{"report_id":"f3d54e62-ec87-4eca-afcd-dbcdacaf67c7","version":6,"status":"done","tags":[],"date":"2025-10-15T00:00:49Z","url":{"schema":"http","addr":"elmnp.ir/e7NIg","fqdn":"elmnp.ir","domain":"elmnp.ir","tld":"ir"},"ip":{"addr":"95.216.92.194","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"final":{"url":{"schema":"https","addr":"spicybelleqou.com/?a=575023\u0026adb=0\u0026cr=71394\u0026lid=11059\u0026mh=Z29VZ3N6UmFjelZ2d1NLbW9DR2tscWdReW1OR0xsY2JXYnVyZS0zNTc4NA%3D%3D\u0026mmid=2422\u0026p=0\u0026rf=\u0026rn=zc4YotqUys4WmdmVEhG\u0026s2=1sjos4f3has\u0026t=2","fqdn":"spicybelleqou.com","domain":"spicybelleqou.com","tld":"com"},"title":"The most popular dating site of this month"},"submit":{"url":{"schema":"http","addr":"elmnp.ir/e7NIg","fqdn":"elmnp.ir","domain":"elmnp.ir","tld":"ir"},"ip":{"addr":"95.216.92.194","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-19T00:00:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"moolust.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"46.105.78.43","ip":{"addr":"46.105.78.43","port":80,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":15582,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-12T22:12:25.402635Z","alert_count":0,"request_count":1,"received_data":19615,"sent_data":561,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adultgirll.com","ip":{"addr":"45.76.38.70","port":443,"asn":20473,"as":"AS-VULTR","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-09-16","domain_rank":218575,"first_seen":"2024-10-25T15:36:52Z","last_seen":"2025-10-14T01:00:35.048799Z","alert_count":0,"request_count":2,"received_data":75877,"sent_data":958,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"elmnp.ir","ip":{"addr":"95.216.92.194","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-09-10T02:40:46.679767Z","last_seen":"2025-09-10T02:40:46.679767Z","alert_count":0,"request_count":1,"received_data":15294,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-12T22:12:24.910527Z","alert_count":0,"request_count":1,"received_data":2552,"sent_data":463,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-10-12T22:16:17.088796Z","alert_count":0,"request_count":1,"received_data":87518,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"spicybelleqou.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-09-22","domain_rank":4614400,"first_seen":"2023-11-01T00:06:11Z","last_seen":"2025-10-04T08:23:14.700065Z","alert_count":0,"request_count":3,"received_data":27672,"sent_data":2332,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"moolust.com","ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-08-19","domain_rank":0,"first_seen":"2025-08-23T18:26:30.349884Z","last_seen":"2025-09-10T02:40:47.056618Z","alert_count":1,"request_count":1,"received_data":15278,"sent_data":426,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-10-12T22:16:17.945241Z","alert_count":0,"request_count":1,"received_data":6468,"sent_data":442,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"spicybelleqou.com/p.js?a=575023\u0026adb=0\u0026cr=71394\u0026lid=11059\u0026mh=Z29VZ3N6UmFjelZ2d1NLbW9DR2tscWdReW1OR0xsY2JXYnVyZS0zNTc4NA%3D%3D\u0026mmid=2422\u0026p=0\u0026rf=\u0026rn=zc4YotqUys4WmdmVEhG\u0026s2=1sjos4f3has\u0026t=2","fqdn":"spicybelleqou.com","domain":"spicybelleqou.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b7ad0fdbf93fe6aa7f39a9a031d2acad","sha1":"b3ff944d1e04bca5a6421b319cb68d7ae5f79333","sha256":"aa47b5b6eb35ce4fd29a47adb24d836d432fb93fcb5e47409a11d3c86d83d19e","sha512":"055cf3a6bb867ecc51e16e9f5af6b63f84197c98f7840d32672991822f4be00f67d88ae1645d28ff6656666b34372980acd659956072ee0285726b9d2549795d","ssdeep":"","tlshash":"d9e02b9e28b0043507b3b1718f3f49102137114f204b95067cfc13411f9060e8246d84","size":416,"data":"","first_seen":"2025-10-15T00:00:55.238239Z","last_seen":"2025-10-15T00:00:55.238239Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","fqdn":"spicybelleqou.com","domain":"spicybelleqou.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"363088479e7730d5377e09d1a5d0c6f3","sha1":"cdf5fe3296ffe73bf84f23e0c52fed98a0667fa5","sha256":"ae7ff182d662015dafe5436d69052ea304c59fbb9208e1f2cea0e099f64e1def","sha512":"e841ffdd17ac3d7d2a710758e3839b1c84760f895b42a2fced53f339443ae693a6f5c2e891096cfbf8e9d8c807ed22c6ba55ce4434d191ba758792fe4aa6029e","ssdeep":"","tlshash":"9e4191083081a8f614b730f11c1beed8153dbea2840f4809a899e4b86cbded9a036f16","size":2245,"data":"","first_seen":"2025-05-28T12:06:32.741263Z","last_seen":"2026-02-01T05:05:09.136239Z","times_seen":92,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.3.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-05T14:49:49.577901Z","times_seen":118388,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","fqdn":"spicybelleqou.com","domain":"spicybelleqou.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6085970a330964327dd771d123cebae2","sha1":"e10f57350793c0f2e6bb56066eaa96d29f09c2d4","sha256":"e24c01016fff0f211697f41f4e8155db04e9890af102b2cbc485e71f5156f3c6","sha512":"3b9085961508b16ce28a1ad5d76669f253e0f894455cd490972536ab65bd0003997525c2f099f1d67a3ab4711b50c7a70c7bb96e1ce85d5419bdf2b52a724673","ssdeep":"","tlshash":"bdd0953e40d8dde60ef66114cd79010c71138443655f321cbeed14629f44511c5c8d19","size":260,"data":"","first_seen":"2025-10-15T00:00:55.25951Z","last_seen":"2025-10-15T00:00:55.25951Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"60669862b7c39ecb3283b1faa9563a07","sha1":"f9b1d545cf4c85ddda753ff9609ede569d92b31f","sha256":"874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea","sha512":"1512c8379b8fa49935ed1bfc6a3d2f3a97f892c947c51ad07b1c227078e8a253e05aed187658c14bb242914f1042d523dfe7292d2f087077513337d7391c9a50","ssdeep":"96:3DU0gNYNpGxM7B2PswfNVRL2evyKSCjoFxVb1Gbe7BP+OpqC5URolicTejU+5UZE:zpNiM7B1wV20jSCcFXbcbe7B7qC5U2iT","tlshash":"3ec1ef483deba15b91a3b0f89b5f5145b238810b101dee543e9c87e6af6093c26f1fd8","size":5674,"data":"","first_seen":"2023-03-07T01:06:47Z","last_seen":"2026-04-05T12:58:32.897578Z","times_seen":2193,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","fqdn":"spicybelleqou.com","domain":"spicybelleqou.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"a55bc61bb8cabacdc353356d20217fb1","sha1":"ecf7f3fc124c625be7890bb4536b6f89d4d76786","sha256":"a4a9b568a83a7f91eeed94a7c6587bb5d3bdf73d515d40c4402460dc046ab7a6","sha512":"1a4a80c29ca2501d6878ba3ab34407d4141b87f2f8eba3714f9331c33632355641a8e65f3c710cd79cb050c27f410acb3274df3a3b52e08da87cf7ed46f4b43f","ssdeep":"","tlshash":"898004d530c350345753135400571dc45434c47014544d44c440d4513c550345115c5c","size":38,"data":"","first_seen":"2023-04-11T21:09:18Z","last_seen":"2026-04-05T14:48:47.501072Z","times_seen":10329,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"elmnp.ir/e7NIg","fqdn":"elmnp.ir","domain":"elmnp.ir","tld":"ir"},"ip":{"addr":"95.216.92.194","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Finland","country_code":"FI"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T00:00:27.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elmnp.ir","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 23 Sep 2025 00:51:07 GMT","end":"Mon, 22 Dec 2025 00:51:06 GMT"},"fingerprint":{"sha1":"89:22:A3:F5:82:FF:03:ED:39:55:39:96:F7:5D:2B:2C:67:46:BB:45","sha256":"6E:00:19:55:C8:F3:24:C0:EB:9D:A4:6C:C9:B8:F4:17:6D:66:F9:54:C9:80:24:B0:8C:C1:E5:F7:F3:73:86:43"}}},"request":{"raw":"GET /e7NIg HTTP/1.1\r\nHost: elmnp.ir\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=d0ebdd7d38d82fd52b814edac2fd2887; path=/; secure\nshort_e7NIg=1; expires=Wed, 15-Oct-2025 00:30:27 GMT; Max-Age=1800; path=/; HttpOnly; secure\r\nlocation: http://moolust.com/index.php?do=elmnp.ir?C3jpzcAx\r\nvary: Accept-Encoding\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: gzip\r\ndate: Wed, 15 Oct 2025 00:00:27 GMT\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":14604,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":389,"timings":{"blocked":170,"dns":135,"connect":14,"send":0,"wait":49,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"46.105.78.43/dating1?source=moolust.com\u0026sub_id_1=elmnp.ir?C3jpzcAx","fqdn":"46.105.78.43","domain":"46.105.78.43","tld":""},"ip":{"addr":"46.105.78.43","port":80,"asn":16276,"as":"OVH SAS","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T00:00:28.206Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /dating1?source=moolust.com\u0026sub_id_1=elmnp.ir?C3jpzcAx HTTP/1.1\r\nHost: 46.105.78.43\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Wed, 15 Oct 2025 00:00:28 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0\r\nExpires: 0\r\nLast-Modified: Wed, 15 Oct 2025 00:00:28 GMT\r\nLocation: https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has\r\nPragma: no-cache\r\nSet-Cookie: _subid=1sjos4f3has;Expires=Saturday, 15-Nov-2025 00:00:28 GMT;Max-Age=2678400;Path=/\n_token=uuid_1sjos4f3has_1sjos4f3has68eee41c3c4c16.04219625;Expires=Saturday, 15-Nov-2025 00:00:28 GMT;Max-Age=2678400;Path=/\nb4130=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUxXCI6MTc2MDQ4NjQyOH0sXCJjYW1wYWlnbnNcIjp7XCIyXCI6MTc2MDQ4NjQyOH0sXCJ0aW1lXCI6MTc2MDQ4NjQyOH0ifQ.Rol7a6HO7BLa-BqtIPv04Ps6o1BTifCW4BhmDwxAZNY;Expires=Wednesday, 30-Jul-2081 00:00:56 GMT;Max-Age=1760572828;Path=/\r\nVary: Accept-Encoding\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14604,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":23,"dns":0,"connect":23,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Montserrat\u0026subset=latin-ext","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","date":"2025-10-15T00:00:28.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css?family=Montserrat\u0026subset=latin-ext HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://spicybelleqou.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 15 Oct 2025 00:00:29 GMT\r\ndate: Wed, 15 Oct 2025 00:00:29 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1866,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"bd8eb785552dd14048bc05a0caeb4e53","sha1":"2e4baf02179f4413cba26cab547282e82d40ea0c","sha256":"3e4fc43d2973ddc920952f6c69750e388386b105591ae0867b600561ab37a2af","sha512":"8108e1541230f771d159544bc4cb927706064f6e6423b17aecee27ccdd236eed61d950672ccc92fba4b8cc5eee479692b98aa3970e1f52168e8b96cd952ab0ba","ssdeep":"","tlshash":"26319b411216e900a7431cca23ce7d26ce8e626275a0c47abffd5ca8ade5c261735b6d","first_seen":"2025-09-05T00:54:05.746777Z","last_seen":"2026-04-05T14:53:50.274856Z","times_seen":14479,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":180,"dns":1,"connect":20,"send":0,"wait":35,"receive":0,"ssl":164},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.3.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.2.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","date":"2025-10-15T00:00:28.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.3.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://spicybelleqou.com/\r\nOrigin: https://spicybelleqou.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1538f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 15 Oct 2025 00:00:28 GMT\r\nage: 2473946\r\nx-served-by: cache-lga13622-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 65, 15743\r\nx-timer: S1760486429.992264,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30288\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86927,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-05T14:49:49.577901Z","times_seen":118388,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":62,"dns":1,"connect":26,"send":0,"wait":26,"receive":9,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","date":"2025-10-15T00:00:29.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/montserrat/v31/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://spicybelleqou.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18780\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:50:35 GMT\r\nexpires: Fri, 09 Oct 2026 11:50:35 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:09:31 GMT\r\ncontent-type: font/woff2\r\nage: 475794\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18780,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18780, version 1.0","md5":"e7198b2dcb57c0193b0e9765353994ba","sha1":"6e2658ad73dda183d4fa2979809a73a0c29d21c9","sha256":"e66bcd2761ab6924b25ce70dafe10e57a39193c4fea1516730bd9cb5240af6c8","sha512":"01054290f69d0e4232687f67e5d2522f186f87fe833bd1b13016d0e79a1159c49e767a5c6e9c61f9b3fea0c27df2194011bf46d6f6c1ee46d1f4313ac1950f9c","ssdeep":"384:pJOL4DxNfzRV4g4Miv8HlK3z114ow92D4bH7CxPhdWS6UJ836u8K+ylyr:p5P8Mq8Hlqo92D4vOPhdWSL+qu8Kqr","tlshash":"ef82d0ec209846f9fc0a6e97dfc49bd522430cbd87166e3093ab0dc84b875a4d667693","first_seen":"2025-09-05T00:54:05.741935Z","last_seen":"2026-04-05T14:53:50.277921Z","times_seen":28782,"resource_available":false,"data":null}},"time_used":147,"timings":{"blocked":68,"dns":1,"connect":7,"send":0,"wait":8,"receive":2,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"spicybelleqou.com/favicon.ico","fqdn":"spicybelleqou.com","domain":"spicybelleqou.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","date":"2025-10-15T00:00:29.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spicybelleqou.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Oct 2025 08:32:42 GMT","end":"Thu, 08 Jan 2026 09:31:11 GMT"},"fingerprint":{"sha1":"23:AB:04:30:FA:40:A5:46:AA:EC:64:B6:38:9F:8A:DC:9A:68:82:B2","sha256":"BE:02:51:49:76:8B:BD:75:FC:91:F5:B9:D3:1D:22:B5:84:5F:20:E2:F0:7B:1D:DE:E6:99:05:6B:FA:41:F7:E0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: spicybelleqou.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTM2NzI0bQAAAApwbFpMZ09xTE53bQAAAANoaWRtAAAAJWdvVWdzelJhY3pWdndTS21vQ0drbHFnUXltTkdMbGNiV2J1cmVtAAAAAmhsYQFtAAAABXN1Yl8xZAADbmlsbQAAAAVzdWJfMm0AAAALMXNqb3M0ZjNoYXNtAAAAB3RyYWNrZXJtAAAAATJtAAAAA3VucW0AAAAMVkFob1B5WGJQYUNq.zkaN_FfuCIup4PnxXRcQYkFMfWzhNl-8IyKWyupDn5c\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 00:00:29 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\ncache-control: max-age=1800\r\ncf-cache-status: MISS\r\nlast-modified: Wed, 15 Oct 2025 00:00:29 GMT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LsihKRPYGVQapjDmcEyKYssIzqcUYj6iIo0b7fskTd0RJyTGKA7OqqNxOLuXXeAjS9DKXDCXzDJeMZQYY1nWaoURXSpVAbNCT5zC1wVa9Ncc\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 98eb0957ba3e5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9662,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"889a5645bbcd39c5ff52fc2f0fd22ee4","sha1":"3a4562ea25d059952b1cd43c82fc38a519493037","sha256":"eb78ad6b3eef218ced9d1d7ff71262e69cd0015072e9e8760835848925754749","sha512":"a8efef3d78e63e9dc41436500c42cb5391f87b058dbd70741268a4f2272d426a4690df33e723fdc81a659e01ed6a879da62122ec9974eb9da031a077ecc28c68","ssdeep":"96:92zOFqh+CO1URSo94MzGcOKX2CYAOC1NIa6IZSK5PyQw1mFfDzjfC5mdzp:szQJCO1i94MaKbC4dd","tlshash":"7912889e1e18c505d80c6138c9c355fca3a5cea4f6a957736f64beaeba3f440d4820d7","first_seen":"2023-05-27T14:06:20Z","last_seen":"2026-03-28T10:56:47.942793Z","times_seen":26,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"moolust.com/index.php?do=elmnp.ir?C3jpzcAx","fqdn":"moolust.com","domain":"moolust.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T00:00:27.980Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /index.php?do=elmnp.ir?C3jpzcAx HTTP/1.1\r\nHost: moolust.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Wed, 15 Oct 2025 00:00:28 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: cloudflare\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nLocation: http://46.105.78.43/dating1?source=moolust.com\u0026sub_id_1=elmnp.ir?C3jpzcAx\r\nStrict-Transport-Security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vTP21xiB2zEsnC9a3hb3FJ7dx3oppxjCn0J5v3e7bewSWrAQdIINA3XH8nVyVVV7njh1mHthJ6HeZz5Ah0YX0CZ4TUdo0ZppRQ%3D%3D\"}]}\r\nCF-RAY: 98eb094f3f0b569d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14604,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T14:47:06.668895Z","times_seen":13379084,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":51,"dns":50,"connect":1,"send":0,"wait":170,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-15","alert":"Sinkholed","trigger":"moolust.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","fqdn":"spicybelleqou.com","domain":"spicybelleqou.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-15T00:00:28.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spicybelleqou.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Oct 2025 08:32:42 GMT","end":"Thu, 08 Jan 2026 09:31:11 GMT"},"fingerprint":{"sha1":"23:AB:04:30:FA:40:A5:46:AA:EC:64:B6:38:9F:8A:DC:9A:68:82:B2","sha256":"BE:02:51:49:76:8B:BD:75:FC:91:F5:B9:D3:1D:22:B5:84:5F:20:E2:F0:7B:1D:DE:E6:99:05:6B:FA:41:F7:E0"}}},"request":{"raw":"GET /?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has HTTP/1.1\r\nHost: spicybelleqou.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Oct 2025 00:00:28 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: max-age=0, private, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qUgVP%2FQIOpummQJaYqz%2FziXkbv9MOxokwG8WMDSFFtjHRiARKW2dRXL5KVEG6FqfBa%2FCjg%2BXYiJfKl93N5DxMJP%2FdWfxx65ZUAJFL%2FFJEep9\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nset-cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTM2NzI0bQAAAApwbFpMZ09xTE53bQAAAANoaWRtAAAAJWdvVWdzelJhY3pWdndTS21vQ0drbHFnUXltTkdMbGNiV2J1cmVtAAAAAmhsZAADbmlsbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAACzFzam9zNGYzaGFzbQAAAAd0cmFja2VybQAAAAEybQAAAAN1bnFtAAAADFZBaG9QeVhiUGFDag.Gvi8wuj-wbO9emWek1_tHR6CFtAcsZKozb7rN-KDFYE; Path=/; Max-Age=31536000; Expires=Thu, 15 Oct 2026 00:00:28 GMT\r\ncf-ray: 98eb095128122678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14604,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (10657)","md5":"f6ba46842bef2c063e24ab4f28698f73","sha1":"00c5237a05c7adf66d83edbb252f6eefed89db62","sha256":"c9533da72d16f3855e06cb56a4b1dd089291bff2a176846ebbd0b473f40ccb8d","sha512":"94071c438dcc9e7fd1d766cd1d7b53db97ee42ab10f93202a882f3420e1e9bb2a6d54975ec6726d9e9f9aa5bbf080e71d24d234a44e879f34eafab7aa1bff420","ssdeep":"384:dWlQR93cJtMYlMZ5a+BwCetfePieTDeTJew/eTpeTSe+8eTqeT4e8elkLBw9wtwN:klQR9MUBzeJeKefeleyeNe+e/eee8e8O","tlshash":"1a62b631b552343b503342e1a4e79bdc20b9d50bd41b0998a7bfa3bc87dfc56b462a8d","first_seen":"2025-10-15T00:00:55.212223Z","last_seen":"2025-10-15T00:00:55.212223Z","times_seen":1,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":83,"dns":55,"connect":1,"send":0,"wait":343,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","date":"2025-10-15T00:00:28.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/lazyload@2.0.0-rc.2/lazyload.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://spicybelleqou.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 2.0.0-rc.2\r\nx-jsd-version-type: version\r\netag: W/\"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 15 Oct 2025 00:00:28 GMT\r\nage: 518785\r\nx-served-by: cache-fra-etou8220142-FRA, cache-hel1410023-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 1643\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5674,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"60669862b7c39ecb3283b1faa9563a07","sha1":"f9b1d545cf4c85ddda753ff9609ede569d92b31f","sha256":"874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea","sha512":"1512c8379b8fa49935ed1bfc6a3d2f3a97f892c947c51ad07b1c227078e8a253e05aed187658c14bb242914f1042d523dfe7292d2f087077513337d7391c9a50","ssdeep":"96:3DU0gNYNpGxM7B2PswfNVRL2evyKSCjoFxVb1Gbe7BP+OpqC5URolicTejU+5UZE:zpNiM7B1wV20jSCcFXbcbe7B7qC5U2iT","tlshash":"3ec1ef483deba15b91a3b0f89b5f5145b238810b101dee543e9c87e6af6093c26f1fd8","first_seen":"2023-03-07T01:06:47Z","last_seen":"2026-04-05T12:58:32.897578Z","times_seen":2193,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":79,"dns":50,"connect":13,"send":0,"wait":13,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"spicybelleqou.com/p.js?a=575023\u0026adb=0\u0026cr=71394\u0026lid=11059\u0026mh=Z29VZ3N6UmFjelZ2d1NLbW9DR2tscWdReW1OR0xsY2JXYnVyZS0zNTc4NA%3D%3D\u0026mmid=2422\u0026p=0\u0026rf=\u0026rn=zc4YotqUys4WmdmVEhG\u0026s2=1sjos4f3has\u0026t=2","fqdn":"spicybelleqou.com","domain":"spicybelleqou.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","date":"2025-10-15T00:00:28.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"spicybelleqou.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Oct 2025 08:32:42 GMT","end":"Thu, 08 Jan 2026 09:31:11 GMT"},"fingerprint":{"sha1":"23:AB:04:30:FA:40:A5:46:AA:EC:64:B6:38:9F:8A:DC:9A:68:82:B2","sha256":"BE:02:51:49:76:8B:BD:75:FC:91:F5:B9:D3:1D:22:B5:84:5F:20:E2:F0:7B:1D:DE:E6:99:05:6B:FA:41:F7:E0"}}},"request":{"raw":"GET /p.js?a=575023\u0026adb=0\u0026cr=71394\u0026lid=11059\u0026mh=Z29VZ3N6UmFjelZ2d1NLbW9DR2tscWdReW1OR0xsY2JXYnVyZS0zNTc4NA%3D%3D\u0026mmid=2422\u0026p=0\u0026rf=\u0026rn=zc4YotqUys4WmdmVEhG\u0026s2=1sjos4f3has\u0026t=2 HTTP/1.1\r\nHost: spicybelleqou.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTM2NzI0bQAAAApwbFpMZ09xTE53bQAAAANoaWRtAAAAJWdvVWdzelJhY3pWdndTS21vQ0drbHFnUXltTkdMbGNiV2J1cmVtAAAAAmhsZAADbmlsbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAACzFzam9zNGYzaGFzbQAAAAd0cmFja2VybQAAAAEybQAAAAN1bnFtAAAADFZBaG9QeVhiUGFDag.Gvi8wuj-wbO9emWek1_tHR6CFtAcsZKozb7rN-KDFYE\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 15 Oct 2025 00:00:29 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\ncache-control: max-age=0, private, must-revalidate\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\ncf-cache-status: BYPASS\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yjy7NLwi21EK9933iVgvzQnXV8vWVkYe9zb7yXUOd%2BAiO0S0uQovirIouxt85ey4WwehU5wrG9nCmEc8qonangQPha%2BWeIOPAswyzCoDqyA5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nset-cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTM2NzI0bQAAAApwbFpMZ09xTE53bQAAAANoaWRtAAAAJWdvVWdzelJhY3pWdndTS21vQ0drbHFnUXltTkdMbGNiV2J1cmVtAAAAAmhsYQFtAAAABXN1Yl8xZAADbmlsbQAAAAVzdWJfMm0AAAALMXNqb3M0ZjNoYXNtAAAAB3RyYWNrZXJtAAAAATJtAAAAA3VucW0AAAAMVkFob1B5WGJQYUNq.zkaN_FfuCIup4PnxXRcQYkFMfWzhNl-8IyKWyupDn5c; Path=/; Max-Age=31536000; Expires=Thu, 15 Oct 2026 00:00:29 GMT\r\ncf-ray: 98eb0954afcb5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":416,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"b7ad0fdbf93fe6aa7f39a9a031d2acad","sha1":"b3ff944d1e04bca5a6421b319cb68d7ae5f79333","sha256":"aa47b5b6eb35ce4fd29a47adb24d836d432fb93fcb5e47409a11d3c86d83d19e","sha512":"055cf3a6bb867ecc51e16e9f5af6b63f84197c98f7840d32672991822f4be00f67d88ae1645d28ff6656666b34372980acd659956072ee0285726b9d2549795d","ssdeep":"","tlshash":"d9e02b9e28b0043507b3b1718f3f49102137114f204b95067cfc13411f9060e8246d84","first_seen":"2025-10-15T00:00:55.238239Z","last_seen":"2025-10-15T00:00:55.238239Z","times_seen":1,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adultgirll.com/assets/19717fd0ad2739c69e9fdd0dd8889908/images/d1.jpg","fqdn":"adultgirll.com","domain":"adultgirll.com","tld":"com"},"ip":{"addr":"45.76.38.70","port":443,"asn":20473,"as":"AS-VULTR","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","date":"2025-10-15T00:00:29.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adultgirll.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 Aug 2025 20:08:45 GMT","end":"Wed, 19 Nov 2025 20:08:44 GMT"},"fingerprint":{"sha1":"1E:1F:68:B1:AC:54:22:08:52:CB:0B:57:CD:2B:5B:27:66:91:54:20","sha256":"1E:1D:1F:A1:39:9F:82:4D:3E:71:D2:59:68:48:EB:6D:FF:0D:6D:0D:26:CD:FA:F4:7D:AD:AE:B9:8A:49:7E:77"}}},"request":{"raw":"GET /assets/19717fd0ad2739c69e9fdd0dd8889908/images/d1.jpg HTTP/1.1\r\nHost: adultgirll.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://spicybelleqou.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Oct 2025 00:00:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 32417\r\nlast-modified: Tue, 20 Feb 2024 13:29:05 GMT\r\netag: \"65d4a921-7ea1\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32417,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 540x720, components 3","md5":"2e115a311dcf2e846381f9b183767b44","sha1":"cd3dae1038e8ba3ab0b19a2b9cd40d0de76790a7","sha256":"722ac9cfec68af316db8fd4f9fd2a300aae0b09148d7f0f94d5fa961f48e2ee8","sha512":"aa4e92b14a19b3577a54c6b4f2b4f6b8d01e746dad3629e04f80809d3ae8745824a2261c97876f0589ae2c862dd7d1c104337d2e8b3a0f55398fb0d12dcbb6eb","ssdeep":"768:qENoL6xsbHh43uxXc514ohxSlNUMtYYHV19ZBK:qEN7eHh4exXc514o/S3UM6Y1brK","tlshash":"b2e2e1bfe84fab03b7cd48e41065e818b601f1a765a533638dda7b15cb944db2c508fa","first_seen":"2023-05-27T04:28:25Z","last_seen":"2026-03-27T06:28:43.433952Z","times_seen":147,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":101,"dns":49,"connect":16,"send":0,"wait":16,"receive":20,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adultgirll.com/assets/19717fd0ad2739c69e9fdd0dd8889908/images/d2.jpg","fqdn":"adultgirll.com","domain":"adultgirll.com","tld":"com"},"ip":{"addr":"45.76.38.70","port":443,"asn":20473,"as":"AS-VULTR","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://spicybelleqou.com/?utm_source=OyQfNj8SeWBf9\u0026utm_campaign=2\u0026utm_content=1sjos4f3has","date":"2025-10-15T00:00:29.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adultgirll.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 Aug 2025 20:08:45 GMT","end":"Wed, 19 Nov 2025 20:08:44 GMT"},"fingerprint":{"sha1":"1E:1F:68:B1:AC:54:22:08:52:CB:0B:57:CD:2B:5B:27:66:91:54:20","sha256":"1E:1D:1F:A1:39:9F:82:4D:3E:71:D2:59:68:48:EB:6D:FF:0D:6D:0D:26:CD:FA:F4:7D:AD:AE:B9:8A:49:7E:77"}}},"request":{"raw":"GET /assets/19717fd0ad2739c69e9fdd0dd8889908/images/d2.jpg HTTP/1.1\r\nHost: adultgirll.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://spicybelleqou.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 15 Oct 2025 00:00:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 42488\r\nlast-modified: Tue, 20 Feb 2024 13:29:05 GMT\r\netag: \"65d4a921-a5f8\"\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range\r\naccess-control-expose-headers: Content-Length,Content-Range\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42488,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x866, components 3","md5":"f9fd7311db7b328ecbcec2a4eca9fd6e","sha1":"3993d95ee1a49963491f74f1b0b1c54d8bbf16bf","sha256":"c8b7e258c6765ff50c058799a8b100a6283bdcdace77065601260a72fa6dc438","sha512":"23fbaeb078c0a7f5b1154b81c6f744532f4ee606e4e59e3eebf3b1d525a097726bf1e56defd1ae63e8b3424eb893b6b1d7c4f26f7015ee0f7de8ec56d6a57c3f","ssdeep":"768:qEseB9L8qPZlnZAGI/ooMvbTLwH12NHejmbhJqC2jBiOcvB02:qEsez8qhlZAG8ZCTLOG+jmbhEnPcvB02","tlshash":"0e13028bae67077141d73db137f45969b3c269e0be7776461f05860c123cdb406e097a","first_seen":"2023-05-27T04:28:25Z","last_seen":"2026-03-27T06:28:43.442172Z","times_seen":148,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":101,"dns":47,"connect":18,"send":0,"wait":39,"receive":10,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}