDrstfa5","tlshash":"3a93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-04-01T11:04:52Z","last_seen":"2026-04-03T03:13:40.277578Z","times_seen":1170,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/js/timer.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/js/timer.js HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 639\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"db12eacb17d6d147e21495e2f8787fff\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:37 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 186A06FBF45E2E27\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028649#469643174/gid:0/gname:root/mode:33188/mtime:1732177657#611891895/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:37.665Z\r\nexpires: Wed, 30 Sep 2026 10:07:18 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 20843\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HacbUQFVqN0ibnDXeneaxEi3twsmUlWk812pl2zBcl0KViokNmn7DlRH77H9yAK%2Fg1w4OI5QijN%2BIuphww9ROEznSKs0APkvLspmRvkZiQt%2FuRwt39uNKpV4Xr1tHH1LPw%3D%3D\"}]}\r\ncf-ray: 9874e67f1a27b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":639,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"db12eacb17d6d147e21495e2f8787fff","sha1":"32c7f9200e989eeb54df98b8ee70331a3b22789b","sha256":"b18fa00e948ce4a17e7cfa703c82e27fc8e1bababa97327ead9562c2281aff0f","sha512":"dd098bf6f1fc64bcd7efec3b6120fa2b5dbba0c063e99d8618c77e638a7765b23b8bf1b1821e52546af7bec6cba3f70be97594be438372da9f006a19b456e0e4","ssdeep":"","tlshash":"52f0f44837177b491eb1086e1bbde508d62ee522700f580924ccd0e19c9ee3a838ee6d","first_seen":"2024-07-01T19:44:30Z","last_seen":"2026-02-01T00:37:34.905886Z","times_seen":2626,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/css/style.css","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/css/style.css HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/css\r\ncontent-length: 20163\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"f26dd61c20737e37f81af1feded8542d\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:08 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1867962C2C2C1DC0\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028622#746975134/gid:0/gname:root/mode:33188/mtime:1732177689#141448685/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:09.186Z\r\nexpires: Tue, 22 Sep 2026 11:08:15 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 708386\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6jcDTRBrnqWaprTyLEktXx69zggULkQC%2F8xXVWEqmum3hCPNyGAz540A9qAXJVJTFdtft3BCUa4C4oBOEPgXnmw25zzwf5KGbBgdzsMnlmRfGVR7M3RF9FV5IN098ajLCQ%3D%3D\"}]}\r\ncf-ray: 9874e67f1a10b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20163,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f26dd61c20737e37f81af1feded8542d","sha1":"039903e8f39b3e667cd36a76126afd1c7a499b58","sha256":"426e3c652a8f228664241c41424a7e1cbbaeaf8b8a2d2248625706f954dec9a1","sha512":"77a1fbb2b02cc691567c5d3a7b5651782e77b27f069c13cedc1fb8417175e1a0a2f87ae8f0b29b8f49872f6e0164d67bc7abae09ec1b5a362d6415d514a9445b","ssdeep":"384:EojKhwQ9V2u7lmNTQdr6ZOPOK1vd7Br6q:EojKL9Yu7YAr6ZOPOK1vd7Beq","tlshash":"739254a9f54b240af31faad8b7b15a506ec540649b1a56dcf8ff20edd3d436c1334286","first_seen":"2024-11-21T16:29:51.944166Z","last_seen":"2026-02-01T00:37:34.892041Z","times_seen":1154,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/css/animate.css","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/css/animate.css HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/css\r\ncontent-length: 61188\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"1cbfbb2c4ef85880799a74ab2f290f2a\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:07 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866E97FE418DDF6\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028621#650865699/gid:0/gname:root/mode:33188/mtime:1732177688#65460104/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:08.111Z\r\nexpires: Sun, 20 Sep 2026 06:38:10 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 897391\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4PW5rcNkLfyMTwW8jEIncAAgVeFl33Xh3Rw6q9izjkowHZCqtthVQJOjcGkx3Ft%2BJV7UshXBrztP%2B5WjlfGnp48%2FXLyNyiYbiW6XGNxMlVlLvAhNA6b8npnQJwBaVVspWQ%3D%3D\"}]}\r\ncf-ray: 9874e67f1a13b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":61188,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (460), with CRLF line terminators","md5":"1cbfbb2c4ef85880799a74ab2f290f2a","sha1":"9b6366d6c7ad05010f7070db70fba10754be6e9c","sha256":"bfdad6766b12a3826bf32024f0fc13fffbcee84f102034b9270da7e538451031","sha512":"58c8d90d0f16205527b110fa50a03b83f001af28841579522c6f9fa1c57bdeba92d6a5b0b4caff4ef84fcc11866e9183ee109c5c891639e1cd1dd8655decec0c","ssdeep":"192:CDvQHnvHQvFpjIBz+a+pjRfBV7lucqBJm7YfPZBWgQc95YKm/0kLyJgprWXhOX8N:CbWz71","tlshash":"1853e86a2c91114457720b25d7de4f6cea3ca17318226efab3c2548b8f61bac13cde57","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-02-01T00:37:34.895204Z","times_seen":5163,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bigdatajsext.com/ExtService.svc/getextparams","fqdn":"bigdatajsext.com","domain":"bigdatajsext.com","tld":"com"},"ip":{"addr":"136.243.216.252","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.537Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"P384","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"bigdatajsext.com","organization":""},"issuer":{"commonName":"E5","organization":"Let's Encrypt"},"validity":{"start":"Tue, 19 Aug 2025 17:59:30 GMT","end":"Mon, 17 Nov 2025 17:59:29 GMT"},"fingerprint":{"sha1":"1D:AD:C1:DA:6F:FB:A3:DF:9A:76:EE:D4:1F:76:16:59:6E:12:2F:EC","sha256":"64:D8:99:E0:54:EC:86:93:88:6B:49:1C:93:17:8C:FA:CF:10:E5:00:9E:27:20:EF:49:B2:8C:85:9B:11:EC:31"}}},"request":{"raw":"GET /ExtService.svc/getextparams HTTP/1.1\r\nHost: bigdatajsext.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://xrbpmr6tj.romanceswoman-romance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":538,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"22ae70f72585ccfc5dfafb21c78b7438","sha1":"6f188823b30139aa93ae76acf2e8c81a1e9217f6","sha256":"1af6db601dbc36685890e2547f5681ecccfeb8c88dae41d124b80dd39cdeef45","sha512":"c5a83ba497fa96ebd41c8abbb114915cb278ed9885a18bc104dfef764974e0784c1ace9ba1bb0f31ec0bd0780fb0c30ece120e68d8158d63d50af2c254112f67","ssdeep":"","tlshash":"05f059946c1e3d2b8f6ec2ea410fe91762e228ecd09de6c28147cc01d18467d708dcfa","first_seen":"2025-09-29T14:42:24.705512Z","last_seen":"2025-10-07T01:21:19.670056Z","times_seen":38,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":95,"dns":6,"connect":28,"send":0,"wait":32,"receive":0,"ssl":63},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"bigdatajsext.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2 HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/css/style.css\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 14772\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"bcf3bb1b7f7a3436181788e748bae013\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:11 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 186A14DE0FA959C8\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028625#499249925/gid:0/gname:root/mode:33188/mtime:1732177692#53417792/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:12.1Z\r\nexpires: Wed, 30 Sep 2026 14:12:28 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 6134\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h1fNXL1vY061ZpuKZSh%2BqenqygQc6zMZNMWq7iLBeMl6NoDKaaGpFV9q8Dht7taI8Gzmvd65JbyYJM1HzxZQEXbut3ZuG5nsKSjsXRFOaNIueJlHN4eGQYxuTLeCJeZi0sqm\"}]}\r\ncf-ray: 9874e67ff916783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14772,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14772, version 3.327","md5":"bcf3bb1b7f7a3436181788e748bae013","sha1":"8ee24d38f618f070a43619f1d471d90f17d666f1","sha256":"42e50c76c1bf569cb8b597ffc8cdd18a6f4a311832f46fdc1489145027550781","sha512":"3dfc74ace5f336c2c3b2518bc0c991dd4f370b6678d9a96ef9448d056aa1abd7d0884310c23299348f72011610f7d6a0e6772e3fd803e75bf9525dccbebd7860","ssdeep":"384:VI1b2Gbko0p2ZFD/aV74+1NahzVZkHCK967ssUyer:VkbhYo0pqFGVM+1Iny9679Uy+","tlshash":"ef62df91fe949fbbc27cc0bd8a7de9043991d54b03522228066f9f8b38b21378cc1e59","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-04-01T20:01:43.99647Z","times_seen":4418,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/images/scandinavia1_alt.jpg","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:47.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/images/scandinavia1_alt.jpg HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 132802\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"19b66b80d93b12a4f00f18a467d9e6be\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:53 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: 42aa5a63a589b4374a9c1295fb1c20dcda18b77f2cb8e112e03c5ecdf9b92360\r\nx-amz-request-id: 186A19D6821F9414\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 336\r\nx-ratelimit-remaining: 336\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028640#296727331/gid:0/gname:root/mode:33188/mtime:1732177673#781336136/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:53.827Z\r\nexpires: Wed, 30 Sep 2026 15:54:47 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kczi3o3R0xseDi1l0kiL1n1dO0%2FF62yIDcBNtZaKd0r%2F3hoGBA%2B89V4cGEBo42R%2BfDH%2BZTDsPqCWWFKMLBtn1jHe0dQothq3%2B7AqgUGv73lDlZO7lGndGG85Ryi3bGZ1P5XO\"}]}\r\ncf-ray: 9874e6a00cea783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":132802,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"19b66b80d93b12a4f00f18a467d9e6be","sha1":"226d6a060f76324be719be6317828f1547208bb0","sha256":"6b7139ccbab356327e683edfde4cc7d9f75654dc6162a0970b31543f73d0ca17","sha512":"2d4e6bb30a10e42276b4d96827157e52ee3fdc489a2f9d9bac449ac3cdb65cc50b81f48090527f6388e23017b666f613bfb878a929abbd0675a0af03bbef1d8a","ssdeep":"3072:Gw3DnbwG8zEY31p8tEF5Ml0ePx/6yEh8xpYn49q21DU/D:GGDUZzEW1p+GO/6Jko40kQD","tlshash":"70d3123e5c5a02257b8e97dc598f319b7272ec143e35399f5b091d4b32b8b90353292a","first_seen":"2024-01-16T04:09:26Z","last_seen":"2025-10-07T01:21:19.675818Z","times_seen":1825,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/util/utils.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.405Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /util/utils.js HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 7514\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67f83bb8309524daa942af9cec436419\"\r\nlast-modified: Thu, 16 Jan 2025 07:55:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1867F899B33B1384\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2059\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1737013493#205481014/gid:0/gname:root/mode:33188/mtime:1737014112#757470179/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2025-01-16T07:55:12.806Z\r\nexpires: Wed, 23 Sep 2026 17:21:56 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 599565\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=15kuCefBbpH%2F0lIuXHIIX3A0vUnAyK2jf%2FfgGBifkNm%2B8qgTayVBKp2gx%2B7rDmG7ZwXsh%2FMliuMKiyWkdbnPheNEvAbUj6DRN6cBi3nJTSMreyxZSj5HccZpJYrCWZAQIA%3D%3D\"}]}\r\ncf-ray: 9874e67f1a24b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7514,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators","md5":"67f83bb8309524daa942af9cec436419","sha1":"df63410e039476a6dde6eb4200b5c1666c52af21","sha256":"57d2fd3a46ef70b606d7dcd83f70b6a2107725cd910ca1399c70ef52b2c72b9d","sha512":"d48b08d4209f4313706376f312ccc8d08f9a34c22f4428a5bce059242442097a15a4581673259de0a2eb27bacb508104248703feed52a9d38a74d6e9470599ce","ssdeep":"192:nv6UDdoxY4iYiXKF3nwx16qI9S7q6uRIpauZy4hpjgRxtSY8xd:nv6wixY4iYi+3nwx16q97H3Zy47jgRxE","tlshash":"3df1b89e334f311e87c633b1087e9408ac7ef8352796e095b9ed949464b0e1d3762ee8","first_seen":"2025-01-16T10:08:27.907414Z","last_seen":"2026-04-03T20:17:39.599343Z","times_seen":1461,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2 HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/css/style.css\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 21908\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"2e5fca371696cab9fb5a9fe214c1319c\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:10 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1867A205081ACFC7\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028624#535153670/gid:0/gname:root/mode:33188/mtime:1732177691#1428951/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:11.045Z\r\nexpires: Tue, 22 Sep 2026 14:45:22 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 695360\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x3l%2BqK9qoLWcTcIfVSe7DV3gyka5YG3Y8faCtnVB6EJU0iK1Ca2xMoWKZMdoX6yg3c8ItCd2thfYHFFFk02KTILvNslcleZQ4bH43D3D9utEYRW99ULNLnKPBokXt%2BBYwMTK\"}]}\r\ncf-ray: 9874e6800919783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":21908,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21908, version 3.786","md5":"2e5fca371696cab9fb5a9fe214c1319c","sha1":"4bd3fe039b2f65d10d1b8c1b30c7962bdc313b7a","sha256":"f8b1a05998ba7e93e5c9f41b004496a3576b8d10d9fafc2f7014894ebc3e72e9","sha512":"5e0fc1c5b768d270b1b6fb5abb229d6c668ecc31269818d82b0e33125671aa876a805383d63f3d6b99b24baf8428525240fa05326309640a7c4f5d50c0db4ac5","ssdeep":"384:gBd7eI524xG1u/eBQLE2rPDR5VdqvlG+zFvpLdLAl3sQC15mwA:qZewBj/ZzbXVcvpLtALY5mwA","tlshash":"e0a2d04fef5e681bee938d758d9e908868862946af457760a3fc532374970ea07809d0","first_seen":"2023-04-07T05:59:23Z","last_seen":"2026-02-01T00:37:34.902051Z","times_seen":4000,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/images/scandinavia4_alt.jpg","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:53.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/images/scandinavia4_alt.jpg HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 30 Sep 2025 15:54:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 171781\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"e23a20555d1a9fd6f5f7a988dcf84a46\"\r\nlast-modified: Thu, 21 Nov 2024 08:27:54 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866EF03360D4323\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028641#768874315/gid:0/gname:root/mode:33188/mtime:1732177675#169460155/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:27:55.216Z\r\nexpires: Sun, 20 Sep 2026 08:05:01 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 892191\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1QnfX6OBEoZb96l%2FiGzy%2FOgV%2Fg8Rix7nDftAEnzBHFr%2BsXuaRFkphQT0%2BJQCiIH7%2BmwBMPIA6GHaQ7qQyyAsz8VY2oPcOmKC9d4bvMy13VJ%2BDyoo9guFWBmuS8HhnF%2FJ8Kvm\"}]}\r\ncf-ray: 9874e6c16943783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":171781,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"e23a20555d1a9fd6f5f7a988dcf84a46","sha1":"42c966cbbd9e6bec41ceef39e437066acc74295c","sha256":"f042e79c205194be5f3bfe06e3f51f94dd9565ebf2d49a38249b374348c78f64","sha512":"57d703b7f615fb84646915b4c5b37dc0c8518212cc84617d9a7228367adf1fa5de5ad55c052d503c2a790bdced09321063966678293e20c8299552c3e4222236","ssdeep":"3072:5rJpDCTA8XNxqA7FeQtrBBsmLjPioh1htKL2T26Rnv7+sKwCiVC:ZzOH9xt7VtBBBS61ht6kZRnvSsKaY","tlshash":"42f3233ab8125390ca1b5d67aafc280bce69c77ce82015d4d925ccd87c525ccec26f4b","first_seen":"2024-01-16T04:09:26Z","last_seen":"2025-10-07T01:21:19.640134Z","times_seen":1814,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/cookie/js.cookie.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.404Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /cookie/js.cookie.js HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4264\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"a7e9883924072f15259de6888d5ef515\"\r\nlast-modified: Wed, 20 Sep 2023 15:19:53 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866DE8EC97A6D28\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134513#248036972/gid:0/gname:root/mode:33188/mtime:1658397637#354375000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-07-21T10:00:37.354375Z\r\nexpires: Sun, 20 Sep 2026 03:24:21 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 909020\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JCwvUjsJMIFkV2FlpIt3jlAm2RFkW3U%2FCUXddI8Bc5CJeQN87V0NaBB%2FN6L85TPnyaHPN4pTqLitq2Jth%2FkYiE4myOajJ1fOjwyg3bY8xTwa0n9kPcdCCnZ3Rl808rKqFA%3D%3D\"}]}\r\ncf-ray: 9874e67f1a22b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4264,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1709), with CRLF line terminators","md5":"a7e9883924072f15259de6888d5ef515","sha1":"7f4f6e5938e68f55aef81e0cd0145f008cd28382","sha256":"985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c","sha512":"f6f2859b644b249cebe21b0af49c0efa046eedc95814ad4cac400b25d6fddbb7a155db420359ccfc8570eb18899cdc369dcbf5c137f4cb21f24b27f8f297be48","ssdeep":"48:MnCmrorDzy9AVYnVReoHEmFZqLghLVQiAdHy9QShp8dLocCTRTvg84Re6YzMtpyX:iCyojFOJEiXA1hyvt4T7tpyD2bm","tlshash":"4b91a5a4344535b9053b237513bf678bf575e8a22c8aa644ba4dc9a07f30c5f031afe6","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-04-03T20:17:39.580912Z","times_seen":6123,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/exit-new/exit1.js","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/exit-new/exit1.js HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3473\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"625e5e2950612f771e246beb33c9ea61\"\r\nlast-modified: Wed, 20 Sep 2023 15:23:09 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866E0594AEA4A51\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1693134511#160030446/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z\r\nexpires: Sun, 20 Sep 2026 03:55:16 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 907165\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p8rsfIELPyXkaNLRhFGksH2SLEZFOd3qxkBffuL%2BsAfLPVskE7ER7EoYNzKdra5ulpxNwzWSzPZyhhrWyGZMPbxDS8%2FlhTcfVWzohKnu8jruH%2FmpXy9S1UIpko2W126kmg%3D%3D\"}]}\r\ncf-ray: 9874e67f1a2cb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3473,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (641), with CRLF line terminators","md5":"625e5e2950612f771e246beb33c9ea61","sha1":"e4fc251c6c000496c285f8dc3fa097040b031681","sha256":"618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46","sha512":"655f0b373c605d0a464bedca4df204fb3aa12442c5b0aa3b8bf13e0604fd1e89480356e9c6cc9a432f81305bf1151caf4ac4ad9d8eb24eb78cbd11318e5b9657","ssdeep":"","tlshash":"e36156e4720e31ad93db3764c27fb11a7876e4b2d416a0b5a44c5c907434a1d6376cfd","first_seen":"2023-03-07T01:03:18Z","last_seen":"2026-02-01T11:35:43.37734Z","times_seen":13050,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jupantofle.pl/8zPmgJ","fqdn":"jupantofle.pl","domain":"jupantofle.pl","tld":"pl"},"ip":{"addr":"172.67.156.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-30T15:54:41.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jupantofle.pl","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Sep 2025 08:43:10 GMT","end":"Wed, 24 Dec 2025 09:40:36 GMT"},"fingerprint":{"sha1":"30:5A:57:D8:41:00:17:BE:09:8D:81:3A:36:41:67:B0:FD:AA:00:EF","sha256":"B2:4D:81:CF:08:9A:92:EC:5D:3E:B1:7E:58:F4:BD:A9:2C:C6:E4:AF:02:57:59:89:22:8A:62:29:78:F2:34:4A"}}},"request":{"raw":"GET /8zPmgJ HTTP/1.1\r\nHost: jupantofle.pl\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://druszczpiekarnia.pl/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 30 Sep 2025 15:54:41 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7hwjwSD7SqDMCH%2F1BX36o8LTyb2KcBdZEa6CiYT789sW7XhHGnDu%2FT%2BXij1Aa5y8CQTZ7Xc8vf3sOl4vcsxsc6f%2FbQ%2FM5DOnQ%2FNc9CM%3D\"}]}\r\nx-powered-by: PHP/5.6.40\r\nexpires: Thu, 21 Jul 1977 07:30:00 GMT\r\nlast-modified: Tue, 30 Sep 2025 15:54:41 GMT\r\ncache-control: max-age=0\r\npragma: no-cache\r\ncf-cache-status: DYNAMIC\r\nset-cookie: 847ba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjgzXCI6MTc1OTI0NzY4MX0sXCJjYW1wYWlnbnNcIjp7XCIzNVwiOjE3NTkyNDc2ODF9LFwidGltZVwiOjE3NTkyNDc2ODF9In0.6eG_SOLDPpaQx-pirH-RmwWSsuovUuOkNZnkVA8Tu2w; Path=/; Domain=jupantofle.pl; Max-Age=2678400; Expires=Fri, 31 Oct 2025 15:54:41 GMT\r\ncf-ray: 9874e67ad903783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:5.6.40","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":6830,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T03:31:09.46171Z","times_seen":13315120,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":28,"dns":18,"connect":2,"send":0,"wait":223,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"xrbpmr6tj.romanceswoman-romance.com/media/dating/flirtup/css/vegas.css","fqdn":"xrbpmr6tj.romanceswoman-romance.com","domain":"romanceswoman-romance.com","tld":"com"},"ip":{"addr":"104.21.6.29","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf","date":"2025-09-30T15:54:42.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"romanceswoman-romance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 07 Aug 2025 03:53:13 GMT","end":"Wed, 05 Nov 2025 04:50:57 GMT"},"fingerprint":{"sha1":"DA:D3:BA:2C:65:F3:62:E8:A2:3C:1B:F3:CD:24:7A:1B:42:05:C4:03","sha256":"EE:CA:E0:60:5C:7E:DE:30:25:83:4D:DC:17:8F:0D:9E:E4:BA:D9:F1:E2:15:4C:0A:ED:06:F7:A8:55:FB:0C:5F"}}},"request":{"raw":"GET /media/dating/flirtup/css/vegas.css HTTP/1.1\r\nHost: xrbpmr6tj.romanceswoman-romance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://xrbpmr6tj.romanceswoman-romance.com/gaw21lf\r\nCookie: sid=t6~jc5cw1tqkh2nc0lidfqzwtbg\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 30 Sep 2025 15:54:42 GMT\r\ncontent-type: text/css\r\ncontent-length: 19822\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"357c7befa8bdef911f02f48f49e10628\"\r\nlast-modified: Thu, 21 Nov 2024 08:28:09 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nvary: Origin, accept-encoding\r\nx-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8\r\nx-amz-request-id: 1866E97FEAC94E04\r\nx-content-type-options: nosniff\r\nx-ratelimit-limit: 2060\r\nx-ratelimit-remaining: 2060\r\nx-xss-protection: 1; mode=block\r\nx-amz-meta-mc-attrs: atime:1732028623#735073788/gid:0/gname:root/mode:33188/mtime:1732177690#137438117/uid:0/uname:root\r\nx-amz-meta-mm-source-mtime: 2024-11-21T08:28:10.182Z\r\nexpires: Sun, 20 Sep 2026 06:38:10 GMT\r\ncache-control: max-age=31536000, no-transform\r\naccept-ranges: bytes\r\nage: 897391\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QN8FvZ9zcrsgi3fsnv8A%2FP15aF5YzfTQua9Dq3Ny4Y6RClscHluPxNDNaRcFOZhOuco4b40D6H3HCOjkuXiOg3BM7k01DoB5vrI03O1z8ob8q54umvDYwhwP7RfOAt6DFw%3D%3D\"}]}\r\ncf-ray: 9874e67f1a15b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":19822,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"357c7befa8bdef911f02f48f49e10628","sha1":"47972e3c4591058dce82dd3b08bed8e0b8ae5c8f","sha256":"47f3bef4746b798892c7beff212618616b0950f33f416f03db243578f89135e3","sha512":"a7aac81c704949b79a988e76867fe18765cb7de65cb1f807b5b65bc9140bb76ddbcb32627917698e2e742defadaeac2cab718d8eb46f42aaebd28797040f354a","ssdeep":"192:Xz+OWMF/4yeKWfHVdBHlsQ0seq1jcBhveq1MtQqUFoo+oUaFEqaFEtRFEoRFEWyP:jzAyKew6ewm","tlshash":"d292af99f80759c492375a58e3da4a24d96ea49329127eecf3cd25cf0f7279c01c8ec6","first_seen":"2023-04-05T08:47:50Z","last_seen":"2026-02-01T00:37:34.896215Z","times_seen":3988,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-30","alert":"Sinkholed","trigger":"xrbpmr6tj.romanceswoman-romance.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}