{"report_id":"e8c31e1e-01be-4b55-ab81-942a63799956","version":6,"status":"done","tags":[],"date":"2025-12-07T21:20:17Z","url":{"schema":"http","addr":"sandraskenes.blog/join/117043?lang=sl","fqdn":"sandraskenes.blog","domain":"sandraskenes.blog","tld":"blog"},"ip":{"addr":"172.67.147.58","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"about","addr":"about:neterror?e=dnsNotFound\u0026u=https%3A//bgigdga.naughtymets.com/s/53a407a00f14b%3Fsubsource%3Dgd\u0026c=UTF-8\u0026d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20bgigdga.naughtymets.com.","fqdn":"","domain":"","tld":""},"title":"Server Not Found","dom":{"size":7952,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (500)","md5":"47711e7b970499278c7ac1505cd17ab0","sha1":"a4581ffbc5e4f9fb241433235356dbccac42d6b3","sha256":"7c0a53187a3526a22744d423e13471908ef2157a7560f3ba28226271dc566941","sha512":"792e78fd5425e31257cdc90e8ebab6acc8fc950d6fadd47fa0f92d83b635a8cdba2256be42e4529d861b8a9ab22312c93d43d234d4192de725d25ffd9234ee74","ssdeep":"96:rIPfVVKtARPy48S8k45USz+45RaIkata89+RzydNAIl9+kex8KdRonI7B1g/M:rIl4eRPyfS8LUSZRa2b9wm7I98IT","tlshash":"50f162a862fa0d2b819386e938db7409bd01d297d35c24e5bf6d45f10fc7d61980f19b","dom_hash":"domhashc59d69afccb598c37df8c553a509577e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"sandraskenes.blog/join/117043?lang=sl","fqdn":"sandraskenes.blog","domain":"sandraskenes.blog","tld":"blog"},"ip":{"addr":"172.67.147.58","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-11T21:20:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"bgigdga.naughtymets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"bgigdga.naughtymets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"bgigdga.naughtymets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"d3apmr8.nowmeetsdreampartner.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"d3apmr8.nowmeetsdreampartner.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"zariftenbus.com","ip":{"addr":"91.107.152.144","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2025-11-21","domain_rank":0,"first_seen":"2025-11-22T22:58:03.553339Z","last_seen":"2025-11-22T22:58:03.553339Z","alert_count":0,"request_count":1,"received_data":506,"sent_data":527,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"bgigdga.naughtymets.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2020-12-25","domain_rank":0,"first_seen":"2023-03-02T20:06:28Z","last_seen":"2025-12-05T19:28:56.095668Z","alert_count":3,"request_count":1,"received_data":0,"sent_data":520,"comment":"","tags":null,"fingerprints":null},{"fqdn":"a.mrktmtrcs.net","ip":{"addr":"104.26.14.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-04","domain_rank":57910,"first_seen":"2025-07-09T09:09:08.6334Z","last_seen":"2025-12-07T20:10:02.363094Z","alert_count":0,"request_count":1,"received_data":451,"sent_data":460,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"d3apmr8.nowmeetsdreampartner.com","ip":{"addr":"172.67.203.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-03","domain_rank":0,"first_seen":"2025-11-07T10:29:20.848042Z","last_seen":"2025-12-01T10:05:55.966302Z","alert_count":2,"request_count":1,"received_data":758,"sent_data":575,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-30T22:16:05.472311Z","alert_count":0,"request_count":1,"received_data":433734,"sent_data":438,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"p.mrktmtrcs.net","ip":{"addr":"104.26.14.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-04-04","domain_rank":63178,"first_seen":"2025-05-16T05:58:44.985071Z","last_seen":"2025-12-07T20:10:02.507197Z","alert_count":0,"request_count":1,"received_data":40593,"sent_data":411,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"t.dtscout.com","ip":{"addr":"172.67.70.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2013-11-01","domain_rank":54823,"first_seen":"2017-01-30T04:52:42Z","last_seen":"2025-12-01T18:40:03.838464Z","alert_count":0,"request_count":3,"received_data":4233,"sent_data":1562,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"waust.at","ip":{"addr":"104.26.5.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":36042,"first_seen":"2016-01-28T18:24:33Z","last_seen":"2025-12-01T18:40:04.370797Z","alert_count":2,"request_count":1,"received_data":13932,"sent_data":403,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"sandraskenes.blog","ip":{"addr":"104.21.41.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":3830,"sent_data":965,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"sandraskenes.blog/join/117043?lang=sl","fqdn":"sandraskenes.blog","domain":"sandraskenes.blog","tld":"blog"},"ip":{"addr":"104.21.41.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5b6b86b219be7e0cc221ba49fed10430","sha1":"f40b013d053d93acdd433aeb885c8726b45693a5","sha256":"2c5fee05dbbc5461c593465e97210efd04edd181d6d766028863499bab9f47a5","sha512":"35245c77cbc4b211dfea8d0b84c8dc3e74bfd40344bd33b8df79f100ef6b1a28415e0227790670b45066c23cebfe589fefebf69039dd70dd8a40a24155fce2ec","ssdeep":"","tlshash":"11e0ab2ad8e7067c8ce93a841038c67530f874a8aab3e057620cc86cc639fc50c0caec","size":424,"data":"","first_seen":"2025-11-22T22:58:10.048017Z","last_seen":"2026-01-05T20:57:43.022593Z","times_seen":39,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waust.at/d.js","fqdn":"waust.at","domain":"waust.at","tld":"at"},"ip":{"addr":"104.26.5.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e5992534af71baf4983f6f7b82c5fcf7","sha1":"a233028f5d7ea0d20ddf00c03167d4ee3e4f21b7","sha256":"7c27802697a33c3f1b9cf7995f01c5d6caa544ce60e8828f16eb7eed8c878c58","sha512":"800422fe039555fd9e4db68cc43c1f6fdaf0a971c2bfda36e79f058ba95dff7760b5b7762c2cbd1b54a6174f4aeb9a2aaac8725ee14604bd586b4297eb91caba","ssdeep":"192:MXHLyjKsbIGO5tlR/enXJPc/6+Kkemh+cMUBX3Pma26GBmx0MVpd:M7yjKsbBnpi6+KtHcbnPma2ax0Ipd","tlshash":"57526ca12180209183d705a6266ffb587435793abb93a83ca09decf8731cf9d90c7b53","size":13202,"data":"","first_seen":"2025-11-29T00:57:52.500436Z","last_seen":"2026-05-14T11:06:53.003844Z","times_seen":1455,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-34N7QFM0SY","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"086494083e25fd91445b8a55987e131b","sha1":"5ee01e021cb3a9546bc235f0264ffb5722c968d4","sha256":"03ef7cd238dea35716e6d50f6e7482c9de24c94198300d5dac4bbdc548579fe0","sha512":"dd4cd187881c31a21476286b8af451f4f8959369bdd8f955a5689edf130ce230f1b257b77bdd8099f71b19a2fcbe21ca2d7e78668618a5d941876196e0006796","ssdeep":"6144:s67WItw+WSayqmVDD5U6k/bbqt3L3cFCN7w31vxGh12cKR:BPtmSwmVDR3cFj1xZ","tlshash":"e69419ce73d674225396f078502f018ba57b28a2b45cc896f1c9cde42e74a9a4277f7c","size":433130,"data":"","first_seen":"2025-12-07T14:51:38.319885Z","last_seen":"2025-12-07T21:20:22.365057Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p.mrktmtrcs.net/mm.js","fqdn":"p.mrktmtrcs.net","domain":"mrktmtrcs.net","tld":"net"},"ip":{"addr":"104.26.14.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67cda29c6b95cb5eb8c4960490502a19","sha1":"ac6700bfe19f0580cccf51bddf2a7310d31a833c","sha256":"6ed6986bfeafe3a3bab8174b435e96c3ca8e216c3c7941b20c3e4984087f9e0b","sha512":"c5d6bdfb04022d8f3ff82c95c1c938a3aec4246a9fefc40a2e96b12e42295fe8d578c983b399ca86493f3481b113f685d27e20e2cd19000efab176a6b7ab578f","ssdeep":"768:Iudg8MPdH/EeIO5V1gPk5Te1pCeKSreGdRY8ZqM0wTo:IHEelgvZnAVQo","tlshash":"9403192ee3a2761003abf19dd90b50003e35541bea41f8a4bdecb581ff958a512bf7b5","size":39952,"data":"","first_seen":"2025-07-17T20:43:49.34962Z","last_seen":"2026-05-14T13:26:49.351134Z","times_seen":3025,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"sandraskenes.blog/favicon.ico","fqdn":"sandraskenes.blog","domain":"sandraskenes.blog","tld":"blog"},"ip":{"addr":"104.21.41.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sandraskenes.blog/join/117043?lang=sl","date":"2025-12-07T21:19:56.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sandraskenes.blog","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 08:10:55 GMT","end":"Fri, 06 Mar 2026 08:44:05 GMT"},"fingerprint":{"sha1":"34:4F:99:DD:A0:71:3A:3D:04:41:52:6C:FA:B8:45:34:3F:20:55:5A","sha256":"90:40:ED:29:1C:3E:63:29:91:F0:83:B4:68:C1:A1:9F:09:FA:C5:FB:9C:A8:CF:C3:88:76:99:DB:6D:E1:23:E0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sandraskenes.blog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sandraskenes.blog/join/117043?lang=sl\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 07 Dec 2025 21:19:56 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.2.29\r\npriority: u=6,i=?0\r\nage: 6120\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nlast-modified: Sun, 07 Dec 2025 19:37:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ym54tNLq5gH6CQxDHi2kHkliEu8Uqqh%2BS%2FiZIHrCmM%2BLLr%2BI3bonkVx6dx9WLpXDf3Akb%2FbBrTycrzXqwqsL3PlD4dPTv9WSjx2EbU4qtg%3D%3D\"}]}\r\ncf-ray: 9aa710680843568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1268,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1268), with no line terminators","md5":"3d13e38aecea8f70c39de932b38158ac","sha1":"822262384dbbcaff353b9d4bf8539c1bbbf2420c","sha256":"31caa73cf84fdb1abe885129c4b085fffd8b29986a992ad69f3c22c955e11d6e","sha512":"b35c8cd8f4b826e68abfbe73ae7b9eaa247a73d07b554fafbdaf08a8f9a70ae45bcdcbc6ffa36118b764fe243da91c6eebd7c61468a1f9851c31773defa9d556","ssdeep":"","tlshash":"d2213f1ebd9bc4794ee56a818139e26d70b4726cc9b2e89154ec8838932cfce4d08ccc","first_seen":"2025-12-05T18:52:52.095406Z","last_seen":"2025-12-28T21:17:10.296734Z","times_seen":17,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"p.mrktmtrcs.net/mm.js","fqdn":"p.mrktmtrcs.net","domain":"mrktmtrcs.net","tld":"net"},"ip":{"addr":"104.26.14.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sandraskenes.blog/join/117043?lang=sl","date":"2025-12-07T21:19:56.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mrktmtrcs.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 21:25:16 GMT","end":"Tue, 24 Feb 2026 22:25:15 GMT"},"fingerprint":{"sha1":"B1:B8:C8:FB:D8:BE:16:F2:FB:48:B3:17:B3:16:C6:A6:D3:7C:6B:5D","sha256":"58:4E:5B:73:64:D3:A0:B0:A4:BA:45:97:C8:DB:73:B2:47:3A:B6:A3:8B:B5:21:4A:41:5D:DF:62:81:07:80:F8"}}},"request":{"raw":"GET /mm.js HTTP/1.1\r\nHost: p.mrktmtrcs.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sandraskenes.blog/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 21:19:56 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Wed, 21 May 2025 20:03:03 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4rfdLT8fOMFcwn%2BLfE7a2giY1%2BB%2FWKK9hK7pqtw39H08esrkkeRJzlXrQyF%2F33oemTplmUEWGJAmpCyp4XkZRC9iJ%2ByoMLC1tsszBA%3D%3D\"}]}\r\nage: 458\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"682e3177-9c10\"\r\ncontent-encoding: br\r\ncf-ray: 9aa71068ff090b55-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39952,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (30767)","md5":"67cda29c6b95cb5eb8c4960490502a19","sha1":"ac6700bfe19f0580cccf51bddf2a7310d31a833c","sha256":"6ed6986bfeafe3a3bab8174b435e96c3ca8e216c3c7941b20c3e4984087f9e0b","sha512":"c5d6bdfb04022d8f3ff82c95c1c938a3aec4246a9fefc40a2e96b12e42295fe8d578c983b399ca86493f3481b113f685d27e20e2cd19000efab176a6b7ab578f","ssdeep":"768:Iudg8MPdH/EeIO5V1gPk5Te1pCeKSreGdRY8ZqM0wTo:IHEelgvZnAVQo","tlshash":"9403192ee3a2761003abf19dd90b50003e35541bea41f8a4bdecb581ff958a512bf7b5","first_seen":"2025-07-17T20:43:49.34962Z","last_seen":"2026-05-14T13:26:49.351134Z","times_seen":3025,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":32,"dns":8,"connect":1,"send":0,"wait":8,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.dtscout.com/pv/?_a=v\u0026_h=sandraskenes.blog\u0026_ss=2owzh7g9u4\u0026_pv=1\u0026_ls=0\u0026_u1=1\u0026_u3=1\u0026_cc=no\u0026_pl=d\u0026_cbid=5uiy\u0026_cb=_dtspv.c","fqdn":"t.dtscout.com","domain":"dtscout.com","tld":"com"},"ip":{"addr":"172.67.70.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sandraskenes.blog/join/117043?lang=sl","date":"2025-12-07T21:19:56.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dtscout.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 14:52:24 GMT","end":"Tue, 27 Jan 2026 15:52:11 GMT"},"fingerprint":{"sha1":"55:7B:E0:68:13:20:30:7F:FF:16:1D:2C:C4:02:9B:46:5B:24:24:5F","sha256":"F6:CA:72:AB:FD:E5:73:70:51:1F:1D:2B:5F:83:61:EA:B1:1A:A1:96:38:39:3E:41:88:5B:F9:EE:BC:F6:D1:03"}}},"request":{"raw":"GET /pv/?_a=v\u0026_h=sandraskenes.blog\u0026_ss=2owzh7g9u4\u0026_pv=1\u0026_ls=0\u0026_u1=1\u0026_u3=1\u0026_cc=no\u0026_pl=d\u0026_cbid=5uiy\u0026_cb=_dtspv.c HTTP/1.1\r\nHost: t.dtscout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sandraskenes.blog/\r\nCookie: df=1765142396\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 21:19:56 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-t: 0.254\r\nx-c: 0\r\nexpires: Sun, 07 Dec 2025 21:19:55 GMT\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s%2BqqZ54kWI%2BNpw35RM5FbZ08yvapNRMaEZXvokELcJFjhuvaRDTDlMamwRpAB8dyfqWtMD2j6jJ2IhT8EGSEzplrkWecKTnp0Dw%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9aa71068ba455694-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":52,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with no line terminators","md5":"2f6e8456d528187796a0704567452f1c","sha1":"a0cdb4238ae5c3a646a7014500c4c2783ac729b6","sha256":"d10693f15650e658a673ee9df5f26cd001f58dce61c3325eb0d8906c339e5779","sha512":"e872e21221d4445c872a7bc761789142fe5b1295c7fe0d91152fe1222e3c972df5d78a770374c17d877148ca83b63c291ddb82679b521853c89f53d18202b4a2","ssdeep":"","tlshash":"ea90021875e184212ac9d741115713844171039025c051958432556421497809a5f9b9","first_seen":"2025-12-07T21:20:22.357476Z","last_seen":"2025-12-07T21:20:22.357476Z","times_seen":1,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sandraskenes.blog/join/117043?lang=sl","fqdn":"sandraskenes.blog","domain":"sandraskenes.blog","tld":"blog"},"ip":{"addr":"104.21.41.126","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-07T21:19:55.409Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sandraskenes.blog","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 08:10:55 GMT","end":"Fri, 06 Mar 2026 08:44:05 GMT"},"fingerprint":{"sha1":"34:4F:99:DD:A0:71:3A:3D:04:41:52:6C:FA:B8:45:34:3F:20:55:5A","sha256":"90:40:ED:29:1C:3E:63:29:91:F0:83:B4:68:C1:A1:9F:09:FA:C5:FB:9C:A8:CF:C3:88:76:99:DB:6D:E1:23:E0"}}},"request":{"raw":"GET /join/117043?lang=sl HTTP/1.1\r\nHost: sandraskenes.blog\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 21:19:55 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.2.29\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=61YjvLzdUDyIBFp7WUXDI2oibjrhMF%2FaRXM0qMouTByoZIEyXlqeMJMPAYfn0Fg6esc2tXlRH1TRcAo7JGVaY9DuxC8HdKyJEq1LhGR%2FaQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9aa710636c2c56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.2.29","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":1268,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1268), with no line terminators","md5":"3d13e38aecea8f70c39de932b38158ac","sha1":"822262384dbbcaff353b9d4bf8539c1bbbf2420c","sha256":"31caa73cf84fdb1abe885129c4b085fffd8b29986a992ad69f3c22c955e11d6e","sha512":"b35c8cd8f4b826e68abfbe73ae7b9eaa247a73d07b554fafbdaf08a8f9a70ae45bcdcbc6ffa36118b764fe243da91c6eebd7c61468a1f9851c31773defa9d556","ssdeep":"","tlshash":"d2213f1ebd9bc4794ee56a818139e26d70b4726cc9b2e89154ec8838932cfce4d08ccc","first_seen":"2025-12-05T18:52:52.095406Z","last_seen":"2025-12-28T21:17:10.296734Z","times_seen":17,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":155,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"zariftenbus.com/zs72wG","fqdn":"zariftenbus.com","domain":"zariftenbus.com","tld":"com"},"ip":{"addr":"91.107.152.144","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-07T21:19:56.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"zariftenbus.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Dec 2025 15:59:02 GMT","end":"Mon, 02 Mar 2026 15:59:01 GMT"},"fingerprint":{"sha1":"71:0C:2A:D7:CB:5B:81:19:0F:CB:6C:04:C3:63:3F:73:57:8E:96:4B","sha256":"F9:2E:78:2D:FA:9E:16:9E:D1:B4:AD:15:8E:84:7F:44:71:51:46:1B:A6:24:F0:D3:24:14:33:F3:10:F9:8C:0F"}}},"request":{"raw":"GET /zs72wG HTTP/1.1\r\nHost: zariftenbus.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sandraskenes.blog/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sun, 07 Dec 2025 21:19:56 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://d3apmr8.nowmeetsdreampartner.com/u739nlf?s1=keitaro\u0026cid=1sjos4f.4.6con\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Sun, 07 Dec 2025 21:19:56 GMT\r\nset-cookie: e3b0c4_4=26uknlr3sk0u97; expires=Mon, 08 Dec 2025 14:51:00 GMT; path=/; domain=zariftenbus.com; secure; httponly; samesite=none\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":297,"timings":{"blocked":128,"dns":62,"connect":25,"send":0,"wait":41,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.dtscout.com/pv/","fqdn":"t.dtscout.com","domain":"dtscout.com","tld":"com"},"ip":{"addr":"172.67.70.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://sandraskenes.blog/join/117043?lang=sl","date":"2025-12-07T21:19:56.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dtscout.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 14:52:24 GMT","end":"Tue, 27 Jan 2026 15:52:11 GMT"},"fingerprint":{"sha1":"55:7B:E0:68:13:20:30:7F:FF:16:1D:2C:C4:02:9B:46:5B:24:24:5F","sha256":"F6:CA:72:AB:FD:E5:73:70:51:1F:1D:2B:5F:83:61:EA:B1:1A:A1:96:38:39:3E:41:88:5B:F9:EE:BC:F6:D1:03"}}},"request":{"raw":"POST /pv/ HTTP/1.1\r\nHost: t.dtscout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: multipart/form-data; boundary=---------------------------63845791911638195503401072585\r\nContent-Length: 1186\r\nOrigin: https://sandraskenes.blog\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sandraskenes.blog/\r\nCookie: df=1765142396\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1186,"data":"-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_a\"\r\n\r\nu\r\n-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_h\"\r\n\r\nsandraskenes.blog\r\n-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_ss\"\r\n\r\n2owzh7g9u4\r\n-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_pv\"\r\n\r\n1\r\n-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_ls\"\r\n\r\n1\r\n-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_lp\"\r\n\r\n1\r\n-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_cc\"\r\n\r\nno\r\n-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_pl\"\r\n\r\nd\r\n-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_b\"\r\n\r\nfirefox@134\r\n-----------------------------63845791911638195503401072585\r\nContent-Disposition: form-data; name=\"_src\"\r\n\r\nb\r\n-----------------------------63845791911638195503401072585--\r\n"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 21:19:57 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-t: 0.088\r\nx-c: 0\r\nexpires: Sun, 07 Dec 2025 21:19:56 GMT\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qHebQEXy3H%2F6ZQ4P5E56vpNl8Z9T%2BSsyjlhkqbXeEnp3b50I3BqHU9Ca%2BofzP27EwU1Sx6XPqzh6uWFasj2MfG7BlkmMS7C49Zo%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9aa7106c3e0a5694-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waust.at/d.js","fqdn":"waust.at","domain":"waust.at","tld":"at"},"ip":{"addr":"104.26.5.7","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sandraskenes.blog/join/117043?lang=sl","date":"2025-12-07T21:19:55.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waust.at","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 17:56:52 GMT","end":"Thu, 15 Jan 2026 18:56:42 GMT"},"fingerprint":{"sha1":"D0:1C:48:C2:85:E7:70:B5:92:4E:44:F7:D2:C4:15:9A:33:43:58:F4","sha256":"82:9E:D2:CA:61:8C:47:66:66:E2:86:1F:A9:23:F7:BB:B0:62:3E:0C:6C:96:EA:60:DC:51:D9:97:87:8A:98:6B"}}},"request":{"raw":"GET /d.js HTTP/1.1\r\nHost: waust.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sandraskenes.blog/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 21:19:55 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Fri, 28 Nov 2025 22:34:09 GMT\r\netag: W/\"692a2361-3392\"\r\nexpires: Mon, 08 Dec 2025 21:18:37 GMT\r\ncache-control: max-age=86400\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 78\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q90ORgW4sgNt13YdlgDx3eLIP5vGbci92O1fekreSUFoZsnOC2ezMuHP0nfTV3%2B5VxGIjWacsbRQL%2FYe9xCrZoIbCTYEf7w%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9aa710663cfa32fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13202,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (13202), with no line terminators","md5":"e5992534af71baf4983f6f7b82c5fcf7","sha1":"a233028f5d7ea0d20ddf00c03167d4ee3e4f21b7","sha256":"7c27802697a33c3f1b9cf7995f01c5d6caa544ce60e8828f16eb7eed8c878c58","sha512":"800422fe039555fd9e4db68cc43c1f6fdaf0a971c2bfda36e79f058ba95dff7760b5b7762c2cbd1b54a6174f4aeb9a2aaac8725ee14604bd586b4297eb91caba","ssdeep":"192:MXHLyjKsbIGO5tlR/enXJPc/6+Kkemh+cMUBX3Pma26GBmx0MVpd:M7yjKsbBnpi6+KtHcbnPma2ax0Ipd","tlshash":"57526ca12180209183d705a6266ffb587435793abb93a83ca09decf8731cf9d90c7b53","first_seen":"2025-11-29T00:57:52.500436Z","last_seen":"2026-05-14T11:06:53.003844Z","times_seen":1455,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":13,"dns":3,"connect":1,"send":0,"wait":4,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"waust.at","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bgigdga.naughtymets.com/s/53a407a00f14b?subsource=gd","fqdn":"bgigdga.naughtymets.com","domain":"naughtymets.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-07T21:19:57.239Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /s/53a407a00f14b?subsource=gd HTTP/1.1\r\nHost: bgigdga.naughtymets.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"bgigdga.naughtymets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"bgigdga.naughtymets.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"bgigdga.naughtymets.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"a.mrktmtrcs.net/a","fqdn":"a.mrktmtrcs.net","domain":"mrktmtrcs.net","tld":"net"},"ip":{"addr":"104.26.14.100","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://sandraskenes.blog/join/117043?lang=sl","date":"2025-12-07T21:19:57.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mrktmtrcs.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 21:25:16 GMT","end":"Tue, 24 Feb 2026 22:25:15 GMT"},"fingerprint":{"sha1":"B1:B8:C8:FB:D8:BE:16:F2:FB:48:B3:17:B3:16:C6:A6:D3:7C:6B:5D","sha256":"58:4E:5B:73:64:D3:A0:B0:A4:BA:45:97:C8:DB:73:B2:47:3A:B6:A3:8B:B5:21:4A:41:5D:DF:62:81:07:80:F8"}}},"request":{"raw":"POST /a HTTP/1.1\r\nHost: a.mrktmtrcs.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 324\r\nOrigin: https://sandraskenes.blog\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sandraskenes.blog/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":324,"data":"{\"l\":{\"d\":\"sandraskenes.blog\",\"p\":\"/join/117043\",\"s\":\"lang=sl\",\"h\":\"\"},\"d\":{\"f\":\"d\",\"o\":\"windows\",\"ov\":\"10\",\"b\":\"firefox\",\"bv\":\"134\"},\"g\":\"en\",\"s\":\"8tiel5enk6.1765142396\",\"e\":[{\"t\":1,\"n\":\"u24\",\"c\":1},{\"t\":1,\"n\":\"u30\",\"c\":1},{\"t\":1,\"n\":\"ss\",\"c\":1},{\"t\":1,\"n\":\"pv\",\"c\":1},{\"t\":0,\"n\":\"pvl\",\"c\":0.928},{\"t\":0,\"n\":\"pvlc\",\"c\":1}]}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sun, 07 Dec 2025 21:19:57 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nDRYGLxX28RDDQL7yvY8VYDoWKX7sX3bhXLlzUJefxake4AkXNZOwWSoJvGWlQuoqWxHAhjKkJB1V4d0eSqarajDJolgQ8Xsp%2FIrIw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9aa7106f6c380b55-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d3apmr8.nowmeetsdreampartner.com/u739nlf?s1=keitaro\u0026cid=1sjos4f.4.6con","fqdn":"d3apmr8.nowmeetsdreampartner.com","domain":"nowmeetsdreampartner.com","tld":"com"},"ip":{"addr":"172.67.203.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-07T21:19:57.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"nowmeetsdreampartner.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 29 Nov 2025 20:11:56 GMT","end":"Fri, 27 Feb 2026 21:10:30 GMT"},"fingerprint":{"sha1":"9B:B1:1D:35:13:2B:C5:06:4F:98:AE:1C:31:E5:D5:EB:DD:DA:B8:66","sha256":"DB:B8:E4:4E:36:A2:FE:11:D6:6F:F5:92:C8:35:27:06:1F:4B:B1:93:28:A7:76:55:1B:A0:B2:32:FD:C5:FD:12"}}},"request":{"raw":"GET /u739nlf?s1=keitaro\u0026cid=1sjos4f.4.6con HTTP/1.1\r\nHost: d3apmr8.nowmeetsdreampartner.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sandraskenes.blog/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 07 Dec 2025 21:19:57 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 177\r\nlocation: https://bgigdga.naughtymets.com/s/53a407a00f14b?subsource=gd\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: private, no-transform\r\nset-cookie: sid=t3~iilhf5ws2ib2lbit1v2ixb5r; path=/\r\nreferrer-policy: no-referrer\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QERoHjiTEpqCOF6klGVs7vqvAFgfcy9%2Bhdq3USqqJW91tUejoeBD0flRKOid4K1bX6ZcmSbwN2E%2BsSvUf3GgKkFR3cEFA98dIy7TGgs41vxpa46XvUBzD5MwG%2BkFag%3D%3D\"}]}\r\ncf-ray: 9aa7106d78155693-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-14T14:59:10.506438Z","times_seen":15171651,"resource_available":true,"data":null}},"time_used":247,"timings":{"blocked":24,"dns":6,"connect":1,"send":0,"wait":198,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"d3apmr8.nowmeetsdreampartner.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-07","alert":"Sinkholed","trigger":"d3apmr8.nowmeetsdreampartner.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-34N7QFM0SY","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sandraskenes.blog/join/117043?lang=sl","date":"2025-12-07T21:19:55.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:43 GMT","end":"Mon, 19 Jan 2026 08:33:42 GMT"},"fingerprint":{"sha1":"4E:9E:D1:61:E4:7D:C2:8A:B6:AD:D2:31:C7:07:01:E4:DB:A0:A7:A9","sha256":"C5:DD:D4:CA:97:B7:B5:8C:B4:99:E8:56:30:AC:1B:F0:FD:7C:5A:FD:19:ED:13:D0:27:D6:0B:76:C7:C7:A0:66"}}},"request":{"raw":"GET /gtag/js?id=G-34N7QFM0SY HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sandraskenes.blog/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 07 Dec 2025 21:19:55 GMT\r\nexpires: Sun, 07 Dec 2025 21:19:55 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 143460\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":433130,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"086494083e25fd91445b8a55987e131b","sha1":"5ee01e021cb3a9546bc235f0264ffb5722c968d4","sha256":"03ef7cd238dea35716e6d50f6e7482c9de24c94198300d5dac4bbdc548579fe0","sha512":"dd4cd187881c31a21476286b8af451f4f8959369bdd8f955a5689edf130ce230f1b257b77bdd8099f71b19a2fcbe21ca2d7e78668618a5d941876196e0006796","ssdeep":"6144:s67WItw+WSayqmVDD5U6k/bbqt3L3cFCN7w31vxGh12cKR:BPtmSwmVDR3cFj1xZ","tlshash":"e69419ce73d674225396f078502f018ba57b28a2b45cc896f1c9cde42e74a9a4277f7c","first_seen":"2025-12-07T14:51:38.319885Z","last_seen":"2025-12-07T21:20:22.365057Z","times_seen":3,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":88,"dns":1,"connect":21,"send":0,"wait":38,"receive":59,"ssl":70},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"t.dtscout.com/i/?l=https%3A%2F%2Fsandraskenes.blog%2Fjoin%2F117043%3Flang%3Dsl\u0026j=\u0026wk=systemweb","fqdn":"t.dtscout.com","domain":"dtscout.com","tld":"com"},"ip":{"addr":"172.67.70.180","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://sandraskenes.blog/join/117043?lang=sl","date":"2025-12-07T21:19:55.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dtscout.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 29 Oct 2025 14:52:24 GMT","end":"Tue, 27 Jan 2026 15:52:11 GMT"},"fingerprint":{"sha1":"55:7B:E0:68:13:20:30:7F:FF:16:1D:2C:C4:02:9B:46:5B:24:24:5F","sha256":"F6:CA:72:AB:FD:E5:73:70:51:1F:1D:2B:5F:83:61:EA:B1:1A:A1:96:38:39:3E:41:88:5B:F9:EE:BC:F6:D1:03"}}},"request":{"raw":"GET /i/?l=https%3A%2F%2Fsandraskenes.blog%2Fjoin%2F117043%3Flang%3Dsl\u0026j=\u0026wk=systemweb HTTP/1.1\r\nHost: t.dtscout.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sandraskenes.blog/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 07 Dec 2025 21:19:56 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-s: mtl2\r\nset-cookie: df=1765142396; Domain=dtscout.com; Expires=Tue, 17-Mar-2026 21:19:56 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure\r\nx-t: 0.485\r\nexpires: Sun, 07 Dec 2025 21:19:55 GMT\r\ncache-control: no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fOLsedm3TEUFnfznhR7XIt3LR3%2FMUL5fVUZId4UgjsunIv1DkUckHfrhuJqDXcHUBfVvjeMhrYDgfPsgITIHKFioPxWjKVuYfrI%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9aa71066bfdf5694-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2292,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2077)","md5":"8450c234da2df92a0c33a47c5aabf6e6","sha1":"0ea50308805f927f1e9ce37a96d44f27e01cdf8e","sha256":"c67ad82f6fe5a742115d0d041e403c18df8da6486fa0dd5fc785d4bb58458ac9","sha512":"1ea70b0b047651af5f5496bdbfac4574dad62bef73132ad667c194c375382c36ea62c24f37a4c2882d6e644846f5b866720a8b33cad3e4e650fa6b9fa0331de8","ssdeep":"","tlshash":"1f41880bb5e5347803e2006965ff635fb5330928bc5784c08596dc04fd749fad1b6eaa","first_seen":"2025-11-28T22:59:20.195769Z","last_seen":"2026-05-14T13:26:49.32102Z","times_seen":2967,"resource_available":true,"data":null}},"time_used":318,"timings":{"blocked":24,"dns":6,"connect":1,"send":0,"wait":269,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}