{"report_id":"0ce99e7e-8843-42b5-81ca-37b227e3fb90","version":6,"status":"done","tags":[],"date":"2026-04-28T15:42:31Z","url":{"schema":"http","addr":"bluetidefinance.com","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"172.67.140.34","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bluetidefinance.com/","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"title":"Home | Bluetide Finance","dom":{"size":23371,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20706)","md5":"0a1befc815b36417de6f7d7850a33788","sha1":"59d62ce846a6c05053a67d83e707a28528a28dd5","sha256":"efc825b03706f80927b688c87959c76206e8c9602bb5c575c3eb18aa2fdd9386","sha512":"fab345517a3083f2570789851f8c49f2c935be7a0742619dd1d9879b7fc6625ec019a9f55fc9c0917827db9c681f497b8a521b9adac973df16b533410134c4df","ssdeep":"384:vkEtgxjT35pnR+FE8dJqgQewSlaLVHobQdrjQBt7L210vv:vjDQewSlMEAE","tlshash":"42a2e9d6779041f4f213d7f4e031ba74727ab9ab9b4b9350b52d04a0df9289cc8aacd1","dom_hash":"domhash32c8b1506ea4e709c6819b72538ae679","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bluetidefinance.com","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"172.67.140.34","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T15:42:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-04-28","alert":"Hunting_JS_WebAssembly","trigger":"maps.google.com/maps-api-v3/api/js/64/9c/common.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-26T22:20:29.825994Z","alert_count":0,"request_count":6,"received_data":61519,"sent_data":3023,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.cloudflare.com","ip":{"addr":"104.16.123.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":26817,"first_seen":"2012-05-22T13:19:15Z","last_seen":"2026-04-28T04:09:18.463851Z","alert_count":0,"request_count":1,"received_data":1192,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"cdn.chatway.app","ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-02-21","domain_rank":788542,"first_seen":"2023-09-16T12:41:10Z","last_seen":"2026-04-23T17:41:02.247864Z","alert_count":0,"request_count":2,"received_data":104601,"sent_data":862,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"widget.chatway.app","ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-02-21","domain_rank":772505,"first_seen":"2023-09-16T12:41:11Z","last_seen":"2026-04-26T18:02:30.713015Z","alert_count":0,"request_count":14,"received_data":1306447,"sent_data":6957,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"maps.google.com","ip":{"addr":"142.250.74.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":76,"first_seen":"2012-09-10T23:07:43Z","last_seen":"2026-04-27T07:25:04.502669Z","alert_count":1,"request_count":3,"received_data":751472,"sent_data":1345,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-26T22:16:47.246638Z","alert_count":0,"request_count":9,"received_data":184279,"sent_data":4930,"comment":"","tags":null,"fingerprints":null},{"fqdn":"maps.googleapis.com","ip":{"addr":"216.58.201.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3442,"first_seen":"2012-05-22T14:23:23Z","last_seen":"2026-04-27T00:09:40.490099Z","alert_count":0,"request_count":1,"received_data":558,"sent_data":482,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-04-26T22:44:19.904703Z","alert_count":0,"request_count":1,"received_data":31542,"sent_data":514,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"bluetidefinance.com","ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-01-26","domain_rank":0,"first_seen":"2026-04-28T15:42:36.548399Z","last_seen":"2026-04-28T15:42:36.548399Z","alert_count":55,"request_count":55,"received_data":5531834,"sent_data":26133,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"FancyBox","description":"FancyBox is a tool for displaying images, html content and multi-media in a Mac-style 'lightbox' that floats overtop of web page.","website":"https://fancyapps.com/fancybox","common_platform_enumeration":"","icon":"FancyBox.svg","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Google Maps","description":"Google Maps is a web mapping service. It offers satellite imagery, aerial photography, street maps, 360° interactive panoramic views of streets, real-time traffic conditions, and route planning for traveling by foot, car, bicycle and air, or public transportation.","website":"https://maps.google.com","common_platform_enumeration":"","icon":"Google Maps.svg","categories":["Maps"]},{"name":"Chatway","description":"Chatway is a live chat tool for websites, designed to facilitate customer engagement through real-time conversations.","website":"https://chatway.app","common_platform_enumeration":"","icon":"Chatway.svg","categories":["Live chat"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"prod-api.chatway.app","ip":{"addr":"172.67.72.165","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-02-21","domain_rank":745850,"first_seen":"2023-12-16T03:20:22Z","last_seen":"2026-04-26T18:02:30.648037Z","alert_count":0,"request_count":2,"received_data":15166,"sent_data":1327,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-04-26T22:34:03.62582Z","alert_count":0,"request_count":1,"received_data":104030,"sent_data":459,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.chatway.app/widget.js?id=uLh5zs0ELPSc","fqdn":"cdn.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ef9214119a2c53b759ca941de348845","sha1":"7fa0387513b0a83ee1e605cb069091f38325fa83","sha256":"54c90ed1c80d0377f5553c28c761a160c591536438add852212093699c336ec8","sha512":"a93ba806df860b22c94456fff27cf7b79efa2473f1767a3ac9547b4943ebf5ce25a0665438e4ce6edefe2a4c46cbcea11afb5f986bb847b21c0837df5263746d","ssdeep":"1536:/mS5lUZC2aNdaIHhJ8f318pSpSdcZEn54QAOp5X3X:+S5lQ2Nda1LpWAOp53","tlshash":"9f831ab031a6193546eb48de6465b60036215c9df4858cbcfc3ccdaabb95cc6523aff8","size":80892,"data":"","first_seen":"2026-04-28T15:42:42.686489Z","last_seen":"2026-04-28T16:00:29.877312Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ff6bdf68494522ee76b1bbc19e1ed92f","sha1":"909119ac20315b243674c9dc60472a1a7f77cca5","sha256":"317d5f2de620c20c3c473cf6d1b9985f795e86cb63c39882a1d4f0c1a066440f","sha512":"cc0868607a1ac910aad7234af5ed94746fd018ac123419c304d6b17d521a02c6410fefc75f01853bd679e8e24c2ffc3b330bf7957d2c004ab781838a483a433f","ssdeep":"","tlshash":"99c08c13b032400a1087b00ac386688c3038820b05380c293b8c618a3fb3f8c030d1ac","size":182,"data":"","first_seen":"2023-03-12T22:55:39Z","last_seen":"2026-04-28T16:56:30.482071Z","times_seen":24,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/markdown-it/13.0.1/markdown-it.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c312733bbc9b162af28c64c8991b3ba","sha1":"9e7644adf7f90a5afd8d60cf2887134ef08fb72e","sha256":"84dca58da83a8220ac8efff22a6c4af3f55e1f3bcc0ef739bbc033991be6d412","sha512":"4987c35183e0e71b29b06e8e3a95d4dfae86f1266c7473a1aa4fe271dad827613f58a6713f1cdeeddd870f70325e94fb536d8f679cbbe31469a99e80d9b27e91","ssdeep":"1536:+WA83I94l3mQiB9JGv18Px6/HpGmqD4JIz3BXUT+3VNb3xzsp4tEHDT8er3Q4A:+WAL6l/KP2H8zcOFLN36C2DQugb","tlshash":"5ba30b5562dfdcab229030d82c7f290da9fe4a42440cc428ffed91eb19a5993315bf76","size":103012,"data":"","first_seen":"2023-03-09T23:28:50Z","last_seen":"2026-04-28T17:47:36.943385Z","times_seen":1295,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/library-chunks-1-EduVGBsc.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"b7eae828772fdfb6bb6d9ab345964599","sha1":"43aa5e22cc8863a27e8a597ec93d67575914ecf3","sha256":"e8033f35ca1dc03f9236de86e896d4314516f1a981b5f8a835f0a3b752183dea","sha512":"f863e6440e53f89a3fe271843b24b5016efd504b7a70937b792f4eeb6a4e9c38958c604aa94fac6d95193f7199b1cbd713e8cadcc797b568fda37a26aa7c2468","ssdeep":"768:X1d3dEqzRMvkZXze2WNGoVaiLE4+oO/NeL2pi4cvpgOUz5ldjErp1wIIsI0uMomL:NjY9JFq2iQ7Vk7aF","tlshash":"830318d976d1b07203ea55f8406b0902f32a9a19744d84e4b16cdcef3db600a96bbf7d","size":40282,"data":"","first_seen":"2026-02-24T22:31:31.462531Z","last_seen":"2026-04-28T17:47:36.922949Z","times_seen":252,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/vue-3-linkify-DSxu0C2V.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"1c840191d67e4382fe96ec2a00c2880e","sha1":"466d71e6207ece2939f6357d4b01ea30edb9e4a8","sha256":"adfc1ef77350a8ba76d1618a155ac6802e6d41804191fa9a932b88a81d0f6c7d","sha512":"ab39f6645b4919f2cf30911eab590f87c553318ff3cbf41dc0a9bc6ea92ceb0aa694948623ed896140ef23a4f0e768627b95708361b9ee32e852c7d8785c5667","ssdeep":"768:a27KR9FY7HCua/sF+sTnlO+zS06wjJTk7EIh8H9Oi6Sg9b4fTz1ETEGl2:PKR3CCua6Ts+zSAjJTmqHwiqc","tlshash":"2d532ad8f6c2e079475310238caf1304507c99a4fe85c42db9b8e4e734a995b71bfab8","size":65337,"data":"","first_seen":"2025-11-11T11:56:06.753135Z","last_seen":"2026-04-28T17:47:36.951066Z","times_seen":571,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/floating-vue-BnEilDhR.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"509ee9e661778062020f6e50bdafdd54","sha1":"7fc1071c7f233db6d4959f9566fbe26ad9a967c5","sha256":"bcca3a00b7b20d7cb951eae4f5156840b08ad24a0f9e126db23ebf3cab70e2ff","sha512":"cebe35997a7b776adb56b3509a9ddc6dc99bf7f59a73bdbb55de7cc35aeb2f2c2169a4583750f37e5b6323ec8d16f5dc1385f96eae35d8c2ff6646578b1a8a52","ssdeep":"768:yUz+7n+eTC43ULScUbGyf2J8hrfLdZAY5+mn3Wh8usqu0+fbmzZqflPOrorRtfEQ:7zvfQnAY5PcP+pB","tlshash":"e513fabb7184f13313de95b6503a0609b3261798b40f545cb2fc9bed28b6d14626afbc","size":42661,"data":"","first_seen":"2026-02-24T22:31:31.464435Z","last_seen":"2026-04-28T17:47:36.920499Z","times_seen":252,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-28T19:24:00.547239Z","times_seen":316599,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/jquery.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"618538b4ab9639d444e962729a927f15","sha1":"dacc1f76630a9708add066819b1aabf8dce01056","sha256":"27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe","sha512":"bcb6754ea246939a19a917cc0b810e1753c1b0f1a8b1b7e652128ef15dee4fc79111e4d88fe12f9188449a307e82240d0261af402d783428edfe5785c860372d","ssdeep":"1536:jYE1JVoiB9JqZdXXe2pD3PgoIiulrUdTJ5Fk/zkZ4HjL5o8srOaS9TwDhb7/Jp96:y4J+03jL5TCOauTwDhFdnCVQNLa98Hrc","tlshash":"9693d7d9b6d6706287b734a851bf410bb17aa8eab40c4c60f058c8e47e74e9d507bf2d","size":97168,"data":"","first_seen":"2023-03-07T01:12:12Z","last_seen":"2026-04-28T20:02:05.641676Z","times_seen":4762,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/jquery.fancybox.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e11711058a9459a94d5a19b26a78135","sha1":"76792d5913afe035b6ccbac585b0b5e70b33aa76","sha256":"7b99eee1db728472aaa8452017a0d755f488e8d647cc0f62baf45f8ff65b95ba","sha512":"6ecbe997bc6e82fa7976a98e291ec31e043de23f0f5d06834fcc809cde8d0c3ffa0e96c734dfc0b0fbc313e405eac603540913794bb3a9a86ac56db5d2ab868a","ssdeep":"1536:26iljQs+4wETv0qwF/fwUsjuFR4amerr3txU0Me7/pby+mHWgGbAdKfW7WP83RSp:2NoETcqwF3wO/VUbZZr7WP83RSD6E3t","tlshash":"f3e3968a67bd112589333129ab8f705eb57e8423a10dd9263cad53481fc13a943f5fee","size":154104,"data":"","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T19:51:28.830821Z","times_seen":2751,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/main.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3e8aa314211fb89488bbc4392c21f783","sha1":"1737349ecd920e25831b8a41bb1c0cb1240c1d24","sha256":"5b5fe77b78a96871ec22052a5befd139a0356211a122e348874866b32d9780fa","sha512":"84c2c513633f4b964ccf43f806d0952645e4e1fa1181ad720b7dd18a78ddbe9f0e14ad58af74410b6aeb2c18e2a1c7fdc2ea9df45118e87a0e346b4e1f1af38f","ssdeep":"384:jLj1l5QmGc/DKJbhjGMozoYCMS/YqABoYoanZaoBY3fDYTTW0ouwMVu8pLGSpqFx:tzoY5qAB2MBqDB0VpDpqJB","tlshash":"7e72e4c033ac257a16fa32ca9c7b97015eadd437c08160fdf1fe142c65d870a22a5a9f","size":16466,"data":"","first_seen":"2023-03-12T08:00:30Z","last_seen":"2026-04-28T16:00:29.86042Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/vue-chunks-DJFQZtNi.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"1e99c223876f5efa31cbfd87dc56dfd5","sha1":"d13c3a0fa98f7ee53ec85dedfca65fe40ca2c53d","sha256":"f2d68bde6319b7606af287ded58ae268e8db236be7d2b3879a6d5ec9d39a009b","sha512":"7b72f7d736f0f5fba0ca77d71ce613c6811182aeacc762c85fcc2467c7fa39ef34d5dbd071983bf635d9a6d661d2e813debd0f14cb9ac741dd36bdeba4755c3e","ssdeep":"768:z80GJQN2EemJhEovnDbqTbWLBrsfcwn13wunX3nO0j1tqD9M5pEKtKFBrwik9PKG:JWp/n2DXkhso00Wj6sCFQCbARcx","tlshash":"2c7317e83182b57253fa09e6007b0406f3292d56384ed8d8f1adad9f3d7640591bbfad","size":76341,"data":"","first_seen":"2026-02-24T22:31:31.456448Z","last_seen":"2026-04-28T17:47:36.947483Z","times_seen":252,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","size":31169,"data":"","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-04-28T19:23:58.928859Z","times_seen":52927,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/index-0DOkM17n.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"02b636d87d5ef37757e560a7762f7630","sha1":"486c6e7d6d821d90c3c5b552e368b0942add7f43","sha256":"622a3caa310c343ac3287a87a8540fee3c01c3e2ee749e87df64e860c52bf130","sha512":"14bd08b3e22a97b6cfa23335b672ea730fe354a7f1fea2fb1dff9967dd5cd524f2bc830954890a3c3b0c18a6fb7ee0d5c7322cf6574908cd011b42b51bc73720","ssdeep":"6144:seMDMF2xhHRrJaYAmuR23A+V7VseBa1vMFHVPahAZcfmi7T5jFkot/GIcF0A3t1K:WrHR283Ab1Qy3/M3t9k9","tlshash":"bdc47dea31d1b63b52337760a41b7009b72c5da9dd48c49cf6eaccde2960c5421beb6c","size":580117,"data":"","first_seen":"2026-04-28T07:15:28.858485Z","last_seen":"2026-04-28T17:47:36.945153Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/popper.min.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b1dcd93871ac6da23becaef039b4b16","sha1":"3cf72db9816ea8cf313e6891fac2b9ad810a6fdb","sha256":"5f2a323cdac82cec5be5ee5416fec1b1f2d622c98166677215859af195ed29ad","sha512":"4f8a18119b63c6db95389d643c7951c401e0f933bb8bf8768c017e4a2ab715a494a69f2117b913eca37c1e60dcec02b3b5d5804e52e5083cb1d8e20e063e6e05","ssdeep":"384:25LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9H:INVVVnyiU41xXvlD7wx+v0xyGTgnZO9H","tlshash":"f392a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","size":20498,"data":"","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T16:00:29.780531Z","times_seen":1778,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/jquery-ui.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8ec0db1cb8ed2395c5df4e11be0d86e9","sha1":"d91e3c65e262d7e0021a926d228b9f6ad9aef4a9","sha256":"97bca2a8204372f21c29bc2d6ceeb192eab0719f1d154e1073f04acd8d2f0064","sha512":"0bbe5fd8a7991d8f0bb43a0dff3bc1130f5e2514524fcca9dc4662815155644d44a550ba2ffd92e86177c024d28319dc28a39d007c01bfde6bdbfe3d429c8f71","ssdeep":"12288:BEebHeg/md/AHhsncaL8ata+3XIdCgTf9kDUUB:EoHhsncaL8ata+3XIBf9kDUUB","tlshash":"66b4c7d5334f226f86ea3359983a9289e63dc075d202807d789d58dd25a8c2843b7ffd","size":539425,"data":"","first_seen":"2023-03-07T12:02:47Z","last_seen":"2026-04-28T16:00:29.781217Z","times_seen":1050,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.google.com/maps/api/js?key=AIzaSyDTPlX-43R1TpcQUyWjFgiSfL_BiGxslZU","fqdn":"maps.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5be9d33878d0d6ef76ece44b237c638","sha1":"c40b432a937a52a7715a2c6d9f1d3d83c2d32b62","sha256":"1cd1188437b9a77bbeaa7a3aa82fedd563dc630aa10820924bb33ee32e9b2894","sha512":"b1fa87c8360b6ac3635c87ace12f4eacecd7b257ecc9a2419fa5b4286ccd856dd3583e622509078281768fb32212c6519f496c172336aeea2ce3d314de1b8cb7","ssdeep":"6144:McufJ4vP+w2iFcJj8n9pxjwh6qjRieGZcbJ/jXEyOP2ThDSuh4VncFd7kkOeVzPb:McufJ4H+w2iFcJj8n9pxjwUgRieGibJT","tlshash":"6d642b987362747287b2e4e450370105b17ea49af04c8aecb69ccde7adf69460277f78","size":311308,"data":"","first_seen":"2026-04-28T15:42:42.735399Z","last_seen":"2026-04-28T16:00:29.851288Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/wow.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"11ac4d7173a68c50169addca2ef1b827","sha1":"621284d032a248c41753e995680fc30089bd374c","sha256":"dd90fdb6538987fe7975bd43803b1c7d8d62912a371c788caec32d016e09dca8","sha512":"658888b9d89577b55798fc56451f9458ba9b4885573a96480fd9bd480cb59854769964da9a5f54feba19ba66fa6df44c79203d35f1d6d9cafd84886c58e233a4","ssdeep":"96:3GqKWTAKHF/suCdaOVEE1FnePgJqg4SImYad6Q:y30suCYOVEE7ne4JqgpIwdh","tlshash":"bbd175c9b7467036d79ba1f6873f0145a23a19acb008047cb7e984e57d348699237f38","size":6300,"data":"","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T19:46:27.176015Z","times_seen":4139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/map-script.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d4044985bdb94c0d65e6708dc497340","sha1":"b00d58d265054bbe203ff14a7480506ae76e3cbf","sha256":"7e6696f210fb301a4fc9ef3241d9251ba723714185fb4a1d5c681390b3678f63","sha512":"b304c108973869b337447f74b426345a51ed40d79b10685e69c5f0ed64629dae016a8104d266e86e54d36abe4e375b384ad02181ab2afd4abc64053dec5808f9","ssdeep":"48:DxOQwG3ptmxark2GAt1pFo56jsoPt+xmSwC3ssyUPm/mjM5BwKITEBSgPyNtENBc:MZGexag2bpFJP3ygNUwu","tlshash":"f1e1ad29fd28581b82f6f376567dc340f860d23b4240486bb63c85ac5ff1665968dfac","size":6933,"data":"","first_seen":"2023-03-12T08:00:30Z","last_seen":"2026-04-28T16:00:29.87653Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/bootstrap.min.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"85636d56f74c4c11d1abecae2051c1e4","sha1":"739e1f5d163e0504c0ba039a109902354b22bd81","sha256":"6b277b4435729f70b53aa151dbe675d9cbc8a6637ad304ab07f581cfbefdfec9","sha512":"472f969fc97ebb71dd140782db2fe0dfff04601d4f94c988b7d0d7cc1522a13d44418e8510511256a359bece2920aeee3eed51cd7b20de08fce1f99e77b5f915","ssdeep":"768:qDYbgh0G45THVmcmjWSLlynS/zZ/AcyUr4Y8yiKKkHPPm26RoLQH/nIrPV:qDjh03Lo+SbZ/AfYqkm2KIrt","tlshash":"d733b90a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd89312bf3c","size":50737,"data":"","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T16:00:29.868219Z","times_seen":961,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/owl.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"54428880ec8df798ac3d666f5113c7ff","sha1":"9e43e74b8677f39e87f1b11be4d536c618b14bb3","sha256":"0402874ff311f284b18af9e4c453ee5bf0916a3b7335f0be52dcb54a1a31338b","sha512":"abceb872c8942d366a533c0c572e0e6e31d1b428ad2bc6fa1e746fd31811b6f8dfcd77814723adf44e1a8585436b511097576159b8eab40706b025e3158eda24","ssdeep":"1536:/PLoreUScogMjVNPP8aLMBJk8u9hKt1o619IYj1oJ0SQIOZ:/fHNPP/qJ9BoC9XplIOZ","tlshash":"e48383c5f36c261b422a31785e9e23ce713d412ad91118af7ca4e9dc28d546c836eff9","size":85303,"data":"","first_seen":"2023-03-07T01:10:42Z","last_seen":"2026-04-28T16:00:29.865575Z","times_seen":3977,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/socket-io-Bq1seLiF.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"importedModule","is_inline":false,"md5":"c4708b47d1b05894dc74a819edb1fe35","sha1":"571ca7b6ba0184fb98330910845c294572e0009c","sha256":"81d7c74fcdcd2ebd103038d7d8d9c7c1ae7089dd90cd0296a1daeed259d09702","sha512":"1865efbdc6661c7b475b3cb2a202253c05c0cda45331d644f46cb1b2243c19301e0c6691a6da366dcd9db42dede81b2781edf021964c8528dd81d85a2d03b88a","ssdeep":"768:4zMhtTwsESn5FFUlffRdMFyRsTngw0IQ2ovp7czzUjEQphySPrY9nZh8bT5Vto/e:Vln11TgBIcv1c/Ubr+C","tlshash":"dcf2f9c8b2a0946683e2a1a290750203f33954557409869cbb2ceef7ed7deca7173f75","size":37122,"data":"","first_seen":"2025-12-19T11:10:25.718981Z","last_seen":"2026-04-28T17:47:36.938848Z","times_seen":429,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.google.com/maps-api-v3/api/js/64/9c/util.js","fqdn":"maps.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"80fd8ff050bfa5fbd591885a558fe46d","sha1":"483da5af47d91833da3628a5ba4416b1d6750bae","sha256":"f25e0974e8941b13998baafb208905fa05c2fa78024fd2d0e04acd8f150c360d","sha512":"de72fe8dc39533b0f8b3f5fdb293cf5069bc4a8723916b3e1fb38f13927e6a6ea4cc39739fff9e8052b29c7aac65f7c75c67796e5940972f1e555b167700badf","ssdeep":"6144:ycoi0cBj+2Yk2qaukRn4SZneQQ6jcMe0UkY2R/Ck8Zxu0BF8mTzni:ycoi0+j+2Yk2qauqn4SZneQQocMe0Ukb","tlshash":"6e64e67c31316b0ee973c85fc626301e90257edbfad488bdeee55156ea50989f0e0638","size":310570,"data":"","first_seen":"2026-04-14T18:45:03.922286Z","last_seen":"2026-04-28T19:19:30.692315Z","times_seen":14235,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.google.com/maps-api-v3/api/js/64/9c/common.js","fqdn":"maps.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8f7c4c6685e95b2db54434c7355b4fbd","sha1":"56a824bd3acb30f2590ca4315e251a86db5efc9e","sha256":"4b1828b461ddeada119e894885b8d598af0dab62b1970afcf935db63963d95e7","sha512":"353232049eaf2e42053b8706e6eba4cd32588ae19302171e5290bd3d7867e86b376ff38ef3f60ef437dc88205ea6d6f9f289ec7c0630722a27e5697afb081b36","ssdeep":"3072:rAJe8d6Dm658A7XW3kCPe24fey+geMbmZkTypGt4IbFnqfaV2qhkKT/qMy4LUY9f:8Je8d8m6V7Xo9PewBiSkepcqfaIqhkKN","tlshash":"0ac3e8c9319371b37fb1a89440970106b25aa499b06dcd2db1fdd8f3aef184601fab38","size":127335,"data":"","first_seen":"2026-04-14T18:45:04.055792Z","last_seen":"2026-04-28T19:19:30.673562Z","times_seen":14236,"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-04-28","alert":"Hunting_JS_WebAssembly","trigger":"maps.google.com/maps-api-v3/api/js/64/9c/common.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/appear.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5a457d262e3c32d25c003ca412ee7fe6","sha1":"b08e23c986259073419a7068fcd36296a91b1ae4","sha256":"46fb2235bcf84086a9b939ae509ecacc01bb31c68ba94e6473e31d8adebec3eb","sha512":"826945d028efc7a9f95c22c5f4d34dfab6704b75f45e7d6fc2e93e2b42f7078aaf7b8508f9155b36dd15ca759a765fff3b4550f17e3b187e79285f63de455d53","ssdeep":"48:3l3Xwqhd24ayV+zFLAPftUIeohhR9zIreFfFoBSxMEh1u1cq6KjD4W7j9:V3XWz1zFkmDo7R9cr+YSpTocqBksj9","tlshash":"7391db4a759b2ab54877722a9f2fa20cd721513b1202c21138eede6c2f71c50a197fdc","size":4379,"data":"","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T16:00:29.801105Z","times_seen":3275,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/jquery.mCustomScrollbar.concat.min.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"71951b246c4726520dce912a5ac7f03c","sha1":"56906b9b9f41df67063091b7a66c8584d87d748f","sha256":"dd3bda90c210c66fd618bb0c35f4b21f871ce1dae7396053cb4b3a90b3ec51b0","sha512":"ff0b38e4e02096dedcc6fb1a0899a7f8924a89e9b25bb8d712f5ffb01414641b009da55c45241ddea6440eecb7ebff11ea93318aea46ff3ff71a2e22670cb48d","ssdeep":"768:nAGHgQl8dA0unnTUOxZ5ynGi65vqjSDHR17JayK:nAGHUSnTUOxZqxjv","tlshash":"7a03f9e9370534fb12db6f5e441b010963365956a70b8870387d8cb82fb1ea622b7b6d","size":40547,"data":"","first_seen":"2023-03-07T12:05:43Z","last_seen":"2026-04-28T16:00:29.83161Z","times_seen":3660,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/jquery.mCustomScrollbar.concat.min.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/jquery.mCustomScrollbar.concat.min.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 11725\r\nlast-modified: Thu, 16 Jul 2015 07:32:18 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Th7OryIbkPH6qDudmGk7T%2FRf%2BDlquZnYrsLtr3uUB7JHnW1TrhrD1%2BnRroGWubhMjA2OVoRwskTfXQzM5iUX87q0egJcYP%2B6%2BaGnZ53kGF4wzn5SDt5m9Fvo5CbHX7owQ82ciUjq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd76f4c35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40547,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32009)","md5":"71951b246c4726520dce912a5ac7f03c","sha1":"56906b9b9f41df67063091b7a66c8584d87d748f","sha256":"dd3bda90c210c66fd618bb0c35f4b21f871ce1dae7396053cb4b3a90b3ec51b0","sha512":"ff0b38e4e02096dedcc6fb1a0899a7f8924a89e9b25bb8d712f5ffb01414641b009da55c45241ddea6440eecb7ebff11ea93318aea46ff3ff71a2e22670cb48d","ssdeep":"768:nAGHgQl8dA0unnTUOxZ5ynGi65vqjSDHR17JayK:nAGHUSnTUOxZqxjv","tlshash":"7a03f9e9370534fb12db6f5e441b010963365956a70b8870387d8cb82fb1ea622b7b6d","first_seen":"2023-03-07T12:05:43Z","last_seen":"2026-04-28T16:00:29.83161Z","times_seen":3660,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.chatway.app/widget.js?id=uLh5zs0ELPSc","fqdn":"cdn.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /widget.js?id=uLh5zs0ELPSc HTTP/1.1\r\nHost: cdn.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: application/javascript\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Tue, 28 Apr 2026 13:33:07 GMT\r\nserver: cloudflare\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: br\r\netag: W/\"9ef9214119a2c53b759ca941de348845\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 0oCCmveTVInTVkyfjqd7uxKPA0EMcYocTNAliWjFncePDTBcx31gVQ==\r\nage: 7570\r\ncache-control: max-age=86400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LPwd2ZKqAZOrIVssSGEifC5z6io0BAW2bWdHQyjO3T%2BfoiaE0meSru262uem7VwqrNaNcBvdl3zHI9JeTKTJLCGQf79JMtbr8a9oYkEX1OtSW8iUR%2BZatjk1gAZynCN2CA%3D%3D\"}]}\r\ncf-ray: 9f372cd7cc9f56c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":80892,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (35332)","md5":"9ef9214119a2c53b759ca941de348845","sha1":"7fa0387513b0a83ee1e605cb069091f38325fa83","sha256":"54c90ed1c80d0377f5553c28c761a160c591536438add852212093699c336ec8","sha512":"a93ba806df860b22c94456fff27cf7b79efa2473f1767a3ac9547b4943ebf5ce25a0665438e4ce6edefe2a4c46cbcea11afb5f986bb847b21c0837df5263746d","ssdeep":"1536:/mS5lUZC2aNdaIHhJ8f318pSpSdcZEn54QAOp5X3X:+S5lQ2Nda1LpWAOp53","tlshash":"9f831ab031a6193546eb48de6465b60036215c9df4858cbcfc3ccdaabb95cc6523aff8","first_seen":"2026-04-28T15:42:42.686489Z","last_seen":"2026-04-28T16:00:29.877312Z","times_seen":2,"resource_available":true,"data":null}},"time_used":108,"timings":{"blocked":3,"dns":21,"connect":1,"send":0,"wait":60,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prod-api.chatway.app/api/v2/pixel/widgets?user_identifier=uLh5zs0ELPSc\u0026include[]=agents\u0026include[]=faqs\u0026ip=91.90.42.154\u0026is_mobile=0\u0026loc=NO\u0026channel=\u0026domain=bluetidefinance.com","fqdn":"prod-api.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"172.67.72.165","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:10.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /api/v2/pixel/widgets?user_identifier=uLh5zs0ELPSc\u0026include[]=agents\u0026include[]=faqs\u0026ip=91.90.42.154\u0026is_mobile=0\u0026loc=NO\u0026channel=\u0026domain=bluetidefinance.com HTTP/1.1\r\nHost: prod-api.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:10 GMT\r\ncontent-type: application/json\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncache-control: no-cache, private\r\nx-ratelimit-limit: 1000\r\nx-ratelimit-remaining: 999\r\naccess-control-allow-origin: https://bluetidefinance.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mySkpmjoqrxksIIKQuyxyTlie%2BgVTubRbJi0iZogeLLc7%2FGK9D9KLJNrG2DXxkiqVyXb4sB1DR8T%2FFnF%2FN1daXn7VMcUBn%2B24du1DlgyGFF5UxHxDSZyVM9LfKf2A0sUwfb%2FdrVQ\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9f372ce19a731525-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13594,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"0ce5f3ea52ef6c36b4eeb92bb3f70343","sha1":"845b5feaa7cd8ef9734ec81c41098cd02c262b73","sha256":"0b59aa3b87b2399d59f3a2d6033542c0ec9b62aaff56ac9678838520d9d6f2a0","sha512":"8da05564c7db11baa9427ea7ec4a80165ef8264857a580b872e730c751cbcf2b213b7bbb5c350e5269e2572acb807016472b24bc9fca777c6acd79750a688700","ssdeep":"192:+2FBI1VTyOgXsbGP6b6Iy1y6nl/X5JkFoEl/NFEcPLuKCT3WRI0WdQ4Wur1bW7Fb:+28XPjbMay1y6l4SElPTDC5hQ","tlshash":"e7529784d8641cbf8b232757a0877d01361d52abd8d0dd66c9acea1851fc4fa2373b9b","first_seen":"2026-04-28T15:42:42.689205Z","last_seen":"2026-04-28T16:00:29.847338Z","times_seen":2,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":413,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/floating-vue-BnEilDhR.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.083Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/floating-vue-BnEilDhR.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/assets/index-0DOkM17n.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=URzDLCT1DxrdawkvSN4MOWZEea5nqiP8zlmaxu6E1FihjrqnNxOabTwYi%2FuUqO5AO%2Bn4kim4BYv8dQvwt0MOyBFWpGlUYbz5jNEA0uXFDymUbyJh8Mc8BJwA49%2BdiZ9wy4jTew%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-a6a5\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce74dbe56c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42661,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (42660)","md5":"509ee9e661778062020f6e50bdafdd54","sha1":"7fc1071c7f233db6d4959f9566fbe26ad9a967c5","sha256":"bcca3a00b7b20d7cb951eae4f5156840b08ad24a0f9e126db23ebf3cab70e2ff","sha512":"cebe35997a7b776adb56b3509a9ddc6dc99bf7f59a73bdbb55de7cc35aeb2f2c2169a4583750f37e5b6323ec8d16f5dc1385f96eae35d8c2ff6646578b1a8a52","ssdeep":"768:yUz+7n+eTC43ULScUbGyf2J8hrfLdZAY5+mn3Wh8usqu0+fbmzZqflPOrorRtfEQ:7zvfQnAY5PcP+pB","tlshash":"e513fabb7184f13313de95b6503a0609b3261798b40f545cb2fc9bed28b6d14626afbc","first_seen":"2026-02-24T22:31:31.464435Z","last_seen":"2026-04-28T17:47:36.920499Z","times_seen":252,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/resource/video-img.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/resource/video-img.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 58571\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Wed, 05 Dec 2018 09:18:34 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fY5kn1IyWFxWb8i26uR0K2VFlYUpNBeIZ%2FnlY73smjp3zY7N24tw3oUkasabYP5%2FyIYp8ClG9vLjWzUw8ebq2G0KP4hm3SWN8W016zTCT6FYeq%2BlgQ3cCGadvCAcgAVF0s1%2Faop%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd74f3435a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":58571,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 472x384, components 3","md5":"57dc6df0a806f93d0c0c500821a7cef6","sha1":"77aa7ef1702f01aaafeeb6847b6c667fd5e95104","sha256":"cc3c0fbfbae245d1b7ce35c172bb126a716cdd90465cc270557240b14aa9edf0","sha512":"e0d9cd08ace2ce5303bde4458645bbe254035a941c7391d05165c5fbd5e8fb57c6f85b7dc84ffe452818bbf44ff655150ae089718184cb07b9a942f5db651f0e","ssdeep":"1536:eWVHSJOyBYJEu1FU4j288WUKgBS1sPm7hVFpwju:eWVyJOyeJEu1FU0LUS1Om7hVoju","tlshash":"d243f148db9026f2f7055d6f0c619dcb97ff28a74b845812c2ea6491d8b173881fe76c","first_seen":"2023-11-23T09:08:34Z","last_seen":"2026-04-28T16:00:29.834657Z","times_seen":95,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":318,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/main-slider/2.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/main-slider/2.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 101927\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Wed, 05 Dec 2018 05:49:50 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F%2BuCt45YZvIVGlOMbmYA94pW2dKkaVtUr6BF59E2Ioo%2FGKswaJA4qbiUok5G6Ey2xKQLnKj3Zvk5fWIro7C3oDQJRzDmFye2tI4KB8UmYS9HXWXX8cAc%2BwPNOELsDtFSi6mg1JhU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cdbe81735a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":101927,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 310 x 492, 8-bit/color RGBA, non-interlaced","md5":"83bf2690e6c4e66de474d5f32ae51136","sha1":"a21e9090737f4bc7373577d26c54f40d246e02ff","sha256":"8397cc49ff013658b19902f3caa6deebe42ad734f43b79af0c22652282674d21","sha512":"6e128dcc93e3f23f034a937b80404f1ef6d93b737442e8d6fbbbe4182a05b2c7e04dd7cd8b15f23d25011e922de1548407209a0c0a9f5117d42351af29557dc0","ssdeep":"3072:54JDL6vWyYfwrGKH29vY6ax3+/0RXNRsQDkWUx:KJRHfwrc5Y6adk0ho+kWy","tlshash":"32a31237c5158c974bce9ee7308b9c5647864f74c840a116fa6b45f1bb8dbf128aa08b","first_seen":"2023-05-17T17:19:23Z","last_seen":"2026-04-28T16:00:29.854675Z","times_seen":101,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.chatway.app/sdk.css","fqdn":"cdn.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /sdk.css HTTP/1.1\r\nHost: cdn.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/css\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Sat, 18 Apr 2026 00:49:46 GMT\r\nserver: cloudflare\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: br\r\netag: W/\"eaed3f072be9f55662c0e7df3d26c7b0\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: bwnqNvzTRWVNtWuvFKGlZkvohgsCG1GOwAqasdZN9Zj48DWG83wPTw==\r\nage: 7168\r\ncache-control: max-age=86400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qSXUzucoYE3fmgXPgjD5zfZV%2Bf%2B6OzSDOqlflgIX3WVfx3BCBfvVTRIn9qjX2k0V3WqBrZFjy43RgAIILhc9ObBrzO%2FWS8A5WxOteSy1Yab4kBC3pZ0mINGBo%2Fpancd%2BgA%3D%3D\"}]}\r\ncf-ray: 9f372cdf3c5056c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21882,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (21881)","md5":"eaed3f072be9f55662c0e7df3d26c7b0","sha1":"fd0df35600b7fa8b96f82b9c1c4846e34d470afa","sha256":"bd890f76c13da3347928b262a302683b2cfdfcca79400d13f00a4106873202cc","sha512":"e17d4afd787d6113fdf66b0f95ad674b20eee6b4b0ff84c0d9a309a36951032061e191602a6aa129dcdbe98ec4eb26119239c49c16812035218265831d6d1824","ssdeep":"384:ZIORDFx7KVCnqvrkbPWaDQ++9iGiK0fgR3C4caZVCuQxeEEdHgpvhQWJo0m5cgre:ZIO4wlgb3Q7NAEa62tusk","tlshash":"4da20c71db862038e2a382cef581eeac2a38d44bd3161ebdb650f175c5da1d73325e46","first_seen":"2026-04-18T03:22:16.036539Z","last_seen":"2026-04-28T17:47:36.950565Z","times_seen":60,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/markdown-it/13.0.1/markdown-it.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:10.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/markdown-it/13.0.1/markdown-it.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:10 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 29336\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"62714aac-7298\"\r\nlast-modified: Tue, 03 May 2022 15:30:52 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1604890\r\nexpires: Sun, 18 Apr 2027 15:42:10 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BCn32toTwCKYybV29RAi%2F%2FeYHO0%2FBvHAXxsdbm6PrIa5A08MBU%2BZRv4TPAcvOl3D5ZSRymQ0roEz3xZi67gQhVDTuTzWN6F2yfA98kl5f3UoDGLbQPbgs%2BDvPqpgZfX5L8ksk7ct\"}]}\r\ncf-ray: 9f372ce69c024e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":103012,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65454)","md5":"2c312733bbc9b162af28c64c8991b3ba","sha1":"9e7644adf7f90a5afd8d60cf2887134ef08fb72e","sha256":"84dca58da83a8220ac8efff22a6c4af3f55e1f3bcc0ef739bbc033991be6d412","sha512":"4987c35183e0e71b29b06e8e3a95d4dfae86f1266c7473a1aa4fe271dad827613f58a6713f1cdeeddd870f70325e94fb536d8f679cbbe31469a99e80d9b27e91","ssdeep":"1536:+WA83I94l3mQiB9JGv18Px6/HpGmqD4JIz3BXUT+3VNb3xzsp4tEHDT8er3Q4A:+WAL6l/KP2H8zcOFLN36C2DQugb","tlshash":"5ba30b5562dfdcab229030d82c7f290da9fe4a42440cc428ffed91eb19a5993315bf76","first_seen":"2023-03-09T23:28:50Z","last_seen":"2026-04-28T17:47:36.943385Z","times_seen":1295,"resource_available":true,"data":null}},"time_used":90,"timings":{"blocked":39,"dns":22,"connect":1,"send":0,"wait":7,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/floating-vue-BnEilDhR.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/floating-vue-BnEilDhR.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UxWpnI5kLsJxl%2FoK%2BNMN20NVMDxScCYScF8WXn1fPrCWrpGtvOaCihsYRgM%2BqvMErfTVbLYxKAyweKSIFLsRrtqHCEjW4JuIs%2FOaGkvCJ8E39Ck%2FVOmqu9Iaf8bnhqwXiOT%2B2A%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-a6a5\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce7de4b56c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42661,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (42660)","md5":"509ee9e661778062020f6e50bdafdd54","sha1":"7fc1071c7f233db6d4959f9566fbe26ad9a967c5","sha256":"bcca3a00b7b20d7cb951eae4f5156840b08ad24a0f9e126db23ebf3cab70e2ff","sha512":"cebe35997a7b776adb56b3509a9ddc6dc99bf7f59a73bdbb55de7cc35aeb2f2c2169a4583750f37e5b6323ec8d16f5dc1385f96eae35d8c2ff6646578b1a8a52","ssdeep":"768:yUz+7n+eTC43ULScUbGyf2J8hrfLdZAY5+mn3Wh8usqu0+fbmzZqflPOrorRtfEQ:7zvfQnAY5PcP+pB","tlshash":"e513fabb7184f13313de95b6503a0609b3261798b40f545cb2fc9bed28b6d14626afbc","first_seen":"2026-02-24T22:31:31.464435Z","last_seen":"2026-04-28T17:47:36.920499Z","times_seen":252,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.google.com/maps-api-v3/api/js/64/9c/util.js","fqdn":"maps.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:14.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /maps-api-v3/api/js/64/9c/util.js HTTP/1.1\r\nHost: maps.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 71376\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 21 Apr 2026 18:32:00 GMT\r\nexpires: Wed, 21 Apr 2027 18:32:00 GMT\r\ncache-control: public, max-age=31536000\r\nage: 594614\r\nlast-modified: Tue, 14 Apr 2026 09:58:22 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":310570,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (524)","md5":"80fd8ff050bfa5fbd591885a558fe46d","sha1":"483da5af47d91833da3628a5ba4416b1d6750bae","sha256":"f25e0974e8941b13998baafb208905fa05c2fa78024fd2d0e04acd8f150c360d","sha512":"de72fe8dc39533b0f8b3f5fdb293cf5069bc4a8723916b3e1fb38f13927e6a6ea4cc39739fff9e8052b29c7aac65f7c75c67796e5940972f1e555b167700badf","ssdeep":"6144:ycoi0cBj+2Yk2qaukRn4SZneQQ6jcMe0UkY2R/Ck8Zxu0BF8mTzni:ycoi0+j+2Yk2qauqn4SZneQQocMe0Ukb","tlshash":"6e64e67c31316b0ee973c85fc626301e90257edbfad488bdeee55156ea50989f0e0638","first_seen":"2026-04-14T18:45:03.922286Z","last_seen":"2026-04-28T19:19:30.692315Z","times_seen":14235,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Saira\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Saira\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 15:42:08 GMT\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1381,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ad8722b594e3316785b7531c827cefb7","sha1":"9a4c9df92684d09b7b4c27a375bde6343cbb9b24","sha256":"d6a4af914c52fb0984414cfed8af40968aed0163c34cb70aa0830a68efa6c36a","sha512":"97d8ccbe3ee035f67915a1e6eba3da18ee90bb7ca3e1a66e27f1afb5e1ac91124e032f7e56575d801e48b10dfa9944d0523f7465e519fae4982581f70c4d4e88","ssdeep":"","tlshash":"c7219c90482aa500aa6b4cc523ee3e35ee8e70247464d579affd14989ceec26a33570d","first_seen":"2025-11-27T09:48:16.975152Z","last_seen":"2026-04-28T16:00:29.818201Z","times_seen":69,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":72,"dns":1,"connect":8,"send":0,"wait":20,"receive":0,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/gallery/32.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/gallery/32.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 124691\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Fri, 21 Dec 2018 10:48:02 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EgZNSkbVWgcBi48K5zodVhzkR4G4nwuNpFxTLjDBoQ9fexbw8K%2FQXRFfWUJXi2UWTvcy%2FHy5A8PV3HDZFUU61pu1ZLGHSCvsn3rh%2BJQAa3tyw3dJ2R8fRo%2BIWxgJfjK1cwzXU3zp\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd74f3735a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":124691,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1244x534, components 3","md5":"c129ec25ac6150f3eade0c3b1485b30f","sha1":"e3eec6191777a4986eed65f034d31577eaf6ba9f","sha256":"14c4b841379f22cb8fdaec6398bd5dd624bf0cfa5d3d4e4b444fc73435a189e9","sha512":"0c7b0c4a836b89991c76e6b1f199e10a3c20f0be4c40adbda51573d8f94aad6fca4f43aa08bab7b9e0b10dd2fc3a2e147d353cc941312c75ba1a1789ab267ddd","ssdeep":"3072:fPd2W0IcDFyQYRX83f9xHZUx0Vafyet5lNW3JvCmPTKLHF4:3EW0LrWXyFxPafp5lNWNcl4","tlshash":"d8c31277f2e4abe6d4fcd7087cb7b0b7e6c41884ec4f6a216f298843d6d402264e4949","first_seen":"2023-08-15T20:52:54Z","last_seen":"2026-04-28T16:00:29.818863Z","times_seen":98,"resource_available":false,"data":null}},"time_used":340,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":60,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/owl.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/owl.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 17911\r\nlast-modified: Wed, 26 Oct 2016 00:16:22 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2u6%2FKsoczv3auffVmiRn1bD%2B8jAnpmuS0Rf0wRdNM49q5XT%2FTbj6v5fcWQG%2Be986ZeL8s%2Fapha8azNcqoXz82J4etM7j0Oatv92iJuEPOFb2PnyvXLihp95FJwH1jMJRu8dikXo2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd77f5235a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":85303,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (360)","md5":"54428880ec8df798ac3d666f5113c7ff","sha1":"9e43e74b8677f39e87f1b11be4d536c618b14bb3","sha256":"0402874ff311f284b18af9e4c453ee5bf0916a3b7335f0be52dcb54a1a31338b","sha512":"abceb872c8942d366a533c0c572e0e6e31d1b428ad2bc6fa1e746fd31811b6f8dfcd77814723adf44e1a8585436b511097576159b8eab40706b025e3158eda24","ssdeep":"1536:/PLoreUScogMjVNPP8aLMBJk8u9hKt1o619IYj1oJ0SQIOZ:/fHNPP/qJ9BoC9XplIOZ","tlshash":"e48383c5f36c261b422a31785e9e23ce713d412ad91118af7ca4e9dc28d546c836eff9","first_seen":"2023-03-07T01:10:42Z","last_seen":"2026-04-28T16:00:29.865575Z","times_seen":3977,"resource_available":true,"data":null}},"time_used":314,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":313,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/owl.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/owl.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/css\r\ncontent-length: 1034\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Wed, 26 Oct 2016 00:16:22 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1pXejab4nKRNUJjTbiAGROEGPa5AoLxdFYRZDFfARF8DGK7J%2F8HEiE0ahSQLQ8Dxf0F59h9377E9DXm9yld1ZyuEWgGwHYmF4OzgXpbvOTagh6V4xZfMesSEP3plM2e8BcniGL5D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cda3fc835a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4113,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8cce5cff1cf4c0f193725107333e74b9","sha1":"bb8769505395bb8d99650037d12777e38d458b1e","sha256":"5e6e6883ff303e60d4090e48582e918dd5849170df78b30fbf7f30015a47ace8","sha512":"6404fa60b292572eb7268b27d8d649ffb0f4abef0d4b735f21f4f8f8e2d8a17f60bfacf750022030502c1563a4f1ced04f0875d7c31e3211a28cccc3fd3611ea","ssdeep":"96:OTgJdduXehkNbIAIhIL4NV5mVrKWT+8FjFE9pgrYr7gBuU4X:OTgJ/upNbIAIOoV5mVrKWT+39pgo7gtc","tlshash":"0981dee72167010e381b93e01aad6a56393d8443d81d8c58b6fb6609cf8ef98215ff5f","first_seen":"2023-05-01T15:45:11Z","last_seen":"2026-04-28T16:00:29.868889Z","times_seen":670,"resource_available":false,"data":null}},"time_used":191,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/socket-io-Bq1seLiF.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/socket-io-Bq1seLiF.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/assets/index-0DOkM17n.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XKN0t%2FfVciMk5k9eo%2BeKhoptSzmrGxBW5YeJMa4Xd6pbmm%2BfIyzGFV8d%2FbxaP%2FssGASWPy9U79C403jx8vW9q%2FoFV%2FpMSRjDexZuXg1u20kSVKwaY6WND8dWYNBEkVWcH4WiYw%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-9102\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce74dbb56c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37122,"size_decoded":0,"mime_type":"application/x-javascript","magic":"data","md5":"c4708b47d1b05894dc74a819edb1fe35","sha1":"571ca7b6ba0184fb98330910845c294572e0009c","sha256":"81d7c74fcdcd2ebd103038d7d8d9c7c1ae7089dd90cd0296a1daeed259d09702","sha512":"1865efbdc6661c7b475b3cb2a202253c05c0cda45331d644f46cb1b2243c19301e0c6691a6da366dcd9db42dede81b2781edf021964c8528dd81d85a2d03b88a","ssdeep":"768:4zMhtTwsESn5FFUlffRdMFyRsTngw0IQ2ovp7czzUjEQphySPrY9nZh8bT5Vto/e:Vln11TgBIcv1c/Ubr+C","tlshash":"dcf2f9c8b2a0946683e2a1a290750203f33954557409869cbb2ceef7ed7deca7173f75","first_seen":"2025-12-19T11:10:25.718981Z","last_seen":"2026-04-28T17:47:36.938848Z","times_seen":429,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:13.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://widget.chatway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 26 Apr 2026 18:03:56 GMT\r\nexpires: Mon, 26 Apr 2027 18:03:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 164297\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-28T19:17:49.706979Z","times_seen":314801,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/logo-blue.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/logo-blue.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 41514\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Wed, 28 Jan 2026 10:44:18 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jp3VxgBcmlk%2F9kfSrp31DCV9PW3hEiL9%2Fe%2BBm1lEhnmYcYvpt4gOTQNTKVxbFM2N66ggKjyIOxFVBnnH2pkZyjCzRZ%2BqmPOyGoMF7VRQdVH980%2Fe1Tmr%2BbTarTLha8TeYyxhc3rA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd74f3235a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":41514,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 574 x 135, 8-bit/color RGBA, non-interlaced","md5":"0f9294eb2779bd4833e0f4a16d434955","sha1":"5500d65d56415f4f5523f6bb808a67d1e53564a7","sha256":"8511c6f0206bf6d29b251861aefe97dc6bfb94e6e50f4221881c4e8bf58bdbf2","sha512":"53849533086af770ab0ae1879815ae15c76cf4700a3d0a2a9e5e81582c77338abee9dfc11ac4ec6fe4c654cea69707c0be926147d812d0baa1fc82c6c695758f","ssdeep":"768:+6KaAhCVVcL2nSmBHhEJ3WhDN/oHF9pDJ4YaK7R3TeApTtyw:+Twv2BGESDN/AF9pDJ4YaK7xvTkw","tlshash":"e713f15ee7cb1d12c19bb4319ef318cc591b8891d44162a585fb7a03fa32c70aebf182","first_seen":"2026-04-28T15:42:42.706429Z","last_seen":"2026-04-28T16:00:29.796501Z","times_seen":2,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/clients/3.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/clients/3.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 6896\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Thu, 06 Dec 2018 08:53:56 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pNmgWtqDfisvuDd6nUmQwrIC7nY6GepRz%2FhCx6JHggTR7B0IrVZZSWSWS%2BPVH5xhy4i4lNOnJ0wkziE6x3m7OhLE%2BpTlD27bRXDHFCTF%2FUwCLmRlOYDnPzLip1jIpCLl%2Ftt8R9uF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f4135a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6896,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 170 x 75, 8-bit/color RGBA, non-interlaced","md5":"004137a62b875f4ca217db35c7e9edcf","sha1":"1846573bcc32da2ec89fd98f1fe44e63009421f1","sha256":"ed5b5704dfbe0fee257f7a7f4c6deacd4cc16fa14277db03526a858fd1a70579","sha512":"51d15e4ff0aea32ed2c9b49ac1dee5afc59e1ddfc649b25dab67f5697ce983b003cd00cb68501c6f0867861e44070cc8bbeff0f667292bef6a7af1f0a734b80b","ssdeep":"192:9jqaSWdYUG6z5QLSOwRa02/TM3gsavQs3eiq:YWdY/OQLLwR8/Q/s30","tlshash":"0ae16bdbf4d14711d18dde80b0a5d83384d69dd266a01e18fe9bfeb498a605260bf7c2","first_seen":"2023-08-15T20:52:53Z","last_seen":"2026-04-28T16:00:29.823396Z","times_seen":101,"resource_available":false,"data":null}},"time_used":242,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/translate.google.com/translate_a/elementa0d8.js?cb=googleTranslateElementInit","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /translate.google.com/translate_a/elementa0d8.js?cb=googleTranslateElementInit HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qj7Qf1YHo5yve1sYlPxi33VkiWeqmIEKQ7cua%2FKjgOfwsuSFybv%2F3ZrZVdyzgwZubgFz%2B785roK%2F3zO1I0Qgqi23PCC8clpJqU6P%2Bqw1QSRTfWqHXpWZqr4s1TAL1O2FX%2FqTwuX%2B\"}]}\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd77f5535a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-28T19:12:00.731953Z","times_seen":121799,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/images/background/3.html","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /images/background/3.html HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6WdK9NY2NQEfdbgFPvAK1VITnx1Sz3RVKkyKzCwWRL5Ljl7NhWFieJhT1cDTcOX6ix%2FRMeZW9qo%2F0u1JOl2J3lQB8p71w2HumQ1ATnRlA9wIOwu1dWYYDz0HqyzLreBRxmMme%2Bfq\"}]}\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cdbf81835a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-28T19:12:00.731953Z","times_seen":121799,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/vue-chunks-DJFQZtNi.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/vue-chunks-DJFQZtNi.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/assets/index-0DOkM17n.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ekIQy3azRK28LCyI1DrkdSQsj2fRO4A%2FchBg%2BiMejOI0hrcV3n0VPIByK%2BttQGPp2%2Bh%2BFm3lnKIqM4Kc7Ei8vMmL1cBgFDzSXOzrHFZ%2F%2BBFQ1tkNI%2FYXW%2B3TGFGN6tBYkaGYAA%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-12a35\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce73da656c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76341,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1e99c223876f5efa31cbfd87dc56dfd5","sha1":"d13c3a0fa98f7ee53ec85dedfca65fe40ca2c53d","sha256":"f2d68bde6319b7606af287ded58ae268e8db236be7d2b3879a6d5ec9d39a009b","sha512":"7b72f7d736f0f5fba0ca77d71ce613c6811182aeacc762c85fcc2467c7fa39ef34d5dbd071983bf635d9a6d661d2e813debd0f14cb9ac741dd36bdeba4755c3e","ssdeep":"768:z80GJQN2EemJhEovnDbqTbWLBrsfcwn13wunX3nO0j1tqD9M5pEKtKFBrwik9PKG:JWp/n2DXkhso00Wj6sCFQCbARcx","tlshash":"2c7317e83182b57253fa09e6007b0406f3292d56384ed8d8f1adad9f3d7640591bbfad","first_seen":"2026-02-24T22:31:31.456448Z","last_seen":"2026-04-28T17:47:36.947483Z","times_seen":252,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@400;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Poppins:wght@400;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 15:42:11 GMT\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2390,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"99732590118df209cfff721d0d4bbb19","sha1":"6ae6323f3fcd8085a9bb38292b65972b92f1881a","sha256":"7d306f38fb5378f3a004776b9c2436cb31e864dfe47674b4f8334673ae5a2bb9","sha512":"c84f3706d491bf8ee62c595caba3533a9078dd5e474ea291b8d683d50eed716f19379ceb6007ac78ad50a53f64faa65f776310029514b363a4f9126c5aa3f1a5","ssdeep":"","tlshash":"ae419bd1087be114ab831cc123ce7d37ee1e9255b810e5786bfd0c98adabc654362b2d","first_seen":"2025-09-17T06:17:11.832934Z","last_seen":"2026-04-28T18:56:47.626034Z","times_seen":3276,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/responsive.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/responsive.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 4706\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Mon, 14 Jan 2019 04:44:48 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UCL3Gu89mqCbVexqo2BgJxvluwsfUzwQ%2F63L3%2BXf4xNIdTb35l9gFnMoM%2FDZPxUPs0GI1qnDGL7nKUReuMzquM2EPVMiqrJ1EdOu%2BQpu2ovRavk%2FN%2BNZGq3VJnszE5bWoHJOgTQG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cd73f3035a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":31653,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"f75122f18a065ff40df1ea1b5870a738","sha1":"6b2e248ee7aa935d4dce5ced2d7d816411e284c7","sha256":"6e56f114f622190085c41911d97dacccf8a0e7ff738018c2e4dbb49af7198cdc","sha512":"ada0cfe1e4a8552ff9a59c7164413d6c22c3d4d1bfa171004db822e30b889c9423fcda6eca77c857644b31488aab1bfbf8d2bb40309cf2b7c7d0cf90f330cb48","ssdeep":"768:cbCD326aOMRqXC7cFkNg/4vMoalOE4qxIERgRkjNwZYt/PJl:cWD32jOUQWkIER1NwcPX","tlshash":"65e2dc17f81a701d03970299bbb72ea4be75c466c7a381f1e832c505d2e846e07d5bee","first_seen":"2023-11-23T09:08:34Z","last_seen":"2026-04-28T16:00:29.821588Z","times_seen":99,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":262,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/flaticon.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/flaticon.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/css\r\ncontent-length: 1588\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Wed, 05 Dec 2018 07:40:20 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pZ1n6GX6ogsBti8wpOPpgkCCGpHZ%2F%2BB3wb5suuMZfmCYwB0irKRSp2Rb0I8vuaXfKybye%2FBq%2Fz23V3UN1PJ0VubOtll6nyXeTXBVBfIhOT61aP%2BzK1FENntm7T4vKG%2Bce%2FdnPaSK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cda3fc635a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":9306,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f58ee999a7f781848d2bb100108d6617","sha1":"e18d268cc29fffded015aef03dcb668a6ba1988a","sha256":"2042f53aab258a13861355cadd8928de3b839f921bbca846a9f125359e83c74f","sha512":"8d3992c93923a49dd37514bea34b3ba41c5175bf98387320d646c688142f385170b037edb48d0570507fccf6fe1af55a7563d0e35473590c0967ae5bdc195d89","ssdeep":"96:KGpN0r8+3M6Vz0EGl3VLFFz5k9jTbtiRP:KGTfmM6NWl3lza9jvERP","tlshash":"bb12e8b6917f10844701ea8127ab62109b94b42ccde9fc7ce1426e9dfaf1e0987c72dd","first_seen":"2023-08-15T20:52:54Z","last_seen":"2026-04-28T16:00:29.832899Z","times_seen":35,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/preloader.gif","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/preloader.gif HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: image/gif\r\ncontent-length: 95322\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Thu, 10 Sep 2020 21:11:32 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AZO6mxddOciw4D7KD%2FrQSwmarkV6JKfjlDTVbweQj4ncguXt2mvyJwsorvza6LbYkra1213grBncYFs3DmYBno3ENQPzImRvuIAx3%2B3Q8PooXmmNAUxPuXo790awRFu6j1bKlhue\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cdbe81235a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":95322,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 210 x 210","md5":"302ef6e78b1b7c04c79b451ef151dfa1","sha1":"e16ceee92e0ae3ad792b7c36673a752ec8d16e69","sha256":"aff6ec26c3ee0ae412074a15706d0a278ead30c74530c9c8936e8b68e9c78111","sha512":"9dc9e90346caa1f11d91ac40b2a02c24f2bf96744be5f53a075fb59b26cc6306a8ce2992de4caf78777a9340206c0897c8cc026c67def8222b61833bbc3c83a2","ssdeep":"1536:nxxxWgvgvgvgvgfkWkWkWk5AAAAV1/I1/I1/I1/I1/EFFFkvvvv5:nxxxWgvgvgvgvgfXXXI1/I1/I1/I1/Iz","tlshash":"4c93078aa1549b1ff651c1307d0d8b241cd57fbc79526f2fbb90724382b6ef5a0a0d0a","first_seen":"2023-11-23T09:08:35Z","last_seen":"2026-04-28T16:00:29.861002Z","times_seen":28,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":127,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/background/1.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/background/1.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 1322202\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Wed, 05 Dec 2018 07:48:04 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=la4%2FYFwbsu%2BOy0EAkWg9d0Zf64FJAxwdQmBTKzcnYTB4VY9Ra2HIRQojWcDIH7mzyeZwxlhoWInjBsD23EDLQafBXZtrLQnBArxR%2FvnNCNl3wnsNc6JsUFMbMttz3mL5tqbJqN3y\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cdbe81535a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1322202,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 838, 8-bit/color RGBA, non-interlaced","md5":"443513cd7fe11f01502dba5bf5b70cb4","sha1":"2ba05fa96cf73371138f2380792d4a6e654c3a14","sha256":"6c60c567b37dd333813be248ee0023fe76a3bbeb19c57cd93dc5ae7de2aa9e1f","sha512":"7d79153aadb58b74d108c106373c1c711c2a8a792bb38a2812d18a497601d9edae25c610c7e1b983ded5c935b548d919279458e59a8931a8ce17326ca85796ef","ssdeep":"24576:i2ofZ1iMZf9EuXhsCzA/z6hrwMWSMS7FADjDemTxUxgvnnoqMbmw:Rr1ShsC8yNDMS7iimTxUqvnoqxw","tlshash":"33252359ff516ebeb686111d0b6420a07c5e0eb6f79dc5343b1938bfda20d12e92328d","first_seen":"2025-08-02T08:49:38.053205Z","last_seen":"2026-04-28T16:00:29.809414Z","times_seen":77,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":176,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/socket-io-Bq1seLiF.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/socket-io-Bq1seLiF.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DQ669m%2BEtHH4SFyxgr5nbYjcyx6ReZTL6WqU92uM2ggBPtuTCoZsLNaI9ytGGtyOrSXCW2u2j%2Fbi5e7Mmeb%2FIgVBJelsKEAMwi%2BPnJw%2F2JJF4sMk9AVa7sIUJtt7hw5yP1fnnQ%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-9102\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce7de4656c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37122,"size_decoded":0,"mime_type":"application/x-javascript","magic":"data","md5":"c4708b47d1b05894dc74a819edb1fe35","sha1":"571ca7b6ba0184fb98330910845c294572e0009c","sha256":"81d7c74fcdcd2ebd103038d7d8d9c7c1ae7089dd90cd0296a1daeed259d09702","sha512":"1865efbdc6661c7b475b3cb2a202253c05c0cda45331d644f46cb1b2243c19301e0c6691a6da366dcd9db42dede81b2781edf021964c8528dd81d85a2d03b88a","ssdeep":"768:4zMhtTwsESn5FFUlffRdMFyRsTngw0IQ2ovp7czzUjEQphySPrY9nZh8bT5Vto/e:Vln11TgBIcv1c/Ubr+C","tlshash":"dcf2f9c8b2a0946683e2a1a290750203f33954557409869cbb2ceef7ed7deca7173f75","first_seen":"2025-12-19T11:10:25.718981Z","last_seen":"2026-04-28T17:47:36.938848Z","times_seen":429,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/resource/service-18.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/resource/service-18.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 34876\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Fri, 21 Dec 2018 10:54:28 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TcUMACemPU%2FgzpIvVRyZYcbGA1AVFllpsvwTS8ikRawkx%2B5R4wXwcifUPjyMUnhYATiINgaOi3SNVZsDobJFwBbulZ8ziiVYplrcTGnllBl8jC5qI2QPYiQx86uhy%2BhzagOfop2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f3c35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":34876,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 369x271, components 3","md5":"4bf41b195abea1ad3bcd205711efb5c7","sha1":"12d4220721d3ca13ef24c3802e9fd35d06bc035e","sha256":"ee5c38a3708d11b776516ce8c02ab7f670ef57f9dbc9f3294dc88b24ca29bccc","sha512":"239f9baa305ae98e7b023e0f82399f617c2315fdbaf0a774585379b191a226857725133f656512edd20e076fc8da645cf30f453f220e7f06db2b7d1e03093c6c","ssdeep":"768:r4cyCUa08Gq7xD99lm4YiZXZjqAj+PjbhFFXXF2cmLmbKLq:rByCeezjmdi7jAPXhFFXsdLmyq","tlshash":"1ef2f1911ff00366cb9aaef8765edc8a42326391e7c944b57c365b13239121d710a37f","first_seen":"2023-11-23T09:08:34Z","last_seen":"2026-04-28T16:00:29.878696Z","times_seen":97,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/resource/news-3.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/resource/news-3.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 47006\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Thu, 06 Dec 2018 09:01:36 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0Xlz7v8Nm5sDWlWI1GhvoEbYGP3HIk5olIOboFvuhIYfkba6tXqdriZbmZ0syJTQQAJ%2BLKHwEFjIvxE000kFIJkJxZsGJmS4hH5l70Afq5OFWy4Ek%2FFXO%2FlVLy1QYmFn2HSj7OjD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd76f4735a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":47006,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 388x264, components 3","md5":"ba602a452a39b90ec41fb40097ed6f4f","sha1":"0633bde8d1718a47729d3a30a38ad661ab339a54","sha256":"eafcd0bab9a17dd59850d625a08fbaed711ebe8b1a8b4ec782f95e17bfbcd85b","sha512":"5954ec28ba8710dc202614b0952c1c99c38b527efcec2ef54acc123c6f8c89824b5d1a94ce8a48ef662d7dac6c4d92a50ce3c6dbd45ce245c7d5b23dc6da0071","ssdeep":"768:29KIBA3IYKbNzVIAK2IlSDtcLFhAa70Wx7y2Cj1rpoxnnSFyYYw12y:elA3fe9VIAKZlSDtcLdoWE9Exnn5w3","tlshash":"e723f1afa392d5eb79b71c3a0520ce91e5dd6cfafee8c9a4f4d6e31a14800850d464c3","first_seen":"2023-11-23T09:08:34Z","last_seen":"2026-04-28T16:00:29.830815Z","times_seen":97,"resource_available":false,"data":null}},"time_used":313,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Saira:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i|Playfair+Display:400,400i,700,700i,900,900i|Saira:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css?family=Saira:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i|Playfair+Display:400,400i,700,700i,900,900i|Saira:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 15:42:08 GMT\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32154,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"4ccbc092f8e39c4e1d40d7917988d1e9","sha1":"835757cbb6ed162ec806e1b262ebaa9787257502","sha256":"cd2ff616c72f8250d620e05856b3c29ecf1f1840d842737d2a9541f13737e381","sha512":"349a074515b9442e1af74c3e9fe7293f709c33a040f1f378f8aebfc593ffeb678fffc1699efb7f6154f847682b7b062a1225c497aa902bf42b82d72703e2ae9e","ssdeep":"768:wlk0za7LZQxBzaYwV0lOabwm028aBwE0UN9M9DMK:L","tlshash":"66e2eea1082ea144a6874cc223db7e31de8fb1547044d579bffd18d8acaad36a375b4c","first_seen":"2025-12-02T03:21:18.26274Z","last_seen":"2026-04-28T16:00:29.872149Z","times_seen":48,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/jquery-ui.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/jquery-ui.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/css\r\ncontent-length: 7920\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Fri, 07 Apr 2017 21:05:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OdeYlsYx8w0R4BRjqL766LFQp3GkfCW4%2B5BuEig0xI6tRS1wbgGQIkmhNVmG9N44P0GC1ndlUQnxrirkHBQ6kvZ0MTGr4IVsbFjv5TPV7aA5xH27T8mbjE99QoiOnV79hxDGX15V\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cda3fc935a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":37291,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2363), with CRLF line terminators","md5":"2ceccd2377d3af885a763a96ff1464f6","sha1":"96b766ae181055d5db25a91b9172998a954457d1","sha256":"252e51a5262ef0ccfa910301c8d76fddef080f10e870c72d0805152de6b5e975","sha512":"a363ce5b48f9772b7ef354de909f6e218e115ee242780a623b26bbaf87cc981d467efa406ed8a4b3981d8ee9b796cd3939a9978e660904acb880f750185cbc8e","ssdeep":"768:29IVwgSrzZIjnT79V96MBiWAVPQ0l5r/cdH4NvEtTfbv:Q4fbv","tlshash":"26f21eb49b43340d7617d350f2f26bf3de2e1392ee17c96fa49a254992d64a0807f6b0","first_seen":"2023-08-15T20:52:54Z","last_seen":"2026-04-28T16:00:29.878119Z","times_seen":90,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true","fqdn":"maps.googleapis.com","domain":"maps.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.201.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.764Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1\r\nHost: maps.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json; charset=UTF-8\r\nvary: Origin, X-Origin, Referer\r\ncontent-encoding: gzip\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 23\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://bluetidefinance.com\r\naccess-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length\r\nserver-timing: gfet4t7; dur=11\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"8a80554c91d9fca8acb82f023de02f11","sha1":"5f36b2ea290645ee34d943220a14b54ee5ea5be5","sha256":"ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356","sha512":"ca4b6defb8adcc010050bc8b1bb8f8092c4928b8a0fba32146abcfb256e4d91672f88ca2cdf6210e754e5b8ac5e23fb023806ccd749ac8b701f79a691f03c87a","ssdeep":"","tlshash":"c7200000000000000000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:10:31Z","last_seen":"2026-04-28T19:20:12.066648Z","times_seen":367344,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":31,"dns":1,"connect":8,"send":0,"wait":23,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.cloudflare.com/cdn-cgi/trace","fqdn":"www.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.16.123.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 18 Apr 2026 19:28:35 GMT","end":"Fri, 17 Jul 2026 20:28:33 GMT"},"fingerprint":{"sha1":"8B:DE:1D:69:D5:3C:A0:31:6B:5E:E2:44:5F:36:BB:05:5A:40:C6:43","sha256":"6B:B8:C0:8B:99:A9:67:44:63:FD:3D:59:1B:9A:B6:4A:0A:C5:D9:4B:C1:19:02:50:90:89:DD:AC:00:59:3B:43"}}},"request":{"raw":"GET /cdn-cgi/trace HTTP/1.1\r\nHost: www.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bluetidefinance.com/\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/plain\r\nif-modified-since: off\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\naccess-control-allow-origin: *\r\nset-cookie: __cf_bm=5x_eDAgbNc616fjMDt_MIu5XF4QrIRpeHttvKouAtnk-1777390929.8378997-1.0.1.1-ZbTu.Sg170XJAh83peLKAlggo4DanXMrK8X81zy0GGmC0aC1O6HAwMfhheAw3iMhXSiSbWVKejWghzo7SDIkrLkdlTMKXmBDJWtmRJGkYvNmWup8MmehJ26XMrn1WDx5; HttpOnly; Secure; Path=/; Domain=www.cloudflare.com; Expires=Tue, 28 Apr 2026 16:12:09 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HmuAqy%2Bv5ahBLAM2yc8boODXypOzC5vTHnbtergIrBkv%2BT1VA5%2BNVE146OdwHVC6O0dAcs%2BobOB0XW7fXdpEt02iCdXlUkWPlg2Ylwerbk%2F99rJsArWA9kitK6%2BT484dL2FyvQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9f372cdf795732fa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":276,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text","md5":"1cd3e59015655ee7f3c23db44a32f6ca","sha1":"460554cf04ceb8fabd5c6f4cdf2d8695bfecb73c","sha256":"efb455e6ca1ed1feb96bf274458b1032c0c2c400a390242e2891e9bf4cdc1ac1","sha512":"ae365e826a77d28d191ee6aa0c2b3319da64a56bfad1a08d00b3e748ba333822616536de07f7d3769a4f9c68700c89b498d5576c91d06365e2cb534a2110b3ea","ssdeep":"","tlshash":"80d0ebcbd13e0118246cc40c029b5386cb60600b89ebb831fce24008ffcc2d600dcde0","first_seen":"2026-04-28T15:42:42.722288Z","last_seen":"2026-04-28T15:42:42.722288Z","times_seen":1,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":39,"dns":20,"connect":1,"send":0,"wait":5,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:10.928Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 15:42:10 GMT\r\ndate: Tue, 28 Apr 2026 15:42:10 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10793,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"80df91dcfc8560910aca9bdd91a1e7d0","sha1":"2949de02fc38469258987e9b847a70a9cff1a21c","sha256":"0552ee50f635535685ba2713af81fa081791d7705baa9cdb3c5d1f463aa0a228","sha512":"65cbf1a5ff0d2e099211a39ed5128c8a95587b42dc854f30ffec1fc82e658911808709e5300319b495ec69bed73670e5c91404feb94fda4e7315b9b79ec62402","ssdeep":"192:+pspOlpXHaedhHdPgKQcXr3lVwa3RzJ/apsqiazk:+mkX","tlshash":"aa22add1087be114ab835cc123ce7d36ee1e9255b850e5786bfd0c98adabc254372b2d","first_seen":"2025-09-17T11:27:36.910597Z","last_seen":"2026-04-28T19:28:16.6205Z","times_seen":5272,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/clients/2.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/clients/2.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 3594\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Thu, 06 Dec 2018 08:53:42 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=puH%2BOJ%2FxySiz%2Fh8OiZFNGG6%2Fa6au%2BUz%2BPyty0gN72ftuJGgBlZxoQuAuNobkR4u5jQceTvqR5a7aURAYMoj0sIZX3H3R%2FTiQGVl3uFG8z%2Fc4UQT%2BCsqRTNDiqkKMFn99Cs9nW%2FBH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f4035a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3594,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 170 x 75, 8-bit/color RGBA, non-interlaced","md5":"457c5c560b9f53e972ac7fc231914679","sha1":"24cceb3b640e61bafe463aa4efbf8cb90dec9933","sha256":"a7536d043d6794603aabdb002be2f5acd8b6e4b07ffc01957b821d54505de8ec","sha512":"c636d51a37c39a1a3baf97443f6aaa149cab5950e7e43b9b5ab6d3e238567ebacac1b42a1947f2679323100ca8334078be2d462bbdd573c3d043b12e2b724096","ssdeep":"","tlshash":"0e715c0eef8080d42e4defef542bd7b799620408db6a60a634dee047ced60f592086d9","first_seen":"2023-08-15T20:52:53Z","last_seen":"2026-04-28T16:00:29.883448Z","times_seen":103,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/jquery.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/jquery.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 32859\r\nlast-modified: Wed, 05 Oct 2016 06:44:00 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FQA5LSMcKC%2BiHFWdxyTvM1w8jwLmixiPWfVSCliUx2iv4LFTb%2FwxzG1DbTpXsO9F0FsH3YKtx2IxAxLZQ130uKHNAdoOeGFwLIX%2FSYR8%2Ft3HHfxpvrEbIcwIY0ZR0LDPAURNsVU2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd76f4935a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":97168,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32077), with CRLF line terminators","md5":"618538b4ab9639d444e962729a927f15","sha1":"dacc1f76630a9708add066819b1aabf8dce01056","sha256":"27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe","sha512":"bcb6754ea246939a19a917cc0b810e1753c1b0f1a8b1b7e652128ef15dee4fc79111e4d88fe12f9188449a307e82240d0261af402d783428edfe5785c860372d","ssdeep":"1536:jYE1JVoiB9JqZdXXe2pD3PgoIiulrUdTJ5Fk/zkZ4HjL5o8srOaS9TwDhb7/Jp96:y4J+03jL5TCOauTwDhFdnCVQNLa98Hrc","tlshash":"9693d7d9b6d6706287b734a851bf410bb17aa8eab40c4c60f058c8e47e74e9d507bf2d","first_seen":"2023-03-07T01:12:12Z","last_seen":"2026-04-28T20:02:05.641676Z","times_seen":4762,"resource_available":true,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/main.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/main.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 2685\r\nlast-modified: Tue, 15 Jan 2019 06:28:48 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EgcjYbDsI%2F%2Fe%2BIIzCp8RZJCrvlQSwGkWjvrkJn5j1TK3pnNQjBoPvsLYzpogOCfQL3Py5hl%2BATPc7vLvJhfCSBH6PqZJ0ZN3cWeQQcQkDgnPBxl7JIuUavXxlL3OKZGc4QyQUZw8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd77f5135a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":16466,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"3e8aa314211fb89488bbc4392c21f783","sha1":"1737349ecd920e25831b8a41bb1c0cb1240c1d24","sha256":"5b5fe77b78a96871ec22052a5befd139a0356211a122e348874866b32d9780fa","sha512":"84c2c513633f4b964ccf43f806d0952645e4e1fa1181ad720b7dd18a78ddbe9f0e14ad58af74410b6aeb2c18e2a1c7fdc2ea9df45118e87a0e346b4e1f1af38f","ssdeep":"384:jLj1l5QmGc/DKJbhjGMozoYCMS/YqABoYoanZaoBY3fDYTTW0ouwMVu8pLGSpqFx:tzoY5qAB2MBqDB0VpDpqJB","tlshash":"7e72e4c033ac257a16fa32ca9c7b97015eadd437c08160fdf1fe142c65d870a22a5a9f","first_seen":"2023-03-12T08:00:30Z","last_seen":"2026-04-28T16:00:29.86042Z","times_seen":96,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/font-awesome.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/font-awesome.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/css\r\ncontent-length: 6619\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Tue, 13 Nov 2018 18:52:22 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dFjnlSP5JBgUwaJDa4e2mecDKwDR0%2BkPRCiLLRWLgQ45bvw%2FGG4HKkKTONvi%2FdtlYIElRbS0UpLEiRqXxutoTNWjAbjYpcmUxaY%2FJ51AFwQdHnmqpvHZ1kijsxBcVtMq4o1IlNaE\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cda2fc535a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37064,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text, with very long lines (412), with CRLF line terminators","md5":"c7241c3d24f1250b81f84547464b3ef7","sha1":"2c9d4fe6cc5755c555ff8ef0f9c992df4be377e9","sha256":"cb8367be7f2fc17c6fc67b8d0cc52540da779d51a03085f7f613c7ed83b7e3df","sha512":"1e0ac154188a70d46bf928805f74784de1f7a45e99f0f298b8f87a65de5abfff37e9c089f48ec16a4242861e7de8a330d99591a5731b0a4e59d6907cfd7535aa","ssdeep":"768:WbsmzFd8cWmbiC/9TUMNDtnx6ujNJZDd8:Wbsm5dQmR/9ASJx6ujT8","tlshash":"13f239fcd16e00d04b22daa1a3426a627b3db6bcfe420d55f2263d8c91c3655a1c6fdd","first_seen":"2023-06-10T05:52:54Z","last_seen":"2026-04-28T16:00:29.808189Z","times_seen":38,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/jquery.mCustomScrollbar.min.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/jquery.mCustomScrollbar.min.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/css\r\ncontent-length: 3801\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Thu, 16 Jul 2015 07:32:18 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BQRlx3Ilg48Elvk6DLsAmy2OY%2BuGreoHangX9hCGKAK8Ju7b%2FpXP07CN%2FRhPQyfhQz8n0jP5iQ2tcYOOu%2FNiKvMJ29nzBYoUJSsWsSssmr68ib%2BYuexIe486n8bJcGZstyoThztj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cda3fcc35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42907,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (42907), with no line terminators","md5":"48ced4b8591f0e0216bf4a44926cbbb2","sha1":"ecd34b4c09645b415c5a4535c51e18d008931204","sha256":"2cd8d308a8b1ab19dd60121e4bb462c5a217aab38f28b7c625698939b1902385","sha512":"f47852fdcd24874903889a567de2a26354931d1ec92beb84b28c81560dfbd5c8d256e0ae7fd168dc197827ec0f72c7b72a3266a69425ce0b2b2334983cbab609","ssdeep":"768:VStyRbNRmYdFZFt6vw7R01rnk6BcxL+zhRNxA5l2ng7ytcKaWDxQ:VStyRnmYdFZFt6+R9","tlshash":"0413179a2a4336dffa4f447dbb81379a11fc37834552166cb0d758a4ab88bf7a439402","first_seen":"2023-04-07T02:43:29Z","last_seen":"2026-04-28T16:00:29.78235Z","times_seen":1665,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/saira/v23/memjYa2wxmKQyPMrZX79wwYZQMhsyuSLiIvS.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/saira/v23/memjYa2wxmKQyPMrZX79wwYZQMhsyuSLiIvS.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32888\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 22 Apr 2026 16:46:03 GMT\r\nexpires: Thu, 22 Apr 2027 16:46:03 GMT\r\ncache-control: public, max-age=31536000\r\nage: 514566\r\nlast-modified: Tue, 18 Nov 2025 18:58:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32888,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32888, version 1.0","md5":"74d80e18e2e5d12005f1110b49ec1625","sha1":"896c7836d80c54cae8e9fab80bd8d94b49868ec2","sha256":"7eb811eb14b2ee22e3fba942b25c6cd062ff050bde10d29af1a4e16f99712e17","sha512":"d096d11adb38bae31aabadc6b13686edaec650b14a3cd43fa3c5b1c75a0bda5ddba2b41d391e24f6c462fde8c268e3c3cd31c1a664a04659042cb75aee8304e5","ssdeep":"768:qUu8M7payGmcx6Fvi2Y22+h+CyBjdlpGFDKDowoHg:qUXM7pa7t+a2YI+CyB7pfzF","tlshash":"00e2f270245930d7d5cbccb38aa5921f7db8507593a20bf7cdb75c494823e84a3e68b5","first_seen":"2025-11-19T03:50:37.402957Z","last_seen":"2026-04-28T16:00:29.833779Z","times_seen":535,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":142,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":122},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/bootstrap.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/bootstrap.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 19113\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Fri, 07 Sep 2018 22:19:48 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DVU006ZyIDt3EyDpmFtb5mHVwKA%2BNFln1ag6gTMAJRmY7RDWrxPajRdUtmmqMZGlXrHhJ7FqzVa1ESERYAdZxh%2FgXbc1GZTsMj7DZ3alveE%2BMCqcOFD1t4ok15uWMs8smq%2BbRJOs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cd73f2e35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":140936,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65319), with CRLF line terminators","md5":"e59aa29ac4a3d18d092f6ba813ae1997","sha1":"c4141255658403c38e1306d2fe196575522d6cc3","sha256":"9ef4fbe459177af5f4e9647cbe584514fd36c7386af6a1712d03ae4b42e45b24","sha512":"f8f8d2d7951fd526b7c3684d6a7ac7cf7ec988597acef817ade85b31092bbad544d9d59a41e79d7a2d9024f9a717205818be1a024c028be04e251d68059c8137","ssdeep":"1536:lx1bwyUPAy+QYYDnDEBi82NcuSEz/9OOL/gIENM6HN269:P1MbPnTLYIENM6HN269","tlshash":"84d372a7f5a0312da467c61960d0bafe156f8285d7221ffaf42737644b895cb0a73e0c","first_seen":"2023-04-08T03:07:13Z","last_seen":"2026-04-28T16:00:29.792114Z","times_seen":817,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":307,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/resource/news-1.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/resource/news-1.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 46503\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Thu, 06 Dec 2018 09:01:06 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Re8Z0sKjAq5M6Ubbv24dbLwZ%2BGRRD3GRY8H8GXEtLJamz3Dt4nnET963acY6VQhUnsf0oe2jP22oTeBt8x5jjuEMuyRFOGl9K3YInqW2U19qkxPr0%2F1RcbZkYwdbHgBnNxplMLXR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f4535a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":46503,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 388x264, components 3","md5":"209d33e0205292ef50512be855c9a645","sha1":"20f67ea03590d7492ccbe53984fe6b74df8c9275","sha256":"0506c6e3a52d2dd6f3586f1ef05b152085d57cf968217898fcc2f38866352b0d","sha512":"f1960eb9c4cbc7eb199af04e8baa9c7fe43da06fcb07a6ad77f927e1fbff83d050a64bceb2a46ea40daa397542bb4f24a4a2d4e715bc9c7062524d678a998c95","ssdeep":"768:My9C7yiFfvX1pZtZzW85e9yL+AuFIEx6v8tDAzoHaUDh91rVgIVJdPQ4ws:bQFHFprZzW85eYCILvaDAz7UD/FVga17","tlshash":"4b23f1699f1223e5fb538e3069b44d7d5bddcc4783a2699589c6e140acfa0ff488f482","first_seen":"2023-11-23T09:08:34Z","last_seen":"2026-04-28T16:00:29.875306Z","times_seen":97,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/jquery.fancybox.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/jquery.fancybox.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 34739\r\nlast-modified: Tue, 28 Nov 2017 08:38:18 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gJxHoutwEJTOorkhfDApLkK2dGmitTGpEqN%2F89Y30Iirk52eMi5mzsf1SwQtNmXyNvvrj%2FnRQBgz8%2BNlq8QG3qQWuufkMY8gzOOFzMuzc011bHHVi699ur6kQDksBi3nj21AcnWD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd76f4d35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":154104,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"6e11711058a9459a94d5a19b26a78135","sha1":"76792d5913afe035b6ccbac585b0b5e70b33aa76","sha256":"7b99eee1db728472aaa8452017a0d755f488e8d647cc0f62baf45f8ff65b95ba","sha512":"6ecbe997bc6e82fa7976a98e291ec31e043de23f0f5d06834fcc809cde8d0c3ffa0e96c734dfc0b0fbc313e405eac603540913794bb3a9a86ac56db5d2ab868a","ssdeep":"1536:26iljQs+4wETv0qwF/fwUsjuFR4amerr3txU0Me7/pby+mHWgGbAdKfW7WP83RSp:2NoETcqwF3wO/VUbZZr7WP83RSD6E3t","tlshash":"f3e3968a67bd112589333129ab8f705eb57e8423a10dd9263cad53481fc13a943f5fee","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T19:51:28.830821Z","times_seen":2751,"resource_available":true,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/wow.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/wow.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 2037\r\nlast-modified: Sun, 17 May 2015 08:30:06 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LJjOCko0k6pCjGAhrO06GC5Fe%2F0ibxP2xUYevR5hylbtT4RcK8riBiI%2FA0lCwiE4aZ2GnpSdZQH1FG63Lg1yxnB4Ju%2FzF9ZtOy9NSfKvu6VRj7ILbkxP%2BCjKFkRErFBCeCOqg6FG\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd77f4f35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":6300,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (6269), with CRLF line terminators","md5":"11ac4d7173a68c50169addca2ef1b827","sha1":"621284d032a248c41753e995680fc30089bd374c","sha256":"dd90fdb6538987fe7975bd43803b1c7d8d62912a371c788caec32d016e09dca8","sha512":"658888b9d89577b55798fc56451f9458ba9b4885573a96480fd9bd480cb59854769964da9a5f54feba19ba66fa6df44c79203d35f1d6d9cafd84886c58e233a4","ssdeep":"96:3GqKWTAKHF/suCdaOVEE1FnePgJqg4SImYad6Q:y30suCYOVEE7ne4JqgpIwdh","tlshash":"bbd175c9b7467036d79ba1f6873f0145a23a19acb008047cb7e984e57d348699237f38","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T19:46:27.176015Z","times_seen":4139,"resource_available":true,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"maps.google.com/maps/api/js?key=AIzaSyDTPlX-43R1TpcQUyWjFgiSfL_BiGxslZU","fqdn":"maps.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /maps/api/js?key=AIzaSyDTPlX-43R1TpcQUyWjFgiSfL_BiGxslZU HTTP/1.1\r\nHost: maps.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=UTF-8\r\ncache-control: public, max-age=1800, stale-while-revalidate=12600\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Language, Origin, X-Origin, Referer\r\netag: d7505896\r\ntiming-allow-origin: *\r\ncontent-encoding: gzip\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 102389\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nserver-timing: gfet4t7; dur=33\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":311308,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (11654)","md5":"b5be9d33878d0d6ef76ece44b237c638","sha1":"c40b432a937a52a7715a2c6d9f1d3d83c2d32b62","sha256":"1cd1188437b9a77bbeaa7a3aa82fedd563dc630aa10820924bb33ee32e9b2894","sha512":"b1fa87c8360b6ac3635c87ace12f4eacecd7b257ecc9a2419fa5b4286ccd856dd3583e622509078281768fb32212c6519f496c172336aeea2ce3d314de1b8cb7","ssdeep":"6144:McufJ4vP+w2iFcJj8n9pxjwh6qjRieGZcbJ/jXEyOP2ThDSuh4VncFd7kkOeVzPb:McufJ4H+w2iFcJj8n9pxjwUgRieGibJT","tlshash":"6d642b987362747287b2e4e450370105b17ea49af04c8aecb69ccde7adf69460277f78","first_seen":"2026-04-28T15:42:42.735399Z","last_seen":"2026-04-28T16:00:29.851288Z","times_seen":2,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":95,"dns":56,"connect":7,"send":0,"wait":42,"receive":26,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/saira/v23/memjYa2wxmKQyPMrZX79wwYZQMhsyuSLiIvS.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/saira/v23/memjYa2wxmKQyPMrZX79wwYZQMhsyuSLiIvS.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32888\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 22 Apr 2026 16:46:03 GMT\r\nexpires: Thu, 22 Apr 2027 16:46:03 GMT\r\ncache-control: public, max-age=31536000\r\nage: 514566\r\nlast-modified: Tue, 18 Nov 2025 18:58:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32888,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32888, version 1.0","md5":"74d80e18e2e5d12005f1110b49ec1625","sha1":"896c7836d80c54cae8e9fab80bd8d94b49868ec2","sha256":"7eb811eb14b2ee22e3fba942b25c6cd062ff050bde10d29af1a4e16f99712e17","sha512":"d096d11adb38bae31aabadc6b13686edaec650b14a3cd43fa3c5b1c75a0bda5ddba2b41d391e24f6c462fde8c268e3c3cd31c1a664a04659042cb75aee8304e5","ssdeep":"768:qUu8M7payGmcx6Fvi2Y22+h+CyBjdlpGFDKDowoHg:qUXM7pa7t+a2YI+CyB7pfzF","tlshash":"00e2f270245930d7d5cbccb38aa5921f7db8507593a20bf7cdb75c494823e84a3e68b5","first_seen":"2025-11-19T03:50:37.402957Z","last_seen":"2026-04-28T16:00:29.833779Z","times_seen":535,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":38,"dns":3,"connect":8,"send":0,"wait":14,"receive":9,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/favicon.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/favicon.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 3917\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Fri, 11 Sep 2020 14:04:58 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SnqNHccnUuYh8NFJ3xh7RvHgV5f5bR3SLjvade3djPZAHO7DEFuIkms8QPMVD7SeqI3mhNdx9KkNlergm%2FMf91AYXfaTkZ13aYZ%2Ffv3SQnuQWRiaRSf4d19YMdxn0xRZsmIMbXcK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9f372cdf088b35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":3917,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 136 x 137, 8-bit/color RGBA, non-interlaced","md5":"795cd973a75bba216319db621560f8b1","sha1":"7664ed7d30be16da097f3693bd9e7cbfea8e91e8","sha256":"8bc002c7fab77b38080477a04fcef4665ad5ec642d5cd5baf013a5253b0c7eef","sha512":"a1856571cd0ef5045b1f0dc094cbfee7c8f5b7035d5508cf3d1da4a5adfdd993c0c55d42240f1d1c250ab015b08ab83b615808ecf93cbcba166c3e93dfedb610","ssdeep":"","tlshash":"2a814b8b40e915e2f84da79b6dce57308870d5a8da1cd2d234f4c70b5b159c5a8a31f7","first_seen":"2024-09-01T04:51:01Z","last_seen":"2026-04-28T16:00:29.873559Z","times_seen":73,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/library-chunks-1-EduVGBsc.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/library-chunks-1-EduVGBsc.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/assets/index-0DOkM17n.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2g%2BN6guhxgJPUrXrIOfFylXbfHZFI2bpTsbidQm1rmJOeGSz5duOID8%2FePIZLozHXoAYZCCtn8cxC8cTBMiMK%2BS9o15LnotAZ%2B1A4wn75hLTcKtH2mbRzpNIt47EgPrhB%2FdrOQ%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-9d5a\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce73dad56c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40282,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (17714)","md5":"b7eae828772fdfb6bb6d9ab345964599","sha1":"43aa5e22cc8863a27e8a597ec93d67575914ecf3","sha256":"e8033f35ca1dc03f9236de86e896d4314516f1a981b5f8a835f0a3b752183dea","sha512":"f863e6440e53f89a3fe271843b24b5016efd504b7a70937b792f4eeb6a4e9c38958c604aa94fac6d95193f7199b1cbd713e8cadcc797b568fda37a26aa7c2468","ssdeep":"768:X1d3dEqzRMvkZXze2WNGoVaiLE4+oO/NeL2pi4cvpgOUz5ldjErp1wIIsI0uMomL:NjY9JFq2iQ7Vk7aF","tlshash":"830318d976d1b07203ea55f8406b0902f32a9a19744d84e4b16cdcef3db600a96bbf7d","first_seen":"2026-02-24T22:31:31.462531Z","last_seen":"2026-04-28T17:47:36.922949Z","times_seen":252,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/jquery.fancybox.min.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/jquery.fancybox.min.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/css\r\ncontent-length: 2938\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Tue, 28 Nov 2017 08:38:18 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IyMCUtBidGFgJpy7cEem7tuzVYc2eg74JgsIMc4zHQ8%2BHIx0AD%2FnRBxvZKbvAG6QK%2FCWD1q38RbRR0JxnsWFAED6ev5zPkflfQoR89pVRAAooTpw0X9dRAnqtJ8G%2BWlwZVx5%2BHu5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cda3fcb35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":13735,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (13734), with no line terminators","md5":"35d290afd71a6053d8195ea13170b4e9","sha1":"a64676403bb5c23f9800963b0b8f0475b532601f","sha256":"e467f75601e845da217ae845b688b227a19fbf1e8fc776a42a4905869496d2e2","sha512":"0136028681f47450835a9bd6345bb647c95f2be3e963980e5b5e355f3cdc602772313640c5d9b72ae71252bbe8099b11de5663f3fde49b71a5170e42959f7788","ssdeep":"96:tGA07/mPQRZa6f3sNGzssDH7jGSWWf8+WDJT53RjRuCicfMAJpEbyZh5fN2WdZ:tVQfXcVa7KWdMT539MCeAL55fJ","tlshash":"b0524e63a140311c903bce21d7df8948e279d55266221affe68cf919cbc7be912d62c6","first_seen":"2023-04-05T04:47:26Z","last_seen":"2026-04-28T16:00:29.802821Z","times_seen":5739,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/saira/v23/memWYa2wxmKQyPMrZX79wwYZQMhsyuShhKMjjbU9uXuA71rCks8xlg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/saira/v23/memWYa2wxmKQyPMrZX79wwYZQMhsyuShhKMjjbU9uXuA71rCks8xlg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 13876\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 11:28:07 GMT\r\nexpires: Fri, 23 Apr 2027 11:28:07 GMT\r\ncache-control: public, max-age=31536000\r\nage: 447242\r\nlast-modified: Tue, 18 Nov 2025 18:58:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13876,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13876, version 1.0","md5":"93d9873a4340ecbcf7ccac738ba145b8","sha1":"f87356ae2cb9ce57652eaa53515a96c5a847621e","sha256":"f477825b1d839c775bda7708f78e933bd246c582e7186769e9a25e9b1a59b350","sha512":"f51e43d1f215818795b3e77c9a260283a08da53d59f20f33950be8221e4c820091f9bad7fb3f88b851f5ba785c4e56aba14de913de00dac46de9978887aec473","ssdeep":"384:H+pubPoy22hriG3ay0VsRtI2rzoEPVMh0sls:SAW2riGTRtIqzlPVMhvs","tlshash":"4452c0a3e364a662b574c850693791cc55f5ef2438f62c1a00986bacdca9de0bc578d3","first_seen":"2025-11-20T07:40:11.066968Z","last_seen":"2026-04-28T16:00:29.840178Z","times_seen":106,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":73,"dns":3,"connect":8,"send":0,"wait":14,"receive":1,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/icons/footer-pattern-1.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.276Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/icons/footer-pattern-1.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 53665\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Fri, 21 Dec 2018 11:31:14 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o3DZjTkG2pvZ%2BYdFOoqRGCqRTa9SZFml8pIdtOKujzzga6w2%2B91SN%2BJ%2BLBHQPCQkX1zrAC%2FpLDn2yQYA6%2BYL%2BJZeDLNQLfI7ythv7kseQbCiOUNZvBUv6nQHYFEfdbtwFrJY%2FlI2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cdbf81a35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":53665,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 505 x 334, 8-bit/color RGBA, non-interlaced","md5":"90487ea0c8c87707fa2527ad3221d9ac","sha1":"39c68e55684329291188068afe8f790cb0ecd3ff","sha256":"5e04a0f2a6f21865fae8aec4f866fbd4c3bf7a613c812aa6a32fd0ac50257223","sha512":"df716abf76100dd3bc18d00871189db7c75d0851490c79cb529a9adc0fc072bfbc57658ad756a1e133936fb12e1dd495682fa7e3f4ef68f885d24aea7863fd02","ssdeep":"768:oF9BneUIFJWxE9zYaw/r0R4OuR6zWxBAvXBIPRnAQWMD5YFFZKt4nt:oF9BnefPkIzZA48RyWTApKFWo5YgYt","tlshash":"233302df1819aaf0f68397db46dbd150c84707a8c41d9a748f9cb9a561ac080c8bb7f7","first_seen":"2023-08-15T20:52:54Z","last_seen":"2026-04-28T16:00:29.784002Z","times_seen":99,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/fonts/flaticon.woff","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/fonts/flaticon.woff HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/flaticon.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: font/woff\r\ncontent-length: 39244\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Tue, 04 Dec 2018 16:25:40 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4fowHOI%2BupdiID37xn%2B4XHL%2BwKu81ZjYbIKsgi%2B9yIVkiGmLOeHb23gomZ4Fp%2FzUyP0NkT8%2BcPQuGv3Bu4KK%2BRs%2FcR4M5LRGD2RZIcYoXX83Gt6bHveLjkIk9%2FXb5QExXIGAl1qd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cdc081c35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":39244,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 39244, version 0.0","md5":"126d495872982d7ea550f4d2474c51c7","sha1":"de51d1823811fa6ef104d6c2029dc95bf7b9f43f","sha256":"e7a91f63ea11dc256f7456a4743b95f3b744c7a84c4bf4ef54ac4415fbfe7cc6","sha512":"18f810a477afcb486d8e246af5631e6690f62bf4675209c593985f44609d0fd2e2643445befe60626e6d8e9c811f4b9a453030aceea0d532cf0060685e5519cf","ssdeep":"768:8X7/RQ2awZ4AgOZBg9Cq0+DP1/cZ/u/hb6fAxQKhc3LSTZFNN:8Xl6k43OPgIlQP5U/C6fAO3LS1FX","tlshash":"3803027da2b68227cad1f6660fc25a786f0680c70570759bec2b1f0cd1669af2dd407d","first_seen":"2023-05-17T17:19:24Z","last_seen":"2026-04-28T16:00:29.861627Z","times_seen":110,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":129,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T15:42:08.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/html\r\nlast-modified: Wed, 28 Jan 2026 11:16:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bFMVDh17NFHVYxXCnjwkCRKH7Fk5DIFLa%2B07GTfuDbxDWyNneduJKNKtej4x2P%2FkDkIttrEb5nn62msKbL4ve1Uc1NXG8urNPTixAtY9pFz4p%2BafoZ2KHUuP0sIvDDqDmFtj8PsE\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f372cd51d1956bd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"FancyBox","description":"FancyBox is a tool for displaying images, html content and multi-media in a Mac-style 'lightbox' that floats overtop of web page.","website":"https://fancyapps.com/fancybox","common_platform_enumeration":"","icon":"FancyBox.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"jQuery UI","description":"jQuery UI is a collection of GUI widgets, animated visual effects, and themes implemented with jQuery, Cascading Style Sheets, and HTML.","website":"https://jqueryui.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery_ui:*:*:*:*:*:*:*:*","icon":"jQuery UI.svg","categories":["JavaScript libraries"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"Popper","description":"Popper is a positioning engine, its purpose is to calculate the position of an element to make it possible to position it near a given reference element.","website":"https://popper.js.org","common_platform_enumeration":"","icon":"Popper.svg","categories":["Miscellaneous"]},{"name":"Google Maps","description":"Google Maps is a web mapping service. It offers satellite imagery, aerial photography, street maps, 360° interactive panoramic views of streets, real-time traffic conditions, and route planning for traveling by foot, car, bicycle and air, or public transportation.","website":"https://maps.google.com","common_platform_enumeration":"","icon":"Google Maps.svg","categories":["Maps"]},{"name":"Chatway","description":"Chatway is a live chat tool for websites, designed to facilitate customer engagement through real-time conversations.","website":"https://chatway.app","common_platform_enumeration":"","icon":"Chatway.svg","categories":["Live chat"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":37527,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"821325f0b78c14192893e236a66f75ac","sha1":"323aba4115db9c55e5f83bf70dd6b1aafcb05a6b","sha256":"52644c225b23ff9d646054bf5b1368fc8693d1ac7b228b925211c4cd30f82d82","sha512":"cdd7afce424198711c1d404c217947a56b8d35e9c9b9940df7e9851e3c4b4641e0d5b1d8d677bce677e18099c08aad8fb51aafc9a60445540ec5449dab0d0e76","ssdeep":"192:OlX6h9hILRqDFxtxIhh5iPgLg2LgQHsz9qXiTLvZwIvIbhoIoAN6TItdIRENItph:A2ft8hcWszhfBmskihj2zx3MpPT","tlshash":"d9f2db2164c1203702b382c55a626b5affa2c20bda1b8b4436fc2beb5ff3e05dd17556","first_seen":"2026-04-28T15:42:42.741505Z","last_seen":"2026-04-28T15:42:42.741505Z","times_seen":1,"resource_available":true,"data":null}},"time_used":329,"timings":{"blocked":83,"dns":63,"connect":1,"send":0,"wait":162,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/style.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.550Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/style.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 27605\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Fri, 11 Sep 2020 10:43:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KioMyaZ0Twglnf6p7HR9MFVByUVJ6uWBT8Mgb4%2Fa1o3bYtUB4NWyLNJg5CpfYQgUeUMDiLjsdjfgcmXdr2O5IKFBXXvvEAQJyL5T1owJywUzP4EyiGzTc7YMVNpW4n48Z3xEz6x%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cd73f2f35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":261892,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"ba5d43519afb0f1770f60e1f2bb624fb","sha1":"68e6d612c258c08b71f7f1b514482cc23941b7c2","sha256":"9fff6af22f5226a562a5403d7f16180662b63f98dcac3b8791bdbe3601d6e1a4","sha512":"13f91bf86d7264a518955d3aa1c839434214eec2f8cf52e3a79e82272b2662ff090e3c599a073ccd5064734b0ff6880e9a9b503d6142a38c5ec98d9580851551","ssdeep":"1536:eR/bW9BGHkSglCU0heAazASHAv2I2/WP/WHeBbQLbRAF2SSDTMFB61K1QmEQyZAz:fAF2SLy6qM7Okq2GK","tlshash":"3d44a955c622204aa313972877f236745e389012dd2b4a5eb3bdba24d3e176c2533bdf","first_seen":"2023-11-23T09:08:34Z","last_seen":"2026-04-28T16:00:29.794026Z","times_seen":72,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/resource/service-1.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/resource/service-1.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 29709\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Wed, 05 Dec 2018 21:22:56 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e8F4yXskm1oEgvOQEIpMfqYnw%2FQtU3cRfUT7N7ZANpgjo932TpdlckoIwlk7HLb9LFejPSAC3JMGr0JSwZXNbuEqXUl7T7BZ%2BCqzKW2EB6eB%2Fgio2bDZSQlQ6iexIKev6wK7f5VT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f3b35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":29709,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 369x271, components 3","md5":"03e62fc06ad5cca1f22334697700726f","sha1":"49c21651e4f11a85f04e6c87730ae00f5fc0211c","sha256":"691765da513ac911143651119dc030e38f833b95d6043f8325e6110403363090","sha512":"fe2602a9d3102ed7ee089ada82fce842acc8da203d795f632948c0675dc96334821d8b0bbe846672a2cfb7c053d7d1ffd098ed27016f38d543fef840a78a738f","ssdeep":"768:alTd1xfwB8HKVJ+TTS0FwslOvkEbTb+NbuV/LU:NB8qD+K0FlIvtbmNCV/w","tlshash":"dfd2e1919105d8e12738e533c1df2d61fde780a97c011e8e1fd75ca06e679aa64143fa","first_seen":"2023-11-23T09:08:34Z","last_seen":"2026-04-28T16:00:29.856866Z","times_seen":97,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":311,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/popper.min.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.583Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/popper.min.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 6957\r\nlast-modified: Fri, 07 Sep 2018 22:21:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ATvuQ%2FwVmxAx09SsDPZkMVy0rHXy%2FYvScQ8Oou7zAAlj3GlFLVTQucMckao8wfn6QrqTj%2F1WdYclEm2fwRIuh9utKvw5R0JjcwIxjwQ59AGffCSgndHH7fGTLIJk7Nyq8R1F5Mxl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd76f4a35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":20498,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (20322), with CRLF line terminators","md5":"9b1dcd93871ac6da23becaef039b4b16","sha1":"3cf72db9816ea8cf313e6891fac2b9ad810a6fdb","sha256":"5f2a323cdac82cec5be5ee5416fec1b1f2d622c98166677215859af195ed29ad","sha512":"4f8a18119b63c6db95389d643c7951c401e0f933bb8bf8768c017e4a2ab715a494a69f2117b913eca37c1e60dcec02b3b5d5804e52e5083cb1d8e20e063e6e05","ssdeep":"384:25LFrVVVnCQvIR/CFU4hHPV4kdxXvYqo2D75zCx+vI2am3MxGpGTgd/9jt9+Db9H:INVVVnyiU41xXvlD7wx+v0xyGTgnZO9H","tlshash":"f392a2cc3294b06647e791a7a07f960eb2339875650e9410f299f2e97c30ef9913bc79","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T16:00:29.780531Z","times_seen":1778,"resource_available":true,"data":null}},"time_used":263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript\r\nexpires: Thu, 30 Apr 2026 15:42:08 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aRRMc3W0UEccceqK0yeURs7CVAUj0vgs3ahPWXu0Yv1XXrRbBsvNP04Jzf6V%2BIPYHvdr%2BDECnvhagnu4ZL8GkFIwmPmo0iR1q5PUKLkerQkCwh0XOsJ5ApsGrM9VcOYfK%2BdW6k8O\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncf-ray: 9f372cd76f4835a6-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-28T19:24:00.547239Z","times_seen":316599,"resource_available":true,"data":null}},"time_used":3,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/gallery/31.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/gallery/31.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 130710\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Fri, 21 Dec 2018 10:46:22 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AJxvRT13Kz65gLSVuvsJ7W4ZvdJqTh23ksdR0wa0%2FWWQKRnORdUhsiSpcVbSRAd3fl9cSUmG2rio8db7NZxqU31KCrJCJwhjyfXBb3Qms80boxYC6750ZZvsRbu2SWXnZL2xOM9j\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd74f3635a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":130710,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1244x534, components 3","md5":"8a05fb8eaf471c4029455cf32b355e8a","sha1":"3999a7f109a27d3725493b3d35cae39b2779f639","sha256":"819ad9d5955c5c605a293e82f98de964e3a12c4b6f0b2cac7c769c1b8b090367","sha512":"d8acfe92d8f5cf0f463bbe1b0c8d13ce914c076122e3d0a431e079bec54db25ab8a7d7f54f19d7b03325ba18139275155391bd8504f8e195b9e9ab6e13b0d630","ssdeep":"3072:ps9bw8xRnLq8ElPAPEeqtNngRaZaDc9FYchA1SvXC:ps9c8xRG9lgEXtORaZ39i0A1Cy","tlshash":"60d313c043642a814fd25bb9117601e4a7bc1b754224393c6aede5828e77293696f3ff","first_seen":"2023-08-15T20:52:54Z","last_seen":"2026-04-28T16:00:29.874691Z","times_seen":100,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/resource/service-2.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/resource/service-2.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 28765\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Wed, 05 Dec 2018 21:23:12 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t59700tHkClZiBjsBcOLiLyXNO1mmpzCHg0zl7iRkK%2BG8s3qJppOLqRtigT0%2FhOScgx0RCSvSG1u40QL711H2HmkvOegmx5SQvZ4l9TDMLbmDzy1WYPpjOs1lF5dSzubNIO62idP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f3a35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":28765,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 369x271, components 3","md5":"45c115e3a4be7faadc8fa9f7b76233b9","sha1":"c401e96dc46b71cbc4d170f4fb856c6fa69d11ed","sha256":"630cf988035c0a197feb9604337a2182dd45d4c28494f6bb84ecc748d52512bf","sha512":"b3c263545d0f124404740f6460450e8e30aabd781bf5fd95cb637de2af31357af449092b2c82fe3aac43c6cab80912ac63dff12a83c5a68e57d80413a1b2afac","ssdeep":"384:AJKP5aJ6Q4sTFROXWsyPYqpbfUK2kUYc0WDNUYgK+OFu3QeOFh8Dr2rv+Xngc6ld:f7Q4sTFROXWBJfX27luBjOFu/Ee2qI/","tlshash":"39d2e18a61a134e275e8d42840f25c87f3c5bc96c3602e1ea4f4ad5dee472b0d864f5e","first_seen":"2023-11-23T09:08:34Z","last_seen":"2026-04-28T16:00:29.859313Z","times_seen":96,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/clients/4.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/clients/4.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 3273\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Thu, 06 Dec 2018 08:54:12 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VZdPuqLmC%2BidBjduifTt6L5KiGm4fj7zWohW2BkHNOpAWnQnDqTc27wv5c46uhHrzTYsBXbd60OsV7Mw0nE%2FOedFqpzprFF97P0lI8a1EWbkxBXQLynhtMA%2B8FJ%2FN7tLgpa3e9WC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f4235a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":3273,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 170 x 75, 8-bit/color RGBA, non-interlaced","md5":"6daee7bd8dfc9189dea8041231c40fe7","sha1":"cf995aaa6788ddb65919daa5448f018261373ef5","sha256":"a500ced5c12d3ca15f5c5a80113c40f014d6ddb1f8bac7fa09cade3bc56cffa4","sha512":"481ffd9a90c191e95e348c3c779e55b2f6f84af9cb43226bb3c4d5c111da17ca0d8a24b99e6ccbcd9b4f6af6175044b903eb41eb0440eb62111ed22d714ab570","ssdeep":"","tlshash":"62610b2ad7e54983c1d8c5c81da99e36a5330fa0cb91dc11758b9c3f076d0bf44ae8ea","first_seen":"2023-08-15T20:52:54Z","last_seen":"2026-04-28T16:00:29.871586Z","times_seen":101,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/jquery-ui.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/jquery-ui.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 122544\r\nlast-modified: Wed, 18 Jan 2017 04:23:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wH7XbJJ8g13R3sf7OJPSL7AZzJlBsvG150vFbhEwEy0MeIiK7Y04u588eT3bAuDuPRmHamFMudGGNrnlDmBKs%2FsS%2FO8ba8ghhQDmC9hyT4B7%2B%2BszbnHmxzAxB0C2turaqAtXiQP2\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd77f5035a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":539425,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1002), with CRLF line terminators","md5":"8ec0db1cb8ed2395c5df4e11be0d86e9","sha1":"d91e3c65e262d7e0021a926d228b9f6ad9aef4a9","sha256":"97bca2a8204372f21c29bc2d6ceeb192eab0719f1d154e1073f04acd8d2f0064","sha512":"0bbe5fd8a7991d8f0bb43a0dff3bc1130f5e2514524fcca9dc4662815155644d44a550ba2ffd92e86177c024d28319dc28a39d007c01bfde6bdbfe3d429c8f71","ssdeep":"12288:BEebHeg/md/AHhsncaL8ata+3XIdCgTf9kDUUB:EoHhsncaL8ata+3XIBf9kDUUB","tlshash":"66b4c7d5334f226f86ea3359983a9289e63dc075d202807d789d58dd25a8c2843b7ffd","first_seen":"2023-03-07T12:02:47Z","last_seen":"2026-04-28T16:00:29.781217Z","times_seen":1050,"resource_available":true,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":308,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/custom-animate.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/custom-animate.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/css\r\ncontent-length: 469\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Fri, 21 Dec 2018 21:37:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=77mjmeZR79gjejhSW%2FlmoRxpGeq6uoyMsPZHCFsdPSIaEpco0hsj%2B2CNLk4H5mF68uXEa1gadGa0rzG6Ds0%2Bn2cjIfrcDTeE536Rzf1fMx4eQ6TmFiQaEJ3UuBw%2F4yc89WISJRn%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cda3fca35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":4302,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"40ec013105a77af3850afd6b72b32f58","sha1":"bffce5d1992a9dea52742856c9e4324992616a1b","sha256":"98bd89716a6e35515ed57a1b42e1bbb4536e813cac57dab093110c32e871fa01","sha512":"101deebe63bf8c044fc7a70cf2fab1e113136785ad7f597783c1ee021b34fa075da4ec699bd9f26b5b7da9c00c1b072fe621e47cc49885f4f6c6b0a4a62c67c4","ssdeep":"96:ioFeWEzs4vym1EYPZ2PZ26Gi6GTbWJzs4SPA1EQKWF4s4Lf71Ea:ioWPZ2PZ26Gi6GN","tlshash":"989147ea4402414643330b379bde4a14dd381ce3a6123dad72db190e9f797a82387e7b","first_seen":"2023-05-17T17:19:23Z","last_seen":"2026-04-28T16:00:29.801877Z","times_seen":108,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/appear.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/appear.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1234\r\nlast-modified: Mon, 09 Feb 2015 04:56:36 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gtOLA7b2TLV3PllfM6dWtTFN4Jcn3ldF5Vlatb2UBF3Ej1GdYs1xWLU8XPaQUSiHl3Z%2BJ6BnskIrdBtOzp6sUbOTvjXwzC4faWVGTX6UgYFBO7LOnAk6zb35HsCN%2F6Am1TSvDzrQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd76f4e35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4379,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"5a457d262e3c32d25c003ca412ee7fe6","sha1":"b08e23c986259073419a7068fcd36296a91b1ae4","sha256":"46fb2235bcf84086a9b939ae509ecacc01bb31c68ba94e6473e31d8adebec3eb","sha512":"826945d028efc7a9f95c22c5f4d34dfab6704b75f45e7d6fc2e93e2b42f7078aaf7b8508f9155b36dd15ca759a765fff3b4550f17e3b187e79285f63de455d53","ssdeep":"48:3l3Xwqhd24ayV+zFLAPftUIeohhR9zIreFfFoBSxMEh1u1cq6KjD4W7j9:V3XWz1zFkmDo7R9cr+YSpTocqBksj9","tlshash":"7391db4a759b2ab54877722a9f2fa20cd721513b1202c21138eede6c2f71c50a197fdc","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T16:00:29.801105Z","times_seen":3275,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":286,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/map-script.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/map-script.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1272\r\nlast-modified: Fri, 21 Dec 2018 20:58:08 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dMLoDHpPs6QLhHTi7EUBwZVso3Hh%2B6IeVT%2BlrjO2yYgLJ%2BfgmbJ9Uk0wsCE%2F6BYwbB7MbAxhqmMqujsaKNO0d4f%2BtecSKGj99Mz6qETRzzserdMfMcR7%2FdqlZxIvySAJu5SFAohK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd77f5435a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6933,"size_decoded":0,"mime_type":"text/javascript","magic":"Generic INItialization configuration []","md5":"7d4044985bdb94c0d65e6708dc497340","sha1":"b00d58d265054bbe203ff14a7480506ae76e3cbf","sha256":"7e6696f210fb301a4fc9ef3241d9251ba723714185fb4a1d5c681390b3678f63","sha512":"b304c108973869b337447f74b426345a51ed40d79b10685e69c5f0ed64629dae016a8104d266e86e54d36abe4e375b384ad02181ab2afd4abc64053dec5808f9","ssdeep":"48:DxOQwG3ptmxark2GAt1pFo56jsoPt+xmSwC3ssyUPm/mjM5BwKITEBSgPyNtENBc:MZGexag2bpFJP3ygNUwu","tlshash":"f1e1ad29fd28581b82f6f376567dc340f860d23b4240486bb63c85ac5ff1665968dfac","first_seen":"2023-03-12T08:00:30Z","last_seen":"2026-04-28T16:00:29.87653Z","times_seen":36,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/css/animate.css","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/css/animate.css HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/css\r\ncontent-length: 4291\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Fri, 08 Apr 2016 06:36:48 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tlV%2BbgMAiUYUoQt%2B6h30u7Ly6EA5rbSoiPeXir7rfhq%2BvhE%2BhaWF6uyk4846jQz8e%2FmXGRyvGsyQ7Poe9R%2B8lO%2B7OGJxA6EpUBUyf91N9bpEGDLM02styhNFShXsJsNqUcA560Nj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: 9f372cda3fc735a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79169,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"57fb9e2cfb317959f7824f4fbe950dbe","sha1":"378aaa5cd626d05d5a45f21a5629bbb5c09bf534","sha256":"75a917eda5c7d388adaa10a684b5468d51dd043ed1c517bec76b4ae0a6a4995d","sha512":"5b0371267fe722041c014f22c86a43bfd0c35f2826b6e918cc71bd7aa9b37ca85820d55d0a1409f37eff4dcce85fae8aea98eab8f40fe2a1d36e0e3fb279d6f7","ssdeep":"768:I1A1vYyY21f1NYtY7XXYzYtYOYrVDV5YMYw:dYyYaYtY7XXYzYtYOY9YMYw","tlshash":"8c732c5e1d40118447724b29d7de8f68eb3d917318222eee72c2588b8fb6fa853c9d47","first_seen":"2023-04-05T08:09:08Z","last_seen":"2026-04-28T16:00:29.872969Z","times_seen":1917,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/saira/v23/memjYa2wxmKQyPMrZX79wwYZQMhsyuSLiIvS.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/saira/v23/memjYa2wxmKQyPMrZX79wwYZQMhsyuSLiIvS.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32888\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 22 Apr 2026 16:46:03 GMT\r\nexpires: Thu, 22 Apr 2027 16:46:03 GMT\r\ncache-control: public, max-age=31536000\r\nage: 514566\r\nlast-modified: Tue, 18 Nov 2025 18:58:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32888,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32888, version 1.0","md5":"74d80e18e2e5d12005f1110b49ec1625","sha1":"896c7836d80c54cae8e9fab80bd8d94b49868ec2","sha256":"7eb811eb14b2ee22e3fba942b25c6cd062ff050bde10d29af1a4e16f99712e17","sha512":"d096d11adb38bae31aabadc6b13686edaec650b14a3cd43fa3c5b1c75a0bda5ddba2b41d391e24f6c462fde8c268e3c3cd31c1a664a04659042cb75aee8304e5","ssdeep":"768:qUu8M7payGmcx6Fvi2Y22+h+CyBjdlpGFDKDowoHg:qUXM7pa7t+a2YI+CyB7pfzF","tlshash":"00e2f270245930d7d5cbccb38aa5921f7db8507593a20bf7cdb75c494823e84a3e68b5","first_seen":"2025-11-19T03:50:37.402957Z","last_seen":"2026-04-28T16:00:29.833779Z","times_seen":535,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":62,"dns":1,"connect":21,"send":0,"wait":8,"receive":4,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prod-api.chatway.app/api/v2/pixel/widgets?user_identifier=uLh5zs0ELPSc\u0026include[]=agents\u0026include[]=faqs\u0026ip=91.90.42.154\u0026is_mobile=0\u0026loc=NO\u0026channel=\u0026domain=bluetidefinance.com","fqdn":"prod-api.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"172.67.72.165","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.874Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"OPTIONS /api/v2/pixel/widgets?user_identifier=uLh5zs0ELPSc\u0026include[]=agents\u0026include[]=faqs\u0026ip=91.90.42.154\u0026is_mobile=0\u0026loc=NO\u0026channel=\u0026domain=bluetidefinance.com HTTP/1.1\r\nHost: prod-api.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://bluetidefinance.com/\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Tue, 28 Apr 2026 15:42:10 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: no-cache, private\r\naccess-control-allow-origin: https://bluetidefinance.com\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: content-type\r\naccess-control-max-age: 0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fTnh%2B6I34WoQK0Ts95fkYNMBCDm8lzt9Dmg9sgZNBMTnz5Tbzk6bklx%2FTDcpECuIjtUiY4NMicGKTTxlY2D6Zdfhkm%2FvyDqpCfTmLzhNLVVofBzg3tbxGD4Ur5FDK1q4AVbIu4uD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f372ce03c971525-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T19:24:16.244565Z","times_seen":14339998,"resource_available":true,"data":null}},"time_used":382,"timings":{"blocked":80,"dns":52,"connect":1,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Poppins:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 15:42:11 GMT\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5993,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"9c51d4ed0528132b3a6be429dca636b5","sha1":"18cc681e66f5b6696a4ff89774e53aef2a51af00","sha256":"45a8505a86014b27b96db52f81bf4dbced7a8eb9b419d28e89bcfccb334b49b2","sha512":"3fa61799ef336da5f4c9a0a0fcf7d14fdb09e2e18cbc1488eae44a06b61beca3831c9eadd77b22a16a84e8041074d74d51429e23a1a6e8ce9b56860ed682e800","ssdeep":"96:SO1arO1aTJc+ukO1aaN3OEanOEaCJc+ukOEauN3OXa3OXavJc+ukOXaON3OxMac8:4hHdPgKQcXr3lVwa3RzJZ","tlshash":"15c19cd1087be114ab831cc123cf7d36ee1e9255b810e5786bfd0c98adabc654362b2d","first_seen":"2025-09-17T11:27:36.868673Z","last_seen":"2026-04-28T19:09:50.120992Z","times_seen":6545,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/vue-chunks-DJFQZtNi.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/vue-chunks-DJFQZtNi.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aWZWSTIYMbgQfh5%2BjDpIJvbSIN%2B8vGV9%2BL29hujSbmHra8RvrqWLvMPA0JKFsTKkZgcERvIH43Vv5RpuuR3h3NzNIrnttdGKHHxF3K%2BWCWpp58caP86r6NZU2C46cDmy4bY8jg%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-12a35\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce7de3e56c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":76341,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1e99c223876f5efa31cbfd87dc56dfd5","sha1":"d13c3a0fa98f7ee53ec85dedfca65fe40ca2c53d","sha256":"f2d68bde6319b7606af287ded58ae268e8db236be7d2b3879a6d5ec9d39a009b","sha512":"7b72f7d736f0f5fba0ca77d71ce613c6811182aeacc762c85fcc2467c7fa39ef34d5dbd071983bf635d9a6d661d2e813debd0f14cb9ac741dd36bdeba4755c3e","ssdeep":"768:z80GJQN2EemJhEovnDbqTbWLBrsfcwn13wunX3nO0j1tqD9M5pEKtKFBrwik9PKG:JWp/n2DXkhso00Wj6sCFQCbARcx","tlshash":"2c7317e83182b57253fa09e6007b0406f3292d56384ed8d8f1adad9f3d7640591bbfad","first_seen":"2026-02-24T22:31:31.456448Z","last_seen":"2026-04-28T17:47:36.947483Z","times_seen":252,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/library-chunks-1-EduVGBsc.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/library-chunks-1-EduVGBsc.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b5xcqVXfZpuhKDtqGs4dZmXghIpplmE8D5ufw6V0gyBmaEMmSJP1F6QA2JEgOdSaZFmDYsW8PTktNhuHiPRVXSIJ7%2By5Co09wXjATionQ2kZ5e%2FFCGyLF6wr19e2D0pyxGe49Q%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-9d5a\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce7de4256c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40282,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (17714)","md5":"b7eae828772fdfb6bb6d9ab345964599","sha1":"43aa5e22cc8863a27e8a597ec93d67575914ecf3","sha256":"e8033f35ca1dc03f9236de86e896d4314516f1a981b5f8a835f0a3b752183dea","sha512":"f863e6440e53f89a3fe271843b24b5016efd504b7a70937b792f4eeb6a4e9c38958c604aa94fac6d95193f7199b1cbd713e8cadcc797b568fda37a26aa7c2468","ssdeep":"768:X1d3dEqzRMvkZXze2WNGoVaiLE4+oO/NeL2pi4cvpgOUz5ldjErp1wIIsI0uMomL:NjY9JFq2iQ7Vk7aF","tlshash":"830318d976d1b07203ea55f8406b0902f32a9a19744d84e4b16cdcef3db600a96bbf7d","first_seen":"2026-02-24T22:31:31.462531Z","last_seen":"2026-04-28T17:47:36.922949Z","times_seen":252,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/cdn-cgi/rum?","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 633\r\nOrigin: https://widget.chatway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":633,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"https://bluetidefinance.com/\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":0,\"startTime\":1777390930612,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2026.2.0\",\"timings\":2},\"pageloadId\":\"c7ada338-c89d-4ef1-ab2b-3d5752b6fbda\",\"location\":\"https://widget.chatway.app/\",\"timingsV2\":{\"nextHopProtocol\":\"\",\"domainLookupStart\":0,\"domainLookupEnd\":0,\"connectStart\":0,\"connectEnd\":0,\"requestStart\":0,\"responseStart\":0,\"responseEnd\":253,\"domInteractive\":435,\"domComplete\":629,\"loadEventStart\":629,\"loadEventEnd\":629,\"transferSize\":0,\"decodedBodySize\":0},\"siteToken\":\"e86fbcc7788e4346bfbb6eec76997f24\",\"st\":2}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: https://widget.chatway.app\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yMg7w757RZPdTzHfzfvNDcEzP8DgxN9LIVRdCnG%2Ffov7oyHNdrcbeHezj22wuy43XSZwksfBhz6JBgs1k2z0PfLvVmzm825S2ZhjcAXemEg3F86WaI0LzkXFbaHFLei144AnGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9f372ce85ebd56c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T19:24:16.244565Z","times_seen":14339998,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:13.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://widget.chatway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7748\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 08:22:22 GMT\r\nexpires: Fri, 23 Apr 2027 08:22:22 GMT\r\ncache-control: public, max-age=31536000\r\nage: 458391\r\nlast-modified: Mon, 15 Sep 2025 16:36:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7748, version 1.0","md5":"a09f2fccfee35b7247b08a1a266f0328","sha1":"0da2d17e738f46d2a09e6fb7969da451719a9820","sha256":"cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446","sha512":"5e3f9a298003b84250ec6801e08ad2a4ff8845d4c3e13ea61bec37da24d26ede13b436257882124cc0c27e9a323ba92e7d23c6ad3f48a7b75535f5ed98813a0e","ssdeep":"96:0g6vAF/FXh6MmoI56TEwosGU/DbVF/QBT1gaHEYT6u/w3hXLbJPAS772+6haAftj:zp6x6TYpoDYBJg8TRkbJPAS/2+CzQa7","tlshash":"f3f19de65d1e5e8980f0102f6f6efce767950d88141dadf9a9e72f884c6ba1b04c90cd","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-28T19:17:49.781732Z","times_seen":209297,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/gallery/1.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/gallery/1.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 172642\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Wed, 05 Dec 2018 09:36:26 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p%2FUgCcGjIwMzEBz6j9RKxMCvO8wUAlgnJrEScxFIXtKgkM08eEeEK13pc%2BJFpLL3o5yJp5Xaw64Qy%2BViTWww6AuI0OzEJcbX426FXKf5T70CdM3gFfL%2FNJL6t%2BzAg5g4vQo9J61%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd74f3535a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":172642,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1244x534, components 3","md5":"19851dd7b93bee532f63704294d19d50","sha1":"9ee06e0f21786e9edfa38fb3072b9cfa33326c55","sha256":"555eb50b8917a674c56b9e99a99b8f9adf5299912d601346bd95db16cdfb2adc","sha512":"08895a8467466b25147b53e4ea156f672c9261f0afb58965bbb0e4d5de658ea83407e5c0392ab6991e38e95c252977a6f73c54205f0e30dff92125ba12b93dc5","ssdeep":"3072:k6rl+w0G0BA/Kls9wcnzUCDHYv+5p4u2F9cmivF7raaWPn6Y+AmTSh2QWBty:1ww02KK9wcNDHYvwSXivF3aj5IQkB4","tlshash":"cef312305a9e5081a0c76a84a0f5ae0843c61342d64ad14bedf7319bf98a3d7c967daf","first_seen":"2023-08-15T20:52:54Z","last_seen":"2026-04-28T16:00:29.799653Z","times_seen":98,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":297,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/laptop-2.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/laptop-2.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 69448\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Sun, 13 Sep 2020 16:06:14 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9gtYHn6EOff2xcuwrc0KP1UHksN%2FiwLMavLCepCr%2BMblwkAlZZfZGlQMHH%2Bq5T5BoG5JFavV1760o5HclUsxLWPsb6QDt2Gm%2BF1hcs2jrYoOg%2B6w2dqNfznLS1uoMsx0Lp6UJLLd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f3d35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":69448,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 814 x 474, 8-bit/color RGBA, non-interlaced","md5":"9bffa26bf7cc4476e9151309e69a3e06","sha1":"590583836db21cc94849235afda0ae27a2b8ecf6","sha256":"15576707500bccd2890fb44138794b8e8d7a2a4bfd2ef05785fb1b05609bda56","sha512":"1a9da6979b65f9622d69202f9d080bea91d021ad5aac98b3a5b329869f92a2302c680e8594f8fc600fcd63721fc56fadc3de4519f5c7eeddd295319db54269ea","ssdeep":"1536:ZkjaeOZZQokpffujFwHW3a7fIQB82khrJyOlQxRd:ZneOnQoEfutWwmjWrM2QxRd","tlshash":"e863021bcffb4c7a7e8b4519844c929b442887a314c4a7a68426e36bf7c037d2e411ef","first_seen":"2026-01-19T18:26:40.478934Z","last_seen":"2026-04-28T16:00:29.870827Z","times_seen":4,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/clients/6.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.575Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/clients/6.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 3399\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Thu, 06 Dec 2018 08:54:46 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0M5beS47oWZhaXGMCZJN7YUhM4ewuImGyk0vBnixpTG0%2FezcXt1FIAqbpsl%2FrEuH04S39TfHV5AIaLCrHVwH2QuzWMOI1r2l5B1IPeF%2B%2BYnUcTlNfe7JFXewXhALRKjxJgXklkW4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f4435a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3399,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 170 x 75, 8-bit/color RGBA, non-interlaced","md5":"ba33d1b9720bb9f3d89872a91d7f5421","sha1":"796cb23fcaec1f38f54494fda2051ef633fd42c5","sha256":"f5392b7712d09578e39a708810989017dee8de1f16d0980c220a11f1fe7a58a7","sha512":"90714a07e45ebbc8e0ea841ff3aa0910aaa16d730ea7f0f03421463879645431535096ab7d91b3b9ba34d6b5a5adc7b85a05689f0b5aa1b747a82f08421a7daa","ssdeep":"","tlshash":"b0613bb5bdc63596e855bc8010fe402bd291198bc4f8c424bf5e5b930fb43a49b180cf","first_seen":"2023-08-15T20:52:54Z","last_seen":"2026-04-28T16:00:29.884688Z","times_seen":100,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/saira/v23/memjYa2wxmKQyPMrZX79wwYZQMhsyuSLiIvS.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/saira/v23/memjYa2wxmKQyPMrZX79wwYZQMhsyuSLiIvS.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32888\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 22 Apr 2026 16:46:03 GMT\r\nexpires: Thu, 22 Apr 2027 16:46:03 GMT\r\ncache-control: public, max-age=31536000\r\nage: 514566\r\nlast-modified: Tue, 18 Nov 2025 18:58:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32888,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32888, version 1.0","md5":"74d80e18e2e5d12005f1110b49ec1625","sha1":"896c7836d80c54cae8e9fab80bd8d94b49868ec2","sha256":"7eb811eb14b2ee22e3fba942b25c6cd062ff050bde10d29af1a4e16f99712e17","sha512":"d096d11adb38bae31aabadc6b13686edaec650b14a3cd43fa3c5b1c75a0bda5ddba2b41d391e24f6c462fde8c268e3c3cd31c1a664a04659042cb75aee8304e5","ssdeep":"768:qUu8M7payGmcx6Fvi2Y22+h+CyBjdlpGFDKDowoHg:qUXM7pa7t+a2YI+CyB7pfzF","tlshash":"00e2f270245930d7d5cbccb38aa5921f7db8507593a20bf7cdb75c494823e84a3e68b5","first_seen":"2025-11-19T03:50:37.402957Z","last_seen":"2026-04-28T16:00:29.833779Z","times_seen":535,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":169,"dns":2,"connect":21,"send":0,"wait":8,"receive":3,"ssl":144},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/translate.google.com/translate_a/elementa0d8.js?cb=googleTranslateElementInit","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /translate.google.com/translate_a/elementa0d8.js?cb=googleTranslateElementInit HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jntnP9G7C4Ku5AU9orcYyuu6K9JrDerYKRFMUY8rC3VAJyB5YyihFughoQUqaADSFjCuCMy2EXR3GDU7PqfVUVDQAH%2FgD7f%2B7MELikUSUohl3exxrRQMfygeMufs8DqcwnfCi3PZ\"}]}\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cde187c35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-28T19:12:00.731953Z","times_seen":121799,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/index-0DOkM17n.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:10.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/index-0DOkM17n.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:10 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vp6%2BelFJqqp4%2Fwvb4GBGjJxK%2FIKftW6R6BPqP3Ej%2FoLGlaOZ2%2BI5qHf55oI6MWw3a%2FPrth9Gymw5XQhm0LyMqk4JmATTOgEcBDpxAPAJUzXVnGezla291I5zeobBw4QYMmg%2BIw%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-8da15\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce65c9c56c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":580117,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (39540)","md5":"02b636d87d5ef37757e560a7762f7630","sha1":"486c6e7d6d821d90c3c5b552e368b0942add7f43","sha256":"622a3caa310c343ac3287a87a8540fee3c01c3e2ee749e87df64e860c52bf130","sha512":"14bd08b3e22a97b6cfa23335b672ea730fe354a7f1fea2fb1dff9967dd5cd524f2bc830954890a3c3b0c18a6fb7ee0d5c7322cf6574908cd011b42b51bc73720","ssdeep":"6144:seMDMF2xhHRrJaYAmuR23A+V7VseBa1vMFHVPahAZcfmi7T5jFkot/GIcF0A3t1K:WrHR283Ab1Qy3/M3t9k9","tlshash":"bdc47dea31d1b63b52337760a41b7009b72c5da9dd48c49cf6eaccde2960c5421beb6c","first_seen":"2026-04-28T07:15:28.858485Z","last_seen":"2026-04-28T17:47:36.945153Z","times_seen":5,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/index-RYngCHi6.css","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:10.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/index-RYngCHi6.css HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:10 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xw%2BIax%2F1iMZD7IWPeWSjtSajti82PZE0cwgKlfFFkPNkWfZhFgmpJ8MuV3yj%2Fr4JFxOp%2BSS1k%2F2Mg4pBcD7fR4%2FrMj%2BmvqnjhPhXZz8%2FNm7wFtFicA8g8ykmKFQOgfuCmy7opw%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-2ee3a\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce65ca056c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":192058,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"082840c765c7a779063b2d041aa6c24e","sha1":"4113ef22f6f4311cf1ad5ceb65fb509c61f0c761","sha256":"949f187f5252dc809031685a9deddc725042c6f9e785b54e7de54e5921c02c8b","sha512":"cb0dc31697e9ce0f5fb06ad659ff926a081af39de851b0ac43d3b37ed223e971c6e38eb2851ab495d44a9601597e1e13ef9dff030e7136d1bb1d374bd4e84cdc","ssdeep":"1536:R44CCBG+WOnWxca6lXN7OcOxUyw+gBRNsXUB/MF+JCyxKckQYJDLi888U85pa4R:R44fBG+ficPPObL3+R2QEF+JCokQaN","tlshash":"49143b66b6913028f633c56660e06bfc733aa143d6120f6df5177f7c87c61e329a1a68","first_seen":"2026-04-28T07:15:28.870848Z","last_seen":"2026-04-28T17:47:36.94639Z","times_seen":5,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:10.934Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Apr 2026 18:57:25 GMT","end":"Thu, 16 Jul 2026 19:57:22 GMT"},"fingerprint":{"sha1":"AB:25:45:8F:55:B6:2B:26:B5:B1:EF:90:E0:60:64:9C:56:47:0F:B5","sha256":"47:83:31:CC:5E:02:0E:51:A7:52:AC:83:1B:8A:A8:4C:74:11:A5:F1:61:8D:C5:6D:29:3C:9D:6A:C9:29:AF:7F"}}},"request":{"raw":"GET /beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://widget.chatway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:10 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2026.2.0\"\r\nlast-modified: Thu, 19 Feb 2026 17:45:24 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9f372ce67c961525-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31169,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31169), with no line terminators","md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-04-28T19:23:58.928859Z","times_seen":52927,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":21,"dns":0,"connect":3,"send":0,"wait":12,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/js/bootstrap.min.js","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.584Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/js/bootstrap.min.js HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 13383\r\nlast-modified: Fri, 07 Sep 2018 22:20:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Aqm8MuQEMpSqD%2B18JtjROIN533k%2FAVX4C6Z3mVaIFVjjAv55umL4BN0zqHUFnqe20X85XdAzkeuZCE5QPm%2BVlej2vrZKM2ckj5AiH7DAfYzIjWbDZYF3pKb2m4DMG9HS%2BuhgY2fZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: 9f372cd76f4b35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":50737,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (50450), with CRLF line terminators","md5":"85636d56f74c4c11d1abecae2051c1e4","sha1":"739e1f5d163e0504c0ba039a109902354b22bd81","sha256":"6b277b4435729f70b53aa151dbe675d9cbc8a6637ad304ab07f581cfbefdfec9","sha512":"472f969fc97ebb71dd140782db2fe0dfff04601d4f94c988b7d0d7cc1522a13d44418e8510511256a359bece2920aeee3eed51cd7b20de08fce1f99e77b5f915","ssdeep":"768:qDYbgh0G45THVmcmjWSLlynS/zZ/AcyUr4Y8yiKKkHPPm26RoLQH/nIrPV:qDjh03Lo+SbZ/AfYqkm2KIrt","tlshash":"d733b90a725478a201df9466513f450bb73b389eaa0b816cf95d98ed1e7cd89312bf3c","first_seen":"2023-03-07T12:02:41Z","last_seen":"2026-04-28T16:00:29.868219Z","times_seen":961,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/logo-white.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/logo-white.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 41514\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Wed, 28 Jan 2026 10:44:54 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NB1N5%2BLXgZQJL9XGTnPOs5ErWv1R44wTct5NrqvKbRBcYBGaPJIWMTpxpyjOPAVjXjNzil9hYsW5FAGSEGW6W%2FNno1E9yoGlVB%2Bi39AmfPikTUJcITMT8CEUEuPc0zbaOn1Fiy03\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd74f3335a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41514,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 574 x 135, 8-bit/color RGBA, non-interlaced","md5":"0f9294eb2779bd4833e0f4a16d434955","sha1":"5500d65d56415f4f5523f6bb808a67d1e53564a7","sha256":"8511c6f0206bf6d29b251861aefe97dc6bfb94e6e50f4221881c4e8bf58bdbf2","sha512":"53849533086af770ab0ae1879815ae15c76cf4700a3d0a2a9e5e81582c77338abee9dfc11ac4ec6fe4c654cea69707c0be926147d812d0baa1fc82c6c695758f","ssdeep":"768:+6KaAhCVVcL2nSmBHhEJ3WhDN/oHF9pDJ4YaK7R3TeApTtyw:+Twv2BGESDN/AF9pDJ4YaK7xvTkw","tlshash":"e713f15ee7cb1d12c19bb4319ef318cc591b8891d44162a585fb7a03fa32c70aebf182","first_seen":"2026-04-28T15:42:42.706429Z","last_seen":"2026-04-28T16:00:29.796501Z","times_seen":2,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/clients/5.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/clients/5.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 5622\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Thu, 06 Dec 2018 08:54:28 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ITf3gzIX3zO5MBvtYPaXJqvvV6iCCteZ1I5bNShtHll0Dn8ceCnxnwZKhg%2FmqJseQcdcFAiPlfRQyk1N3pAxHzhBFMoLYUjCz9b7hRViCYXIcXOYClo2KJiS02U%2FrrQqDBCNVBPC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f4335a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":5622,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 170 x 75, 8-bit/color RGBA, non-interlaced","md5":"35e5e91f755aef38d0c56a4dcf1694d4","sha1":"080820dea085429c832ae711611d6e4101edb6da","sha256":"bb544016a706f52d8004dfc5f59763d78b3acf58ec5cdcaad8dd9555be2a552c","sha512":"942a181b22748113195612797d79086eb75ee677aa6cf9ef700039ac7a28db51b880159aa48a9c61713e7626eae6c4e5ded562fd1e0c6bfce45c3b719e437852","ssdeep":"96:H2KcUc5cncKz6H6HY9OyqWD1i+wsswCJz2qz4dB/BB4J9oV9OxoTRiH5G9vjX6He:FJkqD6H6HuNI++wCR2W4dB/z4UVPTIZA","tlshash":"d4c17ca25994dd426352cef0c7f56d26d2029ca8f9ecf2263794b6864c831ac70b70e3","first_seen":"2023-08-15T20:52:53Z","last_seen":"2026-04-28T16:00:29.824807Z","times_seen":101,"resource_available":false,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/resource/news-2.jpg","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/resource/news-2.jpg HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 34432\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Thu, 06 Dec 2018 09:01:22 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wmMAMkT9fks%2F0BshlPABqfENrCUlaYgSk8lLjy8gUpVKg5ua6pXbx%2FbYBwDKTM6WQYBKkeh%2BczDNs042RcmYi1V01irIjuvvb0u0SPybudJg64o1KsDEvhX4yId2o91A9BXLaneq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd76f4635a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":34432,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 388x264, components 3","md5":"97dbf14ab8330a827e913206bd8b6681","sha1":"11f12cf96040c3145a21e22ae03eb97d83b151c5","sha256":"d4d24aa915a3e5df11820f3c406d6c4766587a8f58d9f600aa0dd8772a65b1a0","sha512":"5f6aece7f3777c28b0bef710f6c4b66336376a16fde72f6a3efd178dc9ba7bea08b9d291b1bb94a8c5926dd2ad54bd64f7490fa08aa3970b15f3cddf665c1655","ssdeep":"768:NC3ssWch4lMtiXGTS6sjTbVuQKyt3uZk23CT2uCmGSA:NCb/h4lMtiW1LyBWsyE5A","tlshash":"61f2f10849a4e1d37a96eb336fb4af5482c42460dce5cd1889ecfccb255a6f4924f211","first_seen":"2023-11-23T09:08:34Z","last_seen":"2026-04-28T16:00:29.829678Z","times_seen":97,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/main-slider/1.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/main-slider/1.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 1118057\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Wed, 05 Dec 2018 05:37:48 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o4rdJICQNlA0vaajIuOqwyED%2Fe%2FD8V7U2ggimlfrUtRDQLM77zyYfr50sEY%2BZyDVK3xR0GHKfBoL3RTmwKSViJb1Z2oPXLV8vX4i2d17XsD9tyx8kYEgvwEBXP1pLf9re529f39J\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cdd386535a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1118057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1144 x 844, 8-bit/color RGBA, non-interlaced","md5":"a3d71f06d266eb95047e4e08cb3bc6a4","sha1":"ad69649ed1fde144dbcd1e45716249bc4b378e81","sha256":"5d36524447aacefb9b8bcf095bb865b7f53714afc746b05ed32a7a6f85db113a","sha512":"1aa18d7ba6d71008d87b7bb347e24be83c2754b3491648e3ed6e418cdb27e6bea4fd25b6954a1f78384f3187230f7af2369a70e0b3bea65c1d5610e6e0874d22","ssdeep":"24576:RNUuYkLMwfCDJTZ9eXPQFrrSwXJmYY1L1HUr:r5U19eXYFDJmjUr","tlshash":"7a253339ad254d782728eaf0691cf6f3f12881ef3352ef961d886d4d9b4a6f42d90c41","first_seen":"2025-08-02T08:49:37.895235Z","last_seen":"2026-04-28T16:00:29.8641Z","times_seen":83,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":153,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/vue-3-linkify-DSxu0C2V.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/vue-3-linkify-DSxu0C2V.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fn5FnOi0WNbqVkAwrNzLciknPFHWJifXjLWhueIAyeXnCpxtBf8SX9YMhtq3DpK4bfnRdDkRir71ljgnEKU0Y6f5smpDZbjZ9dTCZk6wqtDIQj8OELiEI8p4zCElgoSESuRC8A%3D%3D\"}]}\r\nage: 6626\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-ff39\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce7de4356c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65337,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21053)","md5":"1c840191d67e4382fe96ec2a00c2880e","sha1":"466d71e6207ece2939f6357d4b01ea30edb9e4a8","sha256":"adfc1ef77350a8ba76d1618a155ac6802e6d41804191fa9a932b88a81d0f6c7d","sha512":"ab39f6645b4919f2cf30911eab590f87c553318ff3cbf41dc0a9bc6ea92ceb0aa694948623ed896140ef23a4f0e768627b95708361b9ee32e852c7d8785c5667","ssdeep":"768:a27KR9FY7HCua/sF+sTnlO+zS06wjJTk7EIh8H9Oi6Sg9b4fTz1ETEGl2:PKR3CCua6Ts+zSAjJTmqHwiqc","tlshash":"2d532ad8f6c2e079475310238caf1304507c99a4fe85c42db9b8e4e734a995b71bfab8","first_seen":"2025-11-11T11:56:06.753135Z","last_seen":"2026-04-28T17:47:36.951066Z","times_seen":571,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:11.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bluetidefinance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 26 Apr 2026 18:03:56 GMT\r\nexpires: Mon, 26 Apr 2027 18:03:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 164295\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-28T19:17:49.706979Z","times_seen":314801,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:10.622Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color= HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:10 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=10,cfOrigin;dur=191\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1goCki3LW2QfHENp7qDqsMwegMsJUfntY3LIt0FpjFHXYKT0LfiJIurL95UDejBthP6fN25wFGovZdhLcFeevSDyqcNZREOmCw1Q7cX8KJiiXP5%2FW0FzKyiU%2FeREdMLTxBOM5g%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9f372ce49adf56c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}],"data":{"size":1597,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (499)","md5":"9690d875eeff3410a8fd82a737ce3d4f","sha1":"630fe026fd7c43152375eee805bb6332b454f0c9","sha256":"01cf8c41f3c29869634c26e5855c6397fa49da728db3a5775da372826e53c237","sha512":"44a7022d206ab446bd95d5d9c975d9e65f1e31ef8649e3c5cfda69d0de65b67bcf736d7a627a05ae543c394e6296bf068173eb3480695abed8fef0a6ae6cee4f","ssdeep":"","tlshash":"ef313345b4b0851522640f08b9c0fa28bd66b67f5689d8a0b0fba0bc8f58b96c71343b","first_seen":"2026-04-28T07:15:28.741977Z","last_seen":"2026-04-28T17:47:36.922286Z","times_seen":5,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/clients/1.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:08.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/clients/1.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 4560\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:08 GMT\r\nlast-modified: Thu, 06 Dec 2018 08:53:24 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q6dDTd3lB3cB9h8PXuGqXT5brJDxBbpQVORlJ3Mr30bQtGOOuXQ8FDcdFph56gTab2V78uE3qDZmqVIlqGOHc2QYo8myWjPo2vgnF5%2BfnbK1mvCOGncfCXWy7IHQS1V3473Fu8AA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cd75f3e35a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":4560,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 170 x 75, 8-bit/color RGBA, non-interlaced","md5":"93f71ce4dbc513c993c21ba0c691ec2e","sha1":"c0357b21ba9ebe53f0f2dafb17a254efafd09e79","sha256":"0af0c6d39be0e5af992db777385f050f6c7a7d7bc3f065282a4cf3d93e75856b","sha512":"75cc8d8066d9512ba22886345d75d4f9b8b63300c32d3c57770e30df1207803e4b62265da400361cebd22830d894189c8afaae76abb6787e49e964ba63c003a2","ssdeep":"96:H20WAxWrethrlnuKTGevLthog9q4T+OkASIXD2rO:GYWretnp6evxigo4phS8","tlshash":"77914d4b9a561f42c5cad1892ffa4b57ad260738e9eec07fb9f057025b2009a88450e7","first_seen":"2023-08-15T20:52:53Z","last_seen":"2026-04-28T16:00:29.807403Z","times_seen":101,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Poppins:wght@300;400;500;600\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.chatway.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 15:42:09 GMT\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4792,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e92cf7832aae7d8edc2ba6e7f85493b8","sha1":"8f3b35b53db9e44a35fd26e00c3fe1fa881431bc","sha256":"02d91b9ba6bfb3b8e5da28ba4628f887c207ca087e83b2df3ad228dbb633a938","sha512":"12a0764ce55eb2af4f0469219dc70d7afad9743c889ac7e4c4ab70c31bb2d985411096815abac0eeb1ae116da33d0959016fcd78d5ebcd13e4f5068a5cdf6ca9","ssdeep":"96:SO1arO1aTJc+ukO1aaN3OEanOEaCJc+ukOEauN3OXa3OXavJc+ukOXaON3OxMac5:4hHdPgKQcXr3lVwaq","tlshash":"6da1add1087be114ab831cc123cf7d36ee1e9255b810e5786bfd0c98adabc654362b2d","first_seen":"2025-09-17T06:50:49.017567Z","last_seen":"2026-04-28T19:37:31.180041Z","times_seen":2083,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:13.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://widget.chatway.app\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 26 Apr 2026 18:03:56 GMT\r\nexpires: Mon, 26 Apr 2027 18:03:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 164297\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-28T19:17:49.706979Z","times_seen":314801,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maps.google.com/maps-api-v3/api/js/64/9c/common.js","fqdn":"maps.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.14","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:14.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /maps-api-v3/api/js/64/9c/common.js HTTP/1.1\r\nHost: maps.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"maps-api-js\"\r\nreport-to: {\"group\":\"maps-api-js\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/maps-api-js\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37773\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 21 Apr 2026 18:32:00 GMT\r\nexpires: Wed, 21 Apr 2027 18:32:00 GMT\r\ncache-control: public, max-age=31536000\r\nage: 594614\r\nlast-modified: Tue, 14 Apr 2026 09:58:22 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding, Origin\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":127335,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1396)","md5":"8f7c4c6685e95b2db54434c7355b4fbd","sha1":"56a824bd3acb30f2590ca4315e251a86db5efc9e","sha256":"4b1828b461ddeada119e894885b8d598af0dab62b1970afcf935db63963d95e7","sha512":"353232049eaf2e42053b8706e6eba4cd32588ae19302171e5290bd3d7867e86b376ff38ef3f60ef437dc88205ea6d6f9f289ec7c0630722a27e5697afb081b36","ssdeep":"3072:rAJe8d6Dm658A7XW3kCPe24fey+geMbmZkTypGt4IbFnqfaV2qhkKT/qMy4LUY9f:8Je8d8m6V7Xo9PewBiSkepcqfaIqhkKN","tlshash":"0ac3e8c9319371b37fb1a89440970106b25aa499b06dcd2db1fdd8f3aef184601fab38","first_seen":"2026-04-14T18:45:04.055792Z","last_seen":"2026-04-28T19:19:30.673562Z","times_seen":14236,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-04-28","alert":"Hunting_JS_WebAssembly","trigger":"maps.google.com/maps-api-v3/api/js/64/9c/common.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/fonts/fontawesome-webfont914c914c.woff2?v=4.6.1","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/fonts/fontawesome-webfont914c914c.woff2?v=4.6.1 HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/font-awesome.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 70728\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Wed, 27 Apr 2016 01:21:36 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bcVeSBKws1lLG48gXkHXTPsWnnaHDaah6pPSqd6iK61T4NBB9Xrm%2FTR5dCQpBCSX1YgRxBa5lgwtXTGnCm56Urm2XgWcHCH6asejbzPeGtulMoLlPQPP9nZE%2BXRDonU573PiI%2FO9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cdc583835a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":70728,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 70728, version 4.393","md5":"926c93d201fe51c8f351e858468980c3","sha1":"977357f82830f57fbdac2492dd421e5dcce44a1a","sha256":"d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d","sha512":"3097fc028f8637abfbc75c95180e3f3b5af9c74cd925ffbeee9e409497d387f76c769781ca1f08ad7b39ae437adda32f6e8de61f5578ebfe8da16cba41a9e23b","ssdeep":"1536:k9chxme4Zu0LDIrvALIlSgXHBJvTvyuaGPm0lxyu:kSYDIrtwgGHGPm0x","tlshash":"ed6302bef2337102d2a016bc59769566cc387d16617f8eee1f7a6ab41c4032d90d134e","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-28T17:58:21.145762Z","times_seen":4552,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"widget.chatway.app/assets/vue-3-linkify-DSxu0C2V.js","fqdn":"widget.chatway.app","domain":"chatway.app","tld":"app"},"ip":{"addr":"104.26.3.26","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://widget.chatway.app/?userId=uLh5zs0ELPSc\u0026widgetId=wewfzylav8jcmmwdhmp7\u0026bg-color=#0446DE","date":"2026-04-28T15:42:11.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chatway.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 24 Mar 2026 14:39:15 GMT","end":"Mon, 22 Jun 2026 15:39:14 GMT"},"fingerprint":{"sha1":"26:D8:67:95:9D:C4:30:14:E4:5B:F6:EB:71:2A:99:83:77:F6:F1:53","sha256":"FB:B3:69:C1:56:B8:F0:12:E1:98:F2:C8:34:C9:08:CF:CC:31:C7:C2:DC:00:08:42:5B:20:A5:CE:3A:0E:7C:68"}}},"request":{"raw":"GET /assets/vue-3-linkify-DSxu0C2V.js HTTP/1.1\r\nHost: widget.chatway.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://widget.chatway.app/assets/index-0DOkM17n.js\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:11 GMT\r\ncontent-type: application/x-javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 28 Apr 2026 05:16:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MGqaYQ20U14e5b7woZ6868dN8y1LvvfjoBoJ24jHfibBjM%2FRqSEJ4ZDAwokplHY4G1yBWqAsngu%2Fw7%2F8Fqdcticj%2FLqqUCSlQh0EIa32tZ1tzJt5OL%2B05CQjCkbOpP09lwRW5g%3D%3D\"}]}\r\nage: 6625\r\ncache-control: max-age=2678400\r\ncf-cache-status: HIT\r\netag: W/\"69f042c1-ff39\"\r\ncontent-encoding: br\r\ncf-ray: 9f372ce74db856c3-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65337,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21053)","md5":"1c840191d67e4382fe96ec2a00c2880e","sha1":"466d71e6207ece2939f6357d4b01ea30edb9e4a8","sha256":"adfc1ef77350a8ba76d1618a155ac6802e6d41804191fa9a932b88a81d0f6c7d","sha512":"ab39f6645b4919f2cf30911eab590f87c553318ff3cbf41dc0a9bc6ea92ceb0aa694948623ed896140ef23a4f0e768627b95708361b9ee32e852c7d8785c5667","ssdeep":"768:a27KR9FY7HCua/sF+sTnlO+zS06wjJTk7EIh8H9Oi6Sg9b4fTz1ETEGl2:PKR3CCua6Ts+zSAjJTmqHwiqc","tlshash":"2d532ad8f6c2e079475310238caf1304507c99a4fe85c42db9b8e4e734a995b71bfab8","first_seen":"2025-11-11T11:56:06.753135Z","last_seen":"2026-04-28T17:47:36.951066Z","times_seen":571,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bluetidefinance.com/public/Frontend/images/icons/footer-pattern-2.png","fqdn":"bluetidefinance.com","domain":"bluetidefinance.com","tld":"com"},"ip":{"addr":"104.21.79.20","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bluetidefinance.com/","date":"2026-04-28T15:42:09.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bluetidefinance.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 01 Apr 2026 16:55:55 GMT","end":"Tue, 30 Jun 2026 17:53:34 GMT"},"fingerprint":{"sha1":"FF:CD:1E:F4:CE:3C:4B:48:D8:1C:DB:E4:5D:50:66:84:52:C8:13:3A","sha256":"72:31:F9:52:D9:5E:D6:91:DE:48:DA:8F:34:CD:BB:1F:E9:1F:D6:08:A1:39:C4:6A:FB:61:5A:51:B4:8C:8D:1D"}}},"request":{"raw":"GET /public/Frontend/images/icons/footer-pattern-2.png HTTP/1.1\r\nHost: bluetidefinance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bluetidefinance.com/public/Frontend/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 28 Apr 2026 15:42:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 70642\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 05 May 2026 15:42:09 GMT\r\nlast-modified: Fri, 21 Dec 2018 11:33:44 GMT\r\naccept-ranges: bytes\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1m%2FJYryT2RYt1r%2FX29AZOZzsJaLx6rO4mwMj8F5nBdCxicfAR6wIeUhXLl%2BoOyG3jiMLwHwXSY%2FqN9W21R2GeUJ5GNbRbPZzJWR9pae8xMJGTazPVeGEWnT249q94KG6THbLTTjB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f372cdbf81935a6-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":70642,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 543 x 368, 8-bit/color RGBA, non-interlaced","md5":"7f4984731eebedfc724f2603a5ba1473","sha1":"6dc34a89f009ccac491e8866a2631acb0237e5ba","sha256":"f46a3eedc48aa108246a1c6c6eb5f6b57e052473b42949dce865c4cb631fc31e","sha512":"59d4a4391b30f892e6ca4d6086cc553627b87506a8e5699a93da16cbeed572b9e28734313acbefc746fb5de1a8fcb6c9a577fe9dd81eb33475ac778095ee5ab9","ssdeep":"1536:8I8Bf5uMOYzxNvyjN4GWBTnaE+4zzetYXHab9U/a3SQADdiu2EN2A8oU:8X0YNNajNNiaE+4z6tnzzA5iu2CEoU","tlshash":"7a6302c37d53aa69c9cbd8cd30711063a9612295e6038edcb9677d3dfa744d47a48f02","first_seen":"2023-08-15T20:52:54Z","last_seen":"2026-04-28T16:00:29.783447Z","times_seen":99,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"bluetidefinance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}