{"report_id":"fa6b90c4-9bb0-43be-8718-468fe847631e","version":6,"status":"done","tags":[],"date":"2025-10-06T10:57:49Z","url":{"schema":"http","addr":"abesepoe.life/palwo/iqykp-cztsytt","fqdn":"abesepoe.life","domain":"abesepoe.life","tld":"life"},"ip":{"addr":"172.67.212.188","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"abesepoe.life/palwo/iqykp-cztsytt","fqdn":"abesepoe.life","domain":"abesepoe.life","tld":"life"},"title":"abesepoe.life Please Wait"},"submit":{"url":{"schema":"http","addr":"abesepoe.life/palwo/iqykp-cztsytt","fqdn":"abesepoe.life","domain":"abesepoe.life","tld":"life"},"ip":{"addr":"172.67.212.188","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-10T10:57:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"abesepoe.life","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"abesepoe.life","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2025-10-05T22:12:07.233388Z","alert_count":0,"request_count":2,"received_data":1674,"sent_data":1986,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.no","ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2025-10-05T22:12:07.136045Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":890,"comment":"","tags":null,"fingerprints":null},{"fqdn":"abesepoe.life","ip":{"addr":"172.67.212.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-06T10:57:50.030181Z","last_seen":"2025-10-06T10:57:50.030181Z","alert_count":4,"request_count":2,"received_data":5771,"sent_data":953,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-10-05T22:12:07.052692Z","alert_count":0,"request_count":1,"received_data":439422,"sent_data":434,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"abesepoe.life/palwo/iqykp-cztsytt","fqdn":"abesepoe.life","domain":"abesepoe.life","tld":"life"},"ip":{"addr":"172.67.212.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aefc72f37530cc82a8fee73d9ad13745","sha1":"e86a87cae9594bd070a8fbbcdf439cf4b362074a","sha256":"9a425c983fb637c2d52668899eb2f2b2a3fda12398b4a47e266d8d647d926850","sha512":"e4c17a3168aff7ccda6d40e2828070f825a88c2dac9d89f2f06f7a045815a93c641fdd942f09d1687a5f1d5d8762d46392074633af58fcfb85620f25749f9e85","ssdeep":"","tlshash":"15c02b8c210a0c7085ff27008f3fb704f002332895d069314f4963448d30f07f744810","size":153,"data":"","first_seen":"2025-07-22T09:27:33.671147Z","last_seen":"2026-04-05T17:16:56.474183Z","times_seen":3031,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-KJ4T538TS5","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a65926c51ed3899fe28ef4e364be7af","sha1":"da83b608f6bb95ed70bccaa8d63a9729f5bc46f8","sha256":"18655469405d38313accd6e20c7bbeff5b4e9705b5b2d6b5dd2fec7d7183edab","sha512":"5169811a0f8ca9ea93412a0ba7dc7c8c8a7b54fcff6bba461d11abe998ee1ceb1238ff67fb489fb9386db6c7a5103b56e543b914cc9efe596038a79642a5d6b9","ssdeep":"6144:qBEZTP5DyYvRCLdIuLXX3AAmozXvnRejjw:kmbdtvqdIbhw","tlshash":"6a941bde73c674265396e478902f01cba9bb24a2b45cc896f1c9cce42d74a9a4137f7c","size":438818,"data":"","first_seen":"2025-10-06T09:36:11.064852Z","last_seen":"2025-10-06T10:57:53.818Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abesepoe.life/palwo/iqykp-cztsytt","fqdn":"abesepoe.life","domain":"abesepoe.life","tld":"life"},"ip":{"addr":"172.67.212.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8e997cecfb28d27634f13e061b6f4de2","sha1":"09feda2c28d8c7da31bd526959ce311dca5f8723","sha256":"f7bd1d2d9172ee75d2da76930300561ff7e25b66536a5e2510bd722e3c464d73","sha512":"b7dea1ced201198d6b150d69c6cfa23fd7fb886c3a2d920d8849ba168de2690eb25a2e440754f8893b9308826191cd9e6eaba8e2b53c059160f94ee028bb1077","ssdeep":"","tlshash":"f5e0ab2998e706384cf63e441038ca3934f838a0aaa3d067625cc82ccd39fc50c04eec","size":424,"data":"","first_seen":"2025-07-22T09:27:33.747354Z","last_seen":"2026-04-05T17:16:56.475619Z","times_seen":2972,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"abesepoe.life/palwo/iqykp-cztsytt","fqdn":"abesepoe.life","domain":"abesepoe.life","tld":"life"},"ip":{"addr":"172.67.212.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-06T10:57:27.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abesepoe.life","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 28 Sep 2025 22:44:17 GMT","end":"Sat, 27 Dec 2025 23:41:48 GMT"},"fingerprint":{"sha1":"AB:9F:6A:A1:FE:3E:AF:56:33:B7:DC:D3:3A:BD:35:53:94:32:53:B5","sha256":"EF:E6:0D:F7:3F:E9:5D:48:39:13:39:43:48:2A:9F:9E:8A:CD:F9:83:37:75:2B:DB:6E:D9:DD:E4:38:60:1F:3F"}}},"request":{"raw":"GET /palwo/iqykp-cztsytt HTTP/1.1\r\nHost: abesepoe.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 10:57:28 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-server-powered-by: Engintron\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LrbhqsvDydxdEsGq5TqhI6AOwXoQKKnPLX7WiMDaV%2BhhSFD0pfxMgzcKeYv8a9RbVWrHIllAuPhY7G94gudfwC70SBVkuQom%2Bi5e\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 98a4a35409395699-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":1902,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"51b54fc5e7dfa736bc2239c77104ea29","sha1":"cc9dd469e8a4b53d003e97b7044017945b8966f0","sha256":"156da153e8549be212aa08031ea1a12276f9559cc779714e97b82cd140f908e6","sha512":"86494bfa9c9fa0d0464fcf141db306f6f11f8adf266d76511860de7b9886cee1079529c1776523c5a232f19f9c558ec53b263602096b0b1a95b94bd49729e8c6","ssdeep":"","tlshash":"9e41b4098dd308341cf2a6045776e62834e2a01bc757e4663adcd118cf51fca8d46bcc","first_seen":"2025-10-06T10:57:53.816735Z","last_seen":"2025-10-15T01:27:49.99834Z","times_seen":3,"resource_available":false,"data":null}},"time_used":916,"timings":{"blocked":174,"dns":0,"connect":3,"send":0,"wait":568,"receive":0,"ssl":170},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"abesepoe.life","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"abesepoe.life","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-KJ4T538TS5","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://abesepoe.life/palwo/iqykp-cztsytt","date":"2025-10-06T10:57:28.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"GET /gtag/js?id=G-KJ4T538TS5 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abesepoe.life/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Mon, 06 Oct 2025 10:57:28 GMT\r\nexpires: Mon, 06 Oct 2025 10:57:28 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 144520\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":438818,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (6730)","md5":"5a65926c51ed3899fe28ef4e364be7af","sha1":"da83b608f6bb95ed70bccaa8d63a9729f5bc46f8","sha256":"18655469405d38313accd6e20c7bbeff5b4e9705b5b2d6b5dd2fec7d7183edab","sha512":"5169811a0f8ca9ea93412a0ba7dc7c8c8a7b54fcff6bba461d11abe998ee1ceb1238ff67fb489fb9386db6c7a5103b56e543b914cc9efe596038a79642a5d6b9","ssdeep":"6144:qBEZTP5DyYvRCLdIuLXX3AAmozXvnRejjw:kmbdtvqdIbhw","tlshash":"6a941bde73c674265396e478902f01cba9bb24a2b45cc896f1c9cce42d74a9a4137f7c","first_seen":"2025-10-06T09:36:11.064852Z","last_seen":"2025-10-06T10:57:53.818Z","times_seen":2,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":49,"dns":1,"connect":8,"send":0,"wait":36,"receive":26,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"abesepoe.life/favicon.ico","fqdn":"abesepoe.life","domain":"abesepoe.life","tld":"life"},"ip":{"addr":"172.67.212.188","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abesepoe.life/palwo/iqykp-cztsytt","date":"2025-10-06T10:57:28.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"abesepoe.life","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 28 Sep 2025 22:44:17 GMT","end":"Sat, 27 Dec 2025 23:41:48 GMT"},"fingerprint":{"sha1":"AB:9F:6A:A1:FE:3E:AF:56:33:B7:DC:D3:3A:BD:35:53:94:32:53:B5","sha256":"EF:E6:0D:F7:3F:E9:5D:48:39:13:39:43:48:2A:9F:9E:8A:CD:F9:83:37:75:2B:DB:6E:D9:DD:E4:38:60:1F:3F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: abesepoe.life\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abesepoe.life/palwo/iqykp-cztsytt\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Oct 2025 10:57:28 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\nexpires: Fri, 05 Dec 2025 10:57:28 GMT\r\ncache-control: max-age=5184000\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-nginx-upstream-cache-status: STALE\r\nx-server-powered-by: Engintron\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GG3MfvtMPtgAN07jIdLmsJVul94GLWpn%2F5yzjKkY3ycwsbmDK4%2FfxOuftCUwZGWjz2sMQLiePXs3elKMVic8gjmQXDxgDu5oPVgt\"}]}\r\ncf-cache-status: MISS\r\nlast-modified: Mon, 06 Oct 2025 10:57:28 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 98a4a3589db65699-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Engintron","description":"Engintron is a plugin that integrates Nginx to cPanel/WHM server.","website":"https://github.com/engintron/engintron","common_platform_enumeration":"","icon":"engintron.png","categories":["Web server extensions"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2416,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"ff237e1ce050882d5b6c2018da4bc646","sha1":"b8e2dd62322640ec363fd4dacf15fa9f01120856","sha256":"726dbde9fcf8f79d0e2afb2204c1b4bc9f4a27276bf3461f306f353ff5e04bf1","sha512":"7d99babb27f0d3fab99903db81861ab3645647d8d018317f66b11eabd558a8403c30143ca8cbbe8d27a6232a930a5b9660c7dc7a47a98597579c1b1b0e9a0b8c","ssdeep":"","tlshash":"394183065de30c302cb266146371e31838a291178a53e4673adcc154cf41fcba9abfdc","first_seen":"2025-10-06T10:57:53.819029Z","last_seen":"2025-10-15T01:27:50.013655Z","times_seen":3,"resource_available":false,"data":null}},"time_used":579,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":579,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"abesepoe.life","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-06","alert":"Sinkholed","trigger":"abesepoe.life","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-KJ4T538TS5\u0026gtm=45je5a20h2v9118348237za200zd9118348237\u0026_p=1759748248314\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=108558092.1759748248\u0026ecid=1113802035\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638\u0026sid=1759748248\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fabesepoe.life%2Fpalwo%2Fiqykp-cztsytt\u0026dt=abesepoe.life%20Please%20Wait\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=964","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://abesepoe.life/palwo/iqykp-cztsytt","date":"2025-10-06T10:57:28.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-KJ4T538TS5\u0026gtm=45je5a20h2v9118348237za200zd9118348237\u0026_p=1759748248314\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=108558092.1759748248\u0026ecid=1113802035\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638\u0026sid=1759748248\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fabesepoe.life%2Fpalwo%2Fiqykp-cztsytt\u0026dt=abesepoe.life%20Please%20Wait\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=964 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abesepoe.life/\r\nOrigin: https://abesepoe.life\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://abesepoe.life\r\ndate: Mon, 06 Oct 2025 10:57:28 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:158:0\r\nreport-to: {\"group\":\"ascnsrsggc:158:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T17:47:03.427672Z","times_seen":13386520,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":28,"dns":0,"connect":9,"send":0,"wait":18,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-KJ4T538TS5\u0026cid=108558092.1759748248\u0026gtm=45je5a20h2v9118348237za200zd9118348237\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638\u0026z=834235830","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.250.74.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://abesepoe.life/palwo/iqykp-cztsytt","date":"2025-10-06T10:57:28.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:38:47 GMT","end":"Mon, 08 Dec 2025 08:38:46 GMT"},"fingerprint":{"sha1":"C0:45:71:17:CE:C3:46:B2:12:DC:B2:E3:86:3F:B6:4A:4A:A6:66:E8","sha256":"0D:84:59:55:0F:E7:1B:8D:AD:24:44:33:81:69:DE:97:58:25:F0:6A:68:26:D3:3C:BF:E5:34:C9:91:CD:4E:EF"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-KJ4T538TS5\u0026cid=108558092.1759748248\u0026gtm=45je5a20h2v9118348237za200zd9118348237\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638\u0026z=834235830 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://abesepoe.life/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Mon, 06 Oct 2025 10:57:28 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-05T17:47:45.097711Z","times_seen":768537,"resource_available":true,"data":null}},"time_used":132,"timings":{"blocked":55,"dns":2,"connect":8,"send":0,"wait":19,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-KJ4T538TS5\u0026gtm=45je5a20h2v9118348237za200zd9118348237\u0026_p=1759748248314\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=108558092.1759748248\u0026ecid=1113802035\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AEAAAAQ\u0026_s=2\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638\u0026sid=1759748248\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fabesepoe.life%2Fpalwo%2Fiqykp-cztsytt\u0026dt=abesepoe.life%20Please%20Wait\u0026en=scroll\u0026epn.percent_scrolled=90\u0026tfd=5970","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://abesepoe.life/palwo/iqykp-cztsytt","date":"2025-10-06T10:57:33.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:34:17 GMT","end":"Mon, 08 Dec 2025 08:34:16 GMT"},"fingerprint":{"sha1":"71:28:4D:CB:A8:43:CE:20:8D:C2:D0:1C:15:47:53:FB:EE:1F:E6:6C","sha256":"FD:F8:A3:C0:21:C0:03:15:43:2F:C7:36:8C:50:6A:39:57:B4:06:6A:0D:82:33:AB:55:A7:80:D2:E3:79:B8:11"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-KJ4T538TS5\u0026gtm=45je5a20h2v9118348237za200zd9118348237\u0026_p=1759748248314\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=108558092.1759748248\u0026ecid=1113802035\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AEAAAAQ\u0026_s=2\u0026tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115616985~115834636~115834638\u0026sid=1759748248\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fabesepoe.life%2Fpalwo%2Fiqykp-cztsytt\u0026dt=abesepoe.life%20Please%20Wait\u0026en=scroll\u0026epn.percent_scrolled=90\u0026tfd=5970 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://abesepoe.life/\r\nOrigin: https://abesepoe.life\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://abesepoe.life\r\ndate: Mon, 06 Oct 2025 10:57:33 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:158:0\r\nreport-to: {\"group\":\"ascnsrsggc:158:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T17:47:03.427672Z","times_seen":13386520,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}