{"report_id":"1753ce4b-4968-432e-a8d3-41ce730cb370","version":6,"status":"done","tags":[],"date":"2026-05-13T13:00:35Z","url":{"schema":"http","addr":"pubg-events.maxstoday.com","fqdn":"pubg-events.maxstoday.com","domain":"maxstoday.com","tld":"com"},"ip":{"addr":"172.67.223.201","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pubg-events.maxstoday.com/","fqdn":"pubg-events.maxstoday.com","domain":"maxstoday.com","tld":"com"},"title":"PUBG MOBILE EVENT","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"pubg-events.maxstoday.com","fqdn":"pubg-events.maxstoday.com","domain":"maxstoday.com","tld":"com"},"ip":{"addr":"172.67.223.201","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-17T13:00:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":5}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"pubg-events.maxstoday.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"pubg-events.maxstoday.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"pubg-events.maxstoday.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"site-assets.fontawesome.com","ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-10-18","domain_rank":380600,"first_seen":"2022-02-10T06:20:21Z","last_seen":"2026-05-12T09:04:28.799274Z","alert_count":0,"request_count":1,"received_data":204,"sent_data":464,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-05-10T22:35:57.417067Z","alert_count":0,"request_count":2,"received_data":175036,"sent_data":987,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"pubg-events.maxstoday.com","ip":{"addr":"172.67.223.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-14","domain_rank":0,"first_seen":"2026-05-13T13:00:44.726591Z","last_seen":"2026-05-13T13:00:44.726591Z","alert_count":6,"request_count":2,"received_data":3692,"sent_data":951,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-05-10T23:37:20.475816Z","alert_count":0,"request_count":5,"received_data":434644,"sent_data":2255,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-05-10T23:24:33.477144Z","alert_count":0,"request_count":2,"received_data":187392,"sent_data":862,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.midasbuy.com","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2018-06-05","domain_rank":1886290,"first_seen":"2020-07-20T02:57:04Z","last_seen":"2026-05-09T11:42:49.456141Z","alert_count":0,"request_count":10,"received_data":2474,"sent_data":5468,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api-ipv4.ip.sb","ip":{"addr":"104.26.12.31","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-08-07","domain_rank":984863,"first_seen":"2019-04-24T08:27:42Z","last_seen":"2026-05-08T03:52:02.539476Z","alert_count":0,"request_count":1,"received_data":704,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2026-05-11T02:45:55.966719Z","alert_count":0,"request_count":1,"received_data":31897,"sent_data":479,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-05-10T22:48:37.877978Z","alert_count":0,"request_count":1,"received_data":31542,"sent_data":522,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"kweoywum.fortoday.asia","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-26","domain_rank":0,"first_seen":"2026-05-13T13:00:44.727823Z","last_seen":"2026-05-13T13:00:44.727823Z","alert_count":192,"request_count":96,"received_data":7939137,"sent_data":46312,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.9.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"cdn.harvestsharp.com","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2021-03-12","domain_rank":1960258,"first_seen":"2023-10-10T12:59:35Z","last_seen":"2026-05-09T11:42:49.430773Z","alert_count":0,"request_count":42,"received_data":190862,"sent_data":21062,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-05-10T22:41:13.190184Z","alert_count":0,"request_count":2,"received_data":141098,"sent_data":907,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-10T22:20:44.526759Z","alert_count":0,"request_count":2,"received_data":253422,"sent_data":1058,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pagedoo.midasbuy.com","ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"domain_registered":"2018-06-05","domain_rank":2848692,"first_seen":"2023-05-26T02:11:09Z","last_seen":"2026-05-09T11:42:50.471481Z","alert_count":0,"request_count":1,"received_data":34272,"sent_data":493,"comment":"","tags":null,"fingerprints":null},{"fqdn":"api-ipv6.ip.sb","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2017-08-07","domain_rank":5274907,"first_seen":"2018-12-21T10:01:04Z","last_seen":"2026-05-08T03:52:02.488568Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":448,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"pubg-events.maxstoday.com/","fqdn":"pubg-events.maxstoday.com","domain":"maxstoday.com","tld":"com"},"ip":{"addr":"172.67.223.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"98c4399deca6b9af3aa1426084523378","sha1":"40ce43dfa0ebb8e1d4487c3265f50f632c4c06f4","sha256":"9472f37abe93a8802b5b342ca3da6192287701e5518580283a848c95cedd9399","sha512":"c59d9b60a004b59cc33b2558df17a3c3870a6f0186140d5ecfcdd0c6ee955a36c322e39975a9a32e1e400aa59ccb1d7e1256d21a6d40abe83007d24e68e59c11","ssdeep":"","tlshash":"26e0c2efbd260a79e1a159de3068a5ac392113333a1a687270f9c409a0f0e0a902375c","size":316,"data":"","first_seen":"2026-05-13T13:00:55.492175Z","last_seen":"2026-05-13T13:04:07.34582Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","size":92629,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-05-13T15:29:14.647597Z","times_seen":65512,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.10.2.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"628072e7212db1e8cdacb22b21752cda","sha1":"0511abe9863c2ea7084efa7e24d1d86c5b3974f1","sha256":"0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988","sha512":"3aa68568ff2592ead412a0c7f5c39abc37ac562f00b7c16af07cd5eff881aadce77ec71040b36c0ad9c2d2aa4edd7744fa72b0f44cb8b485d4f283b1b49c2141","ssdeep":"1536:L4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:LGsKXlI2p0WPSbDrstfam","tlshash":"3f93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93107,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T14:22:39.158592Z","times_seen":14587,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/js/flaglink.js","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a3de47d0c5149149bebc1ed56b6f7188","sha1":"43cdb6fc2a89067836557854b75cfa7f313437c0","sha256":"0348365d4d16c36ac5a1f83f46603b4266fa18902aa1b70c4ba6d5a1ec74e7da","sha512":"68b5ece26e190331743a22f2756f0806e16b8f35fc87e0e330c2d9e6589868be0e3d2dc37175c9aec38f6a02b0eb44532f5963897d46fac6ebdc9619788c1ef7","ssdeep":"3072:Pabuvjtl8VAqI7H+bGwbGKGQjNBmnnYdvw:P37/LebGwbGCi","tlshash":"f364f062d636a717b371b56c42a37dc9d98c6adbc0884cca39fe9b8d0f3d4b2459c118","size":320021,"data":"","first_seen":"2025-01-22T15:28:39.269469Z","last_seen":"2026-05-13T13:04:07.265521Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/js/trueid-api.js","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d8947ce02e789a387e53a1a1d4937b8","sha1":"8c4e8cf41587570255d1e41aed46d330bd778ff8","sha256":"044e9d140c4be92078f0163517586b801b4bd291e3107c7329aaa0125fd4ea74","sha512":"7bbcdf4bce1443e4fa8048ef9a01347275bb3563578fab4c554115e62c2f6c85a12fab788251a55f99a231e9d0dc9a2a26745b50833fc0a49bf9422a353c998b","ssdeep":"192:6lpzfmBAgF8F25lgp3yrUpQnJK3nYeSWEf1WE6SV3oViRe6ckeykaoBXlWrpLyy0:yKGn3LpQrF1Tn5tm","tlshash":"f722da9978f72072962bb1be4bdf4114b531a097240cdf40bc5c82949fa027a57fabe9","size":10500,"data":"","first_seen":"2026-05-13T13:00:55.4356Z","last_seen":"2026-05-13T13:04:07.329145Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6e4e7b74b59e8fb0d5cc5b6878b1257b","sha1":"906cafd0b72e7ee02cbdbf1bed7d4c33b45d7d20","sha256":"d12ca570dbc2a31175dac8e301b0e1212bcd5fca4e860720f6fce957cadb5f83","sha512":"34bc474f7b2b79080645417e5117ba26ea0816cca04f074eecb47906d971a31006a0820209d7f03fdbb35f0d8c1dd4ce025510d9341700bdfe3c126a9763ec85","ssdeep":"","tlshash":"f0a0120001588644015740d1873085c47db88322f8004440c90d06b049c1a8c5206330","size":81,"data":"","first_seen":"2023-08-14T12:40:35Z","last_seen":"2026-05-13T13:04:07.346912Z","times_seen":276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/main.8f2b2f27.bundle.js","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"aa7bc912b5c808de63d075e3fea3e6fa","sha1":"8950d18e740665ef2f21fefc76c19e4aca9ce12d","sha256":"85ece8c481f9a602fdce92637aa40fe02cc9e2e0151e8cffd7527c67df569812","sha512":"bdec8f43144c1b5a223d7aaa8e056cd58594f765e57cdb68c53dedfe2475d1d231cfcb3c9e0558b4558a3b042e7558f53486de9ae9928aa36031b947e966529f","ssdeep":"6144:d8X48jKzfjqMuQORd5chlezp6qPS70SuLxnn9bM:d8X9KQQnh+K","tlshash":"597409dd75d6f05217b321b6407f240bb33a691a680d8950f221f8d9b8b855ee237fac","size":350442,"data":"","first_seen":"2026-04-26T02:12:56.946016Z","last_seen":"2026-05-13T13:04:07.261737Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7fa174926682313cc5a067077b0bb22d","sha1":"609109d82deb0c7dd3d9d212808dcba0548ce3d1","sha256":"5a7b9b2c807f85575c9ebc1f508e849b53430870b2d0fb6c02b2de3df661cb63","sha512":"83a593d4b8648b78031259becd96b4c33226e9462c2e26013ee0746ff58a7b710159d0d380d001d7740e9485ee346491c16e3fdb0d334f5b6cfabe6f90cda9b6","ssdeep":"192:m+5ekRvDLCpBK+BpP78nPk6O9ShgzsqcSYV0GtI+uwicvsbIUiJE2KmnyKU:mLiPCvRvT8nPk6cSCzsqGVJeZcsb8S9","tlshash":"0582c4ccb48270715b77a9e9507f454ab23aae96888c8040f13ed8e42c7c56ec267f7d","size":17684,"data":"","first_seen":"2025-08-02T03:49:54.562881Z","last_seen":"2026-05-13T14:32:59.64613Z","times_seen":4011,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","size":31169,"data":"","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-05-13T15:34:21.642631Z","times_seen":74552,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"eeca1289a67ec7e5eef82a53032fd622","sha1":"12c1f5573486c2d08148d26a66d0039a689ce1c5","sha256":"c968790f221449646fccbee61de3ceffc859b55ea74aa01b4bbef5709c324802","sha512":"b43d4874f15bd0e5675c8ba108fe11ebf9efe514a79d223d8e2ab27616fcdcd159615a2efc2348d6e5b5de66d365dbc181fb3b3e698ac4bbb266cb8000e877aa","ssdeep":"","tlshash":"51110b4e32f3b4b81437307c67bfa1068176301b6d48c102b8ac96805fa1ada8622adc","size":1058,"data":"","first_seen":"2026-05-08T03:52:10.00271Z","last_seen":"2026-05-13T13:04:07.348532Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e40ec2161fe7993196f23c8a07346306","sha1":"afb90752e0a90c24b7f724faca86c5f3d15d1178","sha256":"874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4","sha512":"5f57cc757fff0e9990a72e78f6373f0a24bce2edf3c4559f0b6fef3cf65edf932c0f3eca5a35511ea11eabc0a412f1c7563282ec76f6fa005cc59504417159eb","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa98:7NMnJiz6oAQKP5a98Hrh","tlshash":"db83d6d9b2c67062977730b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","size":84245,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T15:49:28.233131Z","times_seen":57031,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"565fc0f9ca5a971d8a7787850f685323","sha1":"cbf650e51fa8d5b492930eb793e3d978187648a0","sha256":"0fdcf67442e567b3d5bd12a580156bb127a7433f488cc41ca30b4bdc0e6bbb1c","sha512":"904dfe5ca2d0a86350f1b3b640d16fac16da852a6abe038159365d71a60dd639be221f020b6e4a8aa07e0fcf15d8502282ed764be8ef01990e1827ac37c03ead","ssdeep":"","tlshash":"d1012b1833d70c065d32b52b613f1b495eba92060052ce0cad8e21c05fdd93b9ea779d","size":667,"data":"","first_seen":"2026-05-13T13:00:55.495441Z","last_seen":"2026-05-13T13:04:07.35017Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"32015dd42e9582a80a84736f5d9a44d7","sha1":"41b4bfbaa96be6d1440db6e78004ade1c134e276","sha256":"8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3","sha512":"eda31b5c7d371d4b3acced51fa92f27a417515317cf437aae09a47c3acc8a36bdbb5a5e70f0fbfd82d3725edf45850dde8ca52c20f9a2d6e038b8eaaceee3cf1","ssdeep":"1536:AP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrb:z4UdWJiz6UAIJ8pa98Hrb","tlshash":"a283d6d9b2c67062977734b851bf410bb17a98dab80c8c60f0a4d4e47eb4a8d517bf2d","size":84320,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T14:32:59.586205Z","times_seen":14452,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e40ec2161fe7993196f23c8a07346306","sha1":"afb90752e0a90c24b7f724faca86c5f3d15d1178","sha256":"874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4","sha512":"5f57cc757fff0e9990a72e78f6373f0a24bce2edf3c4559f0b6fef3cf65edf932c0f3eca5a35511ea11eabc0a412f1c7563282ec76f6fa005cc59504417159eb","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa98:7NMnJiz6oAQKP5a98Hrh","tlshash":"db83d6d9b2c67062977730b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","size":84245,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T15:49:28.233131Z","times_seen":57031,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.10.2.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"628072e7212db1e8cdacb22b21752cda","sha1":"0511abe9863c2ea7084efa7e24d1d86c5b3974f1","sha256":"0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988","sha512":"3aa68568ff2592ead412a0c7f5c39abc37ac562f00b7c16af07cd5eff881aadce77ec71040b36c0ad9c2d2aa4edd7744fa72b0f44cb8b485d4f283b1b49c2141","ssdeep":"1536:L4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:LGsKXlI2p0WPSbDrstfam","tlshash":"3f93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","size":93107,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T14:22:39.158592Z","times_seen":14587,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"32015dd42e9582a80a84736f5d9a44d7","sha1":"41b4bfbaa96be6d1440db6e78004ade1c134e276","sha256":"8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3","sha512":"eda31b5c7d371d4b3acced51fa92f27a417515317cf437aae09a47c3acc8a36bdbb5a5e70f0fbfd82d3725edf45850dde8ca52c20f9a2d6e038b8eaaceee3cf1","ssdeep":"1536:AP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrb:z4UdWJiz6UAIJ8pa98Hrb","tlshash":"a283d6d9b2c67062977734b851bf410bb17a98dab80c8c60f0a4d4e47eb4a8d517bf2d","size":84320,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T14:32:59.586205Z","times_seen":14452,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/js/lenzz.js","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ae49d28bf387cfe75e2878d8b834c7a","sha1":"31877ed9f36335ed327f26222cfaf53de37f4db4","sha256":"8a93d3cac9a0d093e8f855a82d440123cabca891a1360324e15214dc68fca89c","sha512":"7eed742dae3004efd1b96e89d5b5386df27885ae3d83411d894c9a4a1b0731dffa4b57544862931c9fbecf6dec7db961a87381c9edfc1b1663f6c7ec71bcbe8a","ssdeep":"384:8ZUeivMiyzYFBr9R4FvLk6coOnfptDbxeQkkxqBflTvY0tHwGtCAVa883K0/:8ZUvvByz/coyGA/","tlshash":"6db20009b6d61d952d37a4b611bb40043b5c580b150adf08f86d6ac82f50fbefe77a8e","size":25116,"data":"","first_seen":"2026-05-13T13:00:55.375576Z","last_seen":"2026-05-13T13:04:07.196098Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"f2bafedfaadb0f2669dd99db32cfaec2","sha1":"26952b7bb4226705e8f86f7f191ff4e5a5f8ecff","sha256":"3d7208cc324b7fd6b0e4582c2b82b92314b1d40f918f7cffef7054ff38888eff","sha512":"d943867aa83336c8770bf2711bafe1343d3b2403f07ea6ad24b481e4dd5f7b39304fad4f438be998732313b552dc6f8f72270a14f65ac47c8b8e08a019fd6365","ssdeep":"","tlshash":"b07000c00000c00000cf00c00030000000f00f00c0003000c003f3f0030330cc00300c","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.42698Z","times_seen":1136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"76329b4f309ad0211bd98453fff68ac5","sha1":"50bf5e047121af855a3d42a222c9143d86c8d091","sha256":"b02a058152f38597d83528c997017bb74bf95d4eed4d224883a406a4db4236a6","sha512":"86e58743956467fe7d04af40720fcfacfc6c455cf7d790945db1d9db3b59530291b2ded12f6c54fb86be047f31e4c88cef782d25144ddd6bb6a63e03f92c2d49","ssdeep":"","tlshash":"20700000f030c0000ccf00c0c030000c00fc0300cc0c0000c03003f3030000cc003330","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.504141Z","times_seen":1150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"e4c7a3c9e72ec837c02a88cbf6b7a80b","sha1":"0444c709587d095566e6bebb1d03c22291bd0784","sha256":"dcc572e88b89cf5f1e285e3ecdf898574e421fcdc7edb5e215a334161e7a23eb","sha512":"c779a1cd14a13e9171ce59fec3f728e3e896e6527a35e041c758b215a964243e8cdc901dc36d1f1c14be877ea410e571c095d4dab75f9f13c03b09f60a6425b4","ssdeep":"","tlshash":"ec70000cf00fc00000cf03c00030000030f03300c00c0c00c00003f0030000cc033300","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.442016Z","times_seen":1056,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"5d2dc822e8d4f0b306ca69e54950679d","sha1":"ec5cf0bb110d219d7e4bda5d14c0071c703cafd7","sha256":"374f328ec9257ea51783a844612b0d075cc7ecc70805534c0224f44adda5e069","sha512":"af8d84cbf0093e0a52753c419f82290b88aa4447ce835cbb5deb78afa02f8b7499b160dc86850d0bc7aacd72f6a5a8596413132a37d8786c5e4cc92637cb5ea4","ssdeep":"","tlshash":"d0700000c330c00000cf00c0cf30000c00f0030ccc000000c03003f0030000cc033030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.497522Z","times_seen":1079,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"af42124fb23866e29287836fff6d3896","sha1":"8417cd2acf7b2fb483102d54c5238f91da85deb9","sha256":"1f0008a619fdf98128a6bd9c386f8f8b41254adcfec1a1195d46009568c67b63","sha512":"509f7c7839b5b13e88812ba21ab0ee059f9d014ea4c7a5075fc06b2a77e4879cddb1f14e9daec9ba10661962fabba400a2a6a2d43bd7d272702bf925f91daeba","ssdeep":"","tlshash":"d87000000300c00000cf0cc0cf30000003f00330c3000000cc0003f003c000cc0f300c","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.494829Z","times_seen":1090,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"160edc8db45d8cf1db6b306e01b1b522","sha1":"eb3cc2404ff47a884d1b38f4e5570e992c2b28c1","sha256":"5c4db52d774d189e67be581f8cf0a1be27580d903ac882f6dc8fcdbca5d4dc89","sha512":"4966aec1d737a12b8e232a53a8076ffa14c7ac1952e029b3081cda99be00538b3ad23f6f692e7fdc7182c83e19f63150249277fc2698d00b99de29865ce9a052","ssdeep":"","tlshash":"d87000030000c0c000ff0cc000300cf000f03303c0c0c00cc00003f0030000cc003030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.499524Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"57574f53b6de200174d35574df1da053","sha1":"2fb004ca614092eee28fc45611cdeca1d38ad065","sha256":"c990e04237a0fabc10c638a3340f0af26b4555ddbc373bdf453ff00910afa15f","sha512":"5ec41a4d16e518bcce4c65d4ee0a38bbb1b404239f41879331c7f9f778f874b8080190c132aad624fb58d0ce29de8d8f3aa7ffd7d03ea1ed1c9d386ac4039b60","ssdeep":"","tlshash":"a17000030000cc3000cf00c00030003000f03300c0c00000c00303f0033000cc003000","size":19,"data":"","first_seen":"2023-04-22T10:34:07Z","last_seen":"2026-05-13T13:04:07.49531Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"53c240fa6885652da29ddaf4dbf8c505","sha1":"ed8d6bbc962db63b8e7c34225a0f0698ba2119d1","sha256":"35567e82ee7df5a7386f8ca0a1e6b1e67b0a2e3522bc94ddd21829e6711a240e","sha512":"aec41e89bbecfc4f58fa42372121188892d1137c64c657ea6c108ed28f67f7f4612ec0fe15fecc1f27c8ec80c4eececf5bc66af8e7333420412c2e8cda9c023b","ssdeep":"","tlshash":"09700000000cc000c0cf0cc00330030000f00300c3000000fc00c3f003c000cc0c3000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.37473Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"b44ff8f68d1f8325df640a60702c18f6","sha1":"38b8117a575001fb06f9a0ceadc55228ccdce7b3","sha256":"d6465167999520a23127488c727ed47123218b0418295045e7fcd628039c0b31","sha512":"eefe2e0a86b14485ce7ba1ce2f135bfb0db342df99b8060ee33e16b54df58f23f12da0ebf6f1f50b770d3e8304a42ec91dd49489bab7f4b35dd62aa55b6e32d9","ssdeep":"","tlshash":"6e7000c00000cc00c0cf00c03030300030f03300c0003000c30303f3030030cc00300c","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.482555Z","times_seen":1136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f7aae66ae2b52b128d01fd1b35e33453","sha1":"52b74544712d5ff9de4b1a5305f5a7a388ab6346","sha256":"519ac6acbff2bfb0f62eeec8219821a845f2cd063737b2aef9d4f2384fa6f733","sha512":"af43ca0a482d57d6f0ddb1f2a005cc91e25455fd7b1852986357dc5657d4fc4bb3b3a13682d8fa55b01ceac15857e8ec9f54294add4f7661b20dfcbc39f5c8ff","ssdeep":"","tlshash":"bc7000000000c00000ff30c0003c00300ffc03c0c3000000c030c3f0030000cc003000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.371508Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3e8af7d0f5e6370da8570b377c888d9c","sha1":"c2de01f9d3daa641b9401c4e55770b1a4bac5b4b","sha256":"8ef50bb1bcd890c39e916c12f6eb9f1db9c08bf1e326342d1cc5ebaa4fe446be","sha512":"626a0da759cd83929530eb12aedb1a5f908cc44f57a516c6a5e1c766cdcd0ac7c20e29dbd1d441ed3c159d9679001a2f77a4ea7bde2504b3ca7051163dabb4bb","ssdeep":"","tlshash":"cf7000030000c00000ff30c0003003300cfc330cc0c00000c03c03f3030000cc003000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.459398Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"596e6606d7c4ede34de2935f3c6c187e","sha1":"d3ea84761e98142b91559b1a922cea287a5a3011","sha256":"a6171bc58c97c84152bf23c4cd548779070196e84b8ac898f0c3f6c573bb372d","sha512":"11ee51f329da90ffee3848992b6ae5552dd9449e67ec5073fd344c7c801b1a52a4a3debec85f38b7479763fe82b0a55b6953fe98d593e7ae83dbe8787f91fc82","ssdeep":"","tlshash":"1d70000000c0cc00c0cf00c00030030000f00300c0000000f0c0c3f0030000cccc3000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.363117Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f81a8aa27ad547b620591c871a087e2d","sha1":"77daa19609f08762d1e7544cc63e0feb2200ddc7","sha256":"6f75db5c15ff88f889f6ad98cf6ce1a0aef119df1777de1b1a992fa0798fa077","sha512":"32bf1a11a083f7acc19afea88e7249b24d88eae448c50c99f47a613db18679aa08b358de48421c80972e0dec7d8b64414ecbd74357a60d7cedc0d57ddfb9855a","ssdeep":"","tlshash":"217000c00000c00c00cf00c0003c000000f30300c0c030c0c00303f0030030ccc030cf","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.390089Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f878e8bd0445ab90e42c6ff26a714cd5","sha1":"cef4addbd9946a09aa2545fea536b580e5aa75bb","sha256":"bd2a6457dcf585698134e31288339b2c83c90bc3efa0207082c16f1947d81698","sha512":"1d8724433f59637b18e6a2a1ebd24a3f63f1f2cc7a3272205d29b149225865449bde74a7b80eba897d79d273e6cbe64207878f0a7bc8cd9ed42ccaf87a75608a","ssdeep":"","tlshash":"e67000c00000c0c000cf00c0003c000000f30300c0fc00c0c00003f0030000fcc030c0","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.442703Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c57e69dc1c3714796fe1663d7f6a758e","sha1":"103d84e469f09107059d8a67f615cf2e20652664","sha256":"eebd48c89f0b43036acec1a4db2909eeb314c5076bacaa6ac8bf9f4921a50ece","sha512":"18088b30af3e40d8f9bda2a487312b8ea56de42981041184b341fdb115613f4a25693cf00b574d68706ce77e393435be6ea49d35d51bbdb39134166e181c0fd8","ssdeep":"","tlshash":"877000000000c00000ff0cc00030fcc000f00303c000030fc00003f0033000cc303030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.425845Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"fccb11dde8a7d3a197ba6dc22fbb231d","sha1":"c86b853f11220a14d0a667bbe08be97d18679fcc","sha256":"f37b4e527dba46d6e9ebf512a36a060780533a164c538b67a259910b79d96125","sha512":"478a1000872e5cbf4ff6b6df095d21975bbfa4994cfe50e33e24258ef57b001a8222f9352f0dbd1172b258f2d015ddef700bff73d5bcfae09a4543cfa303f464","ssdeep":"","tlshash":"897000280020c00080cb00e00020000800b02300c8000200c02083f0228000cc0030a0","size":20,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.447558Z","times_seen":1114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c03b9a1c6d2d1376ab7110b920b5d11d","sha1":"bc7832ff98ec68e189cd59bdac5faaa8cd059747","sha256":"ee40c4a368f53c7893aff3c16c8ac59dbec639ee5bcce94243e05aff45db1089","sha512":"a47089e16195d486038c9931dfc79e71b305f5fce1b8a9e8833d7c4b1a4a624800820afea5d86913fef30a484a13fc3810472df5ed28ce0ecfaa9ea68a758e6d","ssdeep":"","tlshash":"107000000030cc00c0cf00c03030300c30f00303cc000000c03003f0030000cc003030","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.400171Z","times_seen":1136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ada9a1753b25fc846f70be907672be67","sha1":"62284959825518893b665ebea6b031ef55df7f80","sha256":"8e135684ca301e393371d1b6ecd56ae0e4012f5385a482770053ccea41476ccb","sha512":"a06ab12c7912413e05ef2b7789f7703cebb3953697c92931067e032001fdea3e477920f0637bdc692fd97b871751283654288cfc07b46512a794954cefad3f09","ssdeep":"","tlshash":"977000000000cc00c0ff0cc030303cc030f00303c003000cc00003f0030000cc0c3030","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.357922Z","times_seen":1135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"b85819574e5970e1d42dbe01ece588e3","sha1":"41f6388934d879255cce5ac579ad8081280437d8","sha256":"68a074bfbfb0580f9e91dc885af163fc951ece471b3e477e02d8aa4dcd869bf9","sha512":"28eab177ad1d18905a342cf1bd06b0f966b77f439d5c08aff247df832d6dea20465459f2a6996d4934c63ec4d29a819b7e0433d814e72c47ba1985e8c6927b81","ssdeep":"","tlshash":"2370000c0030c00000cf00c00030000c00f00300cc000000c030f3f0030000cc003030","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.408026Z","times_seen":1136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"249ee03bf7db43c6f29e76ba6404b78d","sha1":"9b4125a177d266bfc1519b6335a3fbda4d67c5cd","sha256":"3956d7cb31e362559ca075d5528bec5005aee524c51a9f77cd9455d3f41615a9","sha512":"51185abd97f31e023d4cf51144580bb51c4c0230021e6191affe6bcd0972493c3c663ddb53d6bfcd452d9c4b09f93952799c4f7d55339b8361113dbf7ef24e8f","ssdeep":"","tlshash":"997000000000c0cc00cf00c00030000000f00300c03c0000c000f3f0033000cc00300c","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.45119Z","times_seen":1135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"7a2758e340ecd0b98d3fff7299fd1893","sha1":"d62c034d608bd0dff30b756d7f4bc19bab964411","sha256":"967ad897643bf218aad6f18ba7572b8f1ab6d3f577b1dcbcfa82cc9deabedd47","sha512":"96ac99de4e50242ca218de5dd6144dea587dc6ce908df609b93b98c856c931ae3259268a8bc4f1bb793f0971a60988a59ce08250a0a4f705f982f4f875e621d5","ssdeep":"","tlshash":"f4700000f000c0c000cf00c0003c00c000f00300c03c0c00c00003f0030000cc003300","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.393092Z","times_seen":1054,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c063106f27cd1452ae135f642e53eebf","sha1":"47a5ba2c254149265ba308a7be7b39924ea90b2a","sha256":"7ce37963c8c42196e5562cd6f4804e4e7eb5ffb3d9393e0e8404bc55f6113cba","sha512":"648b8a67273dff0b5a04c9d760335b8aa48cade46cda4103f1ed56700f37cce7e0d7272e8f07ff6b8f670d2bf4eae2c94c8b4be0c5b07a80b84c2ebe3a9b59c4","ssdeep":"","tlshash":"aa7000c30000c00000cf30cc0030003000f03300c0c03000c00303f0030030cc00300c","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.460184Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"b6dc090a79226495e9644bbeee756518","sha1":"449b67436c8785555c781956ba56a454515682bb","sha256":"8367a78ccb1e3cde37697b3af2f117e317393718fe68e566e6c13ef210dcc66a","sha512":"b846940ecb72d97808d5f1109f2b04c7ad24266490bb85b416b34b7ed607c09b58a3b73c2604caee225302f1978cc3d7f77e9cb786501c4fe173c5e482ebea28","ssdeep":"","tlshash":"2e7000000000c00000ff30c0003c00300cff0300c0c000c0c03003f00300c0ccc030c0","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.36627Z","times_seen":1115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"2ff07b7af9c1223cc816428b9699a077","sha1":"2f7744b74e67feb8b4d37fd68c5b341e657a5d09","sha256":"947ba6e211b46fd494a831c93774e351a2114a2068306ac8137023a29c22d717","sha512":"04a6f8e6e88c4f7f7b3cc57f919c0751dff1f5189891e1725aa6373a72bdd597926cfda9e736de4ead977c6b5ce585b42c204b5c4bfdb59f7202aa5c1358d0e4","ssdeep":"","tlshash":"f37000c00000c00000cf00c00030f0c000f00300c0003303c00303f0030030cc00303c","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.500857Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"35411849173c3d4db532cb75586fbeda","sha1":"068c3c37cd989d0b2ac9ba507218914b98f9194f","sha256":"419a2e337ee37ad5e724a3f328d81af33322d8ccacc12c9e4ce5e4e39fa2e757","sha512":"42c0cda45a2d89162022e03a24e13c26d5b8d295c1c35695ee166112aba2afd392faf318425b42a7e7f358b3d2fbe063199a39219379e9b00575d47b77e7ffc1","ssdeep":"","tlshash":"0b7000300303c00000cf00c00c30000300f00300c000033fc000c3f003000ccc0330c0","size":18,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.503093Z","times_seen":1134,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"647fb2e887881e7a43e38681c7fccfff","sha1":"3aafaaa41604b57786f6c68f552b18ddbcc2e3a0","sha256":"bd46d9f7163328d6cfe6f1ffe092d73d4bf31a10b7c13afbbee0819760113b4e","sha512":"2f9a6b2d96dc4b348d66061119840555c162a72b650af7f677103c3403722b8314dd35102f624cd17dac6f8c3ad138c90d168336427de405273e14599e1d20cf","ssdeep":"","tlshash":"8c7000000000cc00c0ff00c03030300330f00300c000003cc00003f0030000cc003003","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.381761Z","times_seen":1136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d2708560ddddf9fe2854103ea6095b0e","sha1":"61af9e5b5b5e96580a7da75ebc27c57debb6137b","sha256":"6d013dfe3b7e6304821534f0802b91d7ecb34e69dc880ef3efecac06a14e8a78","sha512":"abf7d0253c13a28b55acf9f7ed685efaf639d70e888e7d3b4e3f26b7987f59b83bac1fbad72f217600bb8691e179f3edf910e82b9218201d9e4c2283a2813b53","ssdeep":"","tlshash":"a67000c00300c00003cf00c0cc30000000f00300c0003000c00303f0030030cc03300c","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.49805Z","times_seen":1082,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d29638340b860a0169f2c6cbc8dc9e94","sha1":"2dda54c8164c7e88101cc3f8af0464102035e38b","sha256":"21049af0b39201d5e0689734e95ddfa2a20244afeabcbea8cd9fc4de8c8bfef9","sha512":"49aaf5c2aa53b18ab4ed50eb490b1eef7b1cd89b0b4fb3d016cc91bfee606e39575704cf953f9aff2ffc0154a4e9116047a82f3f09c50ba82bb732a1c636ccd7","ssdeep":"","tlshash":"a47000000000c00000cf00c000f0000303fc03c0c300003cc00003f0030000cc003003","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.498997Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"da8268b7f06713dcb4a225ed4352c5b7","sha1":"64e26d66dbc71a35e56b995b7ed2952cd4416698","sha256":"4565f77725f2acb3bb1ddbd1a8154d6156bf0d399bc87dd62e22e5bd836468ad","sha512":"c27bc82eb01362abcc12fb842e191ca7707094db84b65e851fd51f582d3cd7f6d64ded9289adb6eac0b3c68b68dcebcae80fecc8c7deef08b1e0b111b85b5b3c","ssdeep":"","tlshash":"d17000000020800000cf08c00238000000b20300c2800080ca0003f002a000cc8c3080","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.406815Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3c1546a94da3620e4978e2a646044824","sha1":"5308f928d39eb12a2d72472adb2be17ff63165df","sha256":"a00fa4d73a796073d56091271d0bccb0259527e76ab4a4174a145c41b4bf8059","sha512":"57e8224c6b737560edc2f6e830c0abb2be83dc7bfeec6d064805e88736466e6ab35a83a1b47f7417a8c8b167015fdd27f42097dc8c53df368930ef0c11bd43cb","ssdeep":"","tlshash":"01700000000fc00000cf03c00030000000f00300c0000300c000c3f0033000cc0330c0","size":18,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.465911Z","times_seen":1136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8eaf4d081dedfc08c187aba7541c733d","sha1":"31db4de8047c65cf3f13398fa2a6370d9bf24715","sha256":"fb1e251f69d755e669e5e0207910977ba8bec923abcd0c264331da8ed4bc5de4","sha512":"e532054cbf82038f4115f8c1de3c940abc30196071e5305978cc9d35527779a65249b8f6b76bae5b69ca514615277582115e2b2fcb1ddaa186182be65ba52917","ssdeep":"","tlshash":"d47000000003c0c0c0cf00c00030030000f30300c0300300f000c3f0030000cc0030c0","size":18,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.476867Z","times_seen":1138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"2eabd15d7fb48764ad68da88149d6155","sha1":"d8a3fe7e022a7625954db8a68c259d8195898051","sha256":"7cd8d5733848900383d3a6998886c7cdfd5a57eaa280c916d7c39c84c91faa3a","sha512":"c82d9f451841bfcee8b64252d16b2f30471b0ba326df9e334f5cd1ce3267ceb43ae2a62ee411d8b584822a2ac4d1f99f74e6f6c6f11c383a3531e724609551ad","ssdeep":"","tlshash":"29700000000fc03000cf03c00030000000f03300c0000c00c00cf3f00f0000cc033000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.478608Z","times_seen":1135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d04ea7f0b92f18997d7780e97ecc7005","sha1":"46147adf20a41b5c1b52c5f72e9204dc76ca23db","sha256":"360fa8d722755207a3463bfc054ad79c3c49db3d6062f57977f1eba3ce662d58","sha512":"38187574d19d2a12d968c8e5e1737513fae42cc0dcd060b95dbecfe2387bfdace3f31c97b02cd6d7e72cdf59522bab394081b241e6f68a2e057c9466aec58141","ssdeep":"","tlshash":"357000000000c0000ccf0cc00330000000f00300c3000000cc00f3f00fc000cc0c3000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.42186Z","times_seen":1134,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6b917a41c9ce27526ca480713e81d2d5","sha1":"765c462784fa25ea41d89b454897d227b6c9c63d","sha256":"f0a7e368791613d36120e33ac4525e01c01d1c007fb79a454e761f4a95ed0d7a","sha512":"4d2c9b097d64b6ce6ddfca436adf4fa1fca59e53e6303571876bf285d597f3c64e256a9b43afaf59106a513eabacb5a8740440edafd49d8a047de1dae701a54e","ssdeep":"","tlshash":"cf700000f000c03000cf00c00030000330f00300c00c003cc00003f0030000cc003303","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.384222Z","times_seen":1055,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f24fb692080af454ea0130ae04dc8273","sha1":"a434de2f9c55719a8bd7eebabfad3ba9d74f0395","sha256":"e7e4e3b9731b5f668a1bf28080a2908caa3c2c2e811ef8cdbb762c7fd226296f","sha512":"79977ff67e18cae680038ef961fcc3cc928b2c37bc8e39f72494ce655eb494a671a04771f2f531fbf151d32d7fc7000bb176e79db40aeab7823fd251dd4d4cfd","ssdeep":"","tlshash":"aa700000f0c0fc0000cf00c00030030000f00300c00c0000c00003f0030c00cc3c3300","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.410864Z","times_seen":1055,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8fc40ad6c73bea5a889fe64e47f00b8f","sha1":"cbb493e570ab2e501f3932563bb18efdeef3b2d8","sha256":"499654ba55a697b3ae5283cac5c035e0f9c55e1c887d2c53b8a9097857b65c4d","sha512":"82f81e389295414796c1f64624959edaedf897b3fe42e61033423774d5d271f7ae103b76a9f7afd6460033cf875c735a84d41a0a00b60cc05b94985f23d5fba2","ssdeep":"","tlshash":"b77000000000c00000ff30c0003000300cfc0300c0003000c030f3f0030000fc003000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.4264Z","times_seen":1138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6a0f475b9036eaf5ed81b8fbd3723157","sha1":"ca0eec508471941b33160812e50112521f27f317","sha256":"f552df46f9705f908d8c238fa31da2a9343a706c85c0d9e318b0f1ff3b82fc9f","sha512":"41735bf2674e8a77daecd6401ca8a7aa2e0dcb88d1c386965dc7952c0eabf6698f5aa87f37471338c92d3b67fb72173f43b06c09b1cb4783933b4aa016245411","ssdeep":"","tlshash":"557000000000ccc0c0cf0cc03030300030f00300c03c0000c00003f0030000cf003000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.483177Z","times_seen":1137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d376a619d339b30958e60e92b3613146","sha1":"28cc836bf9fb7b587bfb4b7159862e2adc8d432e","sha256":"ff4ce15fa895a6743337778c3a010eed23f7ffc99a2c50f64ccfbd6ca4e76dd1","sha512":"831107c930076ad9ea26c88529a8e5880280c768b5a88ae5a39243b051d256c860bc443734f82e086853b1faf89fa9a7179faf8842db03be7ca8bd54cf302159","ssdeep":"","tlshash":"8a700000f000c00000cf3cc00330000000f00300c30cc000cc0003f003c000cc3c3300","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.410153Z","times_seen":1056,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"914dadef0120224114573295cd60933c","sha1":"c4811ce68cfbc54e1eca2c2ba1af8dd6fbced84e","sha256":"c5cbce3172fffe2ca10ef64d85ba4b2ff52cf3989e7ba4a04b3024f50efa5f31","sha512":"b7cb7314338437d062c4f2ef28bc9cff735642a2069400433f888087d3c7eeb713267fffb8f1775fbf3a32c101bfec2479086acb8c599a3b06071d80d4604947","ssdeep":"","tlshash":"a47000000000c00000ff0cc000300cc003fc03c3c300000cc00003f00300c0cc003030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.430765Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"2407ddb62e965883f20fa23c826bf328","sha1":"8870fbad82926b2a51ec8f4d96b0dea661f54d0a","sha256":"87484b3dbb15f32dfc8952ebd6b9530b83bd03c1693c2c0a870db80921c241a6","sha512":"782f1536b2910e0a2aa1400fdff8716039a5fe468b99cfbb3a1d4ac342bb07a9285cf69eac395392d330c8dd044f887b017c3fe0b5c6a818636146b6c1cca1bd","ssdeep":"","tlshash":"267000000000c000c0cf00c00030030300f00300c000003cf000c3f3030000cf003003","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.467084Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d5d4a03bd7a18c5386526c4809b986be","sha1":"cd8ee075dd8b9b45e44a1f294a363189d12c037c","sha256":"c391d5c8f3478b12e350ffe590cc18b8b53b7c0ace33d1ebc9f6a91f227515bf","sha512":"05c21e4dc5fbdcef8539e41596a5bacb6cb8d2641673920d9dc9fd7e7a8f00e221412b7e8f07b4c486f1b14ea0d0b46898fb521df9fa586e03b0c2e9bd03fd8d","ssdeep":"","tlshash":"d6700000000fc00000cf03c0003c00000cf33300c0c00cc0c00003f0030000ccc330c0","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.467927Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"6a1cc42d9ecc09ad04c6b7f1ed9b6f7c","sha1":"0addfe6c569b463fc78a85f1a000f46141678101","sha256":"06f04bb101ca5086aa7cc8625be865598db47cfeadd30fc16d8198aeb100cfff","sha512":"83e4dfe51f33f34b4b3a9e04950ff265a1e63ab35d7601645a810f49f060e995c55159f99c1bb7406052cef4b4b6f8ab1bbd987b8cb7c993ef8eaff06c8ddb99","ssdeep":"","tlshash":"b27000000000c00000cf00f00030000330f00300c000003cc000f3f0030000cc003003","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.501871Z","times_seen":1135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"162f95de2178cea10bf79eb715e4d3b5","sha1":"0ac1048b6863928b93acc3f91cda49b162326c20","sha256":"661cc1cfe956c3e47afe43542b0956d36df0967d344be3a5abc13daf7f6f9646","sha512":"3ccb936c27af9f0c47ee2403d14551ef6274a514c15fdf816235be81f54755db6d6262a19448ec509bce35e5fc9492dda6c6029cc8243a9eb87bd17061239c62","ssdeep":"","tlshash":"1c7000000000c00000ff0cc000300cc000f00303c000000cc000f3f0030000cc003030","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.450258Z","times_seen":1137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"2ae35f56a615f14d8728c7874404207c","sha1":"b41cbe47fbc97c9f18d854d5209e0871beb5237d","sha256":"a6effe7a48b7aaf9b0f0efb65395e3f6a3a0f74703508a1190c62eada4a95ba0","sha512":"b9c5391f5b88e07903aa418990a8c39c606c2c8e8f025ef762b91fb6aad3b3a180817e7ce556cbc005e864c2def8bd8a38efb449e3b8d459ebcd91f74779204c","ssdeep":"","tlshash":"0c7000000000cc3000ff00c00030000000f00303c0000000c003fff0030000cc003000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.451852Z","times_seen":1135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"2f5270701fdc3701859bc4c4c050d9ee","sha1":"709cb0666d8c2d6ac55bf7c6cdd5fdf10f3b08f6","sha256":"61c8f97e4290c1b6e5cad7f1dc88316ceff39ae9f8c6473c8868ea010875ff11","sha512":"c450a3f851fbcbac100d40799f38953e4aec92a33769a82b806bd5890ab6002294ea3ca9f268915fabec44a6071d30548fc83f813705734f048c6649cae874ca","ssdeep":"","tlshash":"3670000000c0fc0000cf00c00030030000f00300c0000000c000f3fc030000cc3c3000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.439714Z","times_seen":1134,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ce67180f52a4e213b02a73de699ac9d7","sha1":"406af3ae3db036d5e0a52bced3aa8502371a4cf2","sha256":"49b4dfb6858a942ac006505cb2511424617ae6f26d173aa2363f1128e32bb503","sha512":"611665a65144ec32f67bef90ce76a29c7307da770ae065743d3002a0e03c51054f2dc9e5a5850d6679ad016cb8c6c5431fca6fc799bad36e2c24606842ddf482","ssdeep":"","tlshash":"857000030300c00000ff0cc0cc300cc000f003c3c000000cc00003f3030000cc033030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.394619Z","times_seen":1080,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"680fb8d8d22989bb18183258dcdf9f56","sha1":"57474cf81ab39e5b093493d0c35d048cbf466fb2","sha256":"2e2f7a853d7480bd50d7021551e427eadcf5e7814f07eaa47ee2542835a512c3","sha512":"7eb04dfb32439f24cc67ca37a6b2f9349bfa96f271a5e33f54336497a2bdb93f3528d2c1221a387f1cc4a2b2a982a48b313d3a84ee454cea5c9a42368e1166c7","ssdeep":"","tlshash":"0e7000000300cf3000cf00c0cc30000000f00300c0000000c00303f0030000cc033000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.485987Z","times_seen":1089,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"1f0abd9d8e8190ccb8b56268b03eb97a","sha1":"852e909d6d20f5672428502ba0541fad7f0ee2c1","sha256":"a14c6fff6bca9d195ec25fe83830d69768fdb69b0fd1488e29cc7ba00ca04755","sha512":"7d8b11bb30b489f3247b3566fdc6655be78ce35914b1cfbf92f0781be9d349cae704d45c1a872c9edbde2d30d90a1926e18c7601951fa3bf26f450f3fc9a36b4","ssdeep":"","tlshash":"617000000000c00000cf0cc00330000303fcc3c0c3000000cc0003f003c000cc0c3000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.4566Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"1fdff8c34626da4017aff0a2821d8b13","sha1":"55f2cd64499c15d5984aab9866dd55d365ccef23","sha256":"b3dff5aa27eafabdaad74a18cff6b5fe4c1d8f3772ecf27d7f97a929cb88de33","sha512":"12a4a8ae51557b64e6f163e5e00280848a72f3dd76e14dd56412fc97333a28201396a2c0ceff6fecb96345f552e2108a863df9ac2736d70e65a1366747206954","ssdeep":"","tlshash":"6c7000000000800000eb08c00028088000b20302c8800088c08003f0028000cc8030a0","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.433303Z","times_seen":1114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"37964c4d9cce527dcb1ac8b7c24a3786","sha1":"5338666ec585469c5b572b68d3927bcca80fce09","sha256":"9fc0e0126edd39b42528d8f8851ffb1275b8cb9db15548041fab20c581d1b070","sha512":"b5d3858e51822eaa9c22e867c69be0833b079e1a78b1b89081fcbc4485d2f397326246dbccce5433e9257a0b3f42123652f4367176de745b94ca93619be69703","ssdeep":"","tlshash":"45700020000a880080cb02c02230200022b02300c0000802c00003f0020000cc023000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.452843Z","times_seen":1135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f647cf4291b3514acb6dfc5903620806","sha1":"77b87aa14c8a186cbfa31490eba508307ea1b58c","sha256":"745aea14ad1731fa076e2e237af3006c8c7a0ed94379ba01dbe3abcd0947efc4","sha512":"b419afcd49f5ea3fa17054138528545eb2e18f90df61ed0332b640d1004b36616a2d1504bbbb9667ef76f3291f61e5b47bfd431db9e01c38b540b02adf27fcff","ssdeep":"","tlshash":"6e7000000000cc00c0cf0cc03330300030f00300c3000000cc0003f003c000cc0cf000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.501359Z","times_seen":1137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c64569b31d5a228f032c7af0dbbb959e","sha1":"e73d60cace93a0fba385efd2dda2fc91144b857f","sha256":"faff0e661677302655ef41c0fbef9c2a414473eb4fc91717bff201e5d58e311c","sha512":"5efb141ba1f51e65821fd3476d2ca7f73ec11a7aabf1cb3ccb2d533372eb742f7f49f24324e6ce044e5364558c0cb8aa41d6853ee07b30a055c1f3c8188dce0b","ssdeep":"","tlshash":"187000300030c00000cf00c00030000c03fc03c0cf000000c03c03f0330000cc003030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.352187Z","times_seen":1115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"b1b8a68909e47131052789e18ed991c5","sha1":"bcd0f3c9cfceb4a62dfddb168f3547b0ff706374","sha256":"8476c02876aea613cda596f888e3e454d1aad05d221a3d45f3a60ae9393ed319","sha512":"eea08b07e99828e3dbf85705caad39517171fc08d9c1670f845ccce955d32daefba5596d4007927ba3ea2a5d4fc18bec8498da875a66c08830996bf2f84f7aa6","ssdeep":"","tlshash":"f77000c00000c0c0c0ff00c00030030000f00300c03c0000f000c3f0030000cc033000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.420825Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0aaabba7ccc2505b6870a656b6819d3b","sha1":"5ee2b0096cb5a7a03db1452893d0f0efbd3f051c","sha256":"f32cced9669187aebe75ba41a8f0d897a27cb02bbcd5dcf0ad6dbfe31cc208a0","sha512":"793ef6b9664aae05ee972825cf2fa3b60dafbae9706788a1f4cbedee19d357fc9ddcbf7107f0beb2a7ae1c2f29794568e9cf39ef16f17ff2494ceca583f4777a","ssdeep":"","tlshash":"eb7000000000c00000cf00c00030fcc300f00300c000033fc00003f0030000cc003033","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.439047Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"2411b0302e914ba65e0fa282ccdb294d","sha1":"7665ae057c875df2a3b5627aed7505144d01ca47","sha256":"dd6dc2cae94ee25ed18e37d5129912d4b59c065c9b4544948d80bd1a090d1f26","sha512":"e2144977c5cc76500630ca96ca8fa541941756df32b7269cd6bf2b280084afd9e8cfb390c079044b5c6a9e34a433f9bd3b074b28b70ef0e851d1f524e288e7fe","ssdeep":"","tlshash":"bb7000000003cc0000cf00c000303c0000f00303c0c00300c000c3f0030000cc0030f0","size":18,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.357127Z","times_seen":1126,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"cdcc8499dec336fe655502037873ad09","sha1":"df29230c72cec47be7797309e7f4dd868b430a32","sha256":"4b74080433c7e1e2cc034124f3f5acb444b95bd320d9ef3827db207b92214e6d","sha512":"0abfeb642770f7b88623dc119940432e2e68229ad8f25b2d527d756e94d0d66b8f6c0be04a98d9e8234927e737e977d26adbaf36337e1d3eade3ee21e0cf84f3","ssdeep":"","tlshash":"c4700000000fc00000cf03c0cc30000033fc33c0c3000c00c00003f0030000cc033000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.4253Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"cac42769044d0dbe5b683086ab70007f","sha1":"451bc1076e896baf8c00f8c311abbd65f85d50b7","sha256":"7559e26f738b52c0f790444412c346745de4d13ebb8fcc28884862560cc9519f","sha512":"faf3d66955fbf279d054c7dbe0dfe116540eb7aa7e936aa91256810a1575504b10cc16dd0bae43036fd258d7e45b5b95dc78c9be951d85ed953c97b05676d0f3","ssdeep":"","tlshash":"987000000000c0c000cf00c00030000003fcc3c0c33c0000c00003f0030000cc003000","size":19,"data":"","first_seen":"2023-04-22T10:34:07Z","last_seen":"2026-05-13T13:04:07.360934Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"54dadabdb14c173b950fc5ac0647dc61","sha1":"100c82bb931eedb7fe034bbbbf0c1373cbef348e","sha256":"1d8d74849c3855d65dcdf22c44407e3b34d34279aff0b991e24c5a08a8f62b07","sha512":"06d0506a57fee7281352046a4baa67d418dfa6fea6d4ea8837d61b5e5d14ca5388d5b38a5cb4c59c562a70d5cd9177725ecb8d06846c3f422b1124e9d262be6a","ssdeep":"","tlshash":"cf700000000fc000c0cf03c0003003c000f03300c0000c00f000c3f00300c0cc033000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.362085Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"08981acc0dd5c00d58e592297ed2f12d","sha1":"6d917c2adac56ad56decf665139db8643f8713ac","sha256":"3e305db42daec26a98e6e0cf1a29a7c956a323a6ed1b0304409a505ebc7c5e1f","sha512":"8fdd6e777c8930635296eab251b9474342a23a3cb3eec69302bb16118e6dd0ce2dc2c81cf5a558c023081086dfd49cf356852fdb14124fbd442f77d7aece04f7","ssdeep":"","tlshash":"247000000030c00000cf00f00030f0cc00f00300cc000303c03003f0030000cc003030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.497005Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"fb95a63e798bbc1c52b2f422cfe52052","sha1":"03786e47acce519416eaea6350a4488f36ef2edd","sha256":"383ca780d1ed19d7c3b4a02d2b928ef255554880c51ee3317b58974bb7ba453f","sha512":"305c63fc47c7008d5f450ca05f6e575c4854405c550733b254c08b4f2f5a383e28dc2cf0519b0c987aba81d70c110a9bc77d3fee852799608c2d80d7f4cbddcd","ssdeep":"","tlshash":"f37000000000cc30c0cf00c03030300030f00300c00000c0c00f03f0030000cc003000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.382996Z","times_seen":1137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"104eaaec377fb78d0b1478984f38f3d3","sha1":"cc4f020560b23626807ca4c76f343b81602c2d1c","sha256":"72e9c6362d28cbf9388242bcbf0459073706e7893281cdf07d314bcec18b69ee","sha512":"0c4330095c4cb24ace162b4c3fbda8cfc6040166cab6b168e52d93e75a73355129158311ab3a368fc9054c9decf4d98dd9a791af430cbbaa7d7368c61d4b6707","ssdeep":"","tlshash":"59700000f000c00000ff30c0003000300cfc0300c00c0000c03003f0330000cc003300","size":19,"data":"","first_seen":"2023-03-12T16:21:53Z","last_seen":"2026-05-13T13:04:07.493448Z","times_seen":1147,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f82dff41574b0ddcad47c145b0e28050","sha1":"a2370f27ed38a5fc1e12ed4711814951c6926b1e","sha256":"db847cb68230ec9117bd8205a6aff20b71d27c3eceace3c765b22f92653cfa83","sha512":"a9b9a450285cd47fc80e0d9dfc2724937f42e4080d686224461a6116525360a8733c2344c0d836ca86643a972a2209232fdf9fd656435d07320414175c845501","ssdeep":"","tlshash":"c77000000300c00000cf00c0cc300003c0f003c0c000003cc00003f0030000cf03300f","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.385717Z","times_seen":1083,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"569cbaa5d4e07d93d0ef40f00325dd8a","sha1":"d53d3ccf37eb01c61ab82418727c25fb284eb205","sha256":"c2a331c02c1ee796f08d7178d991fbaf91961275a5cf9986035d61a484fad97e","sha512":"ad99dee313910c9ef045e36e2b4f87c7689c54813bf764627d3beff49c6c1d71b80b5933ad9138436bcae2912e2d2c43702108ebe301a76a9974f5d4cce18837","ssdeep":"","tlshash":"d57000000000cc3000cf0cc00030000003fc03c0c3000000c00303f0c30000cc0c3000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.486991Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f5799f97dd01d1b506b6c56d11b4b3ab","sha1":"24baa553dfea4ee7eea29c33ba5b62c8da6e62bc","sha256":"be90525374346d2f86a64dd1b13c775c34e9f7ed52f78543c308590d29336f24","sha512":"e4668a162a9ceda2fe22da9d46af0df8f2cf69d5c48ac5d5b020f67c1721530e14a660595201b92563e319f1aa90e2dcd09d033cc31df9344815ef3fa0c98e3e","ssdeep":"","tlshash":"4a700003000fc00000cf03c00030003000f03300c0c00c00f00033f0033000cf033000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.488019Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3e0783099007df1ed28a11c3e447ea74","sha1":"01fa4d2d862c8d4cec527823cea2028de9928c5f","sha256":"afbd1461a80f657118dc4824a30e2604804026fabfcbe6ca2ab93458a53e8a82","sha512":"14c544dae3baa5f2d7016724721219a19cbbae2db8882cc64c0f14ed37eb75dab6cb29f8c920c6b9a468785abc6d5973b1fa79d4d9971c17f9368e3c35b4caf8","ssdeep":"","tlshash":"dc7000000000c00000ff30c00030f0f03cfc0300c0000303c03003f0030000cc003030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.434197Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d90560affe7012b8f8e4cbf45b4ca9ce","sha1":"6cf02cda967c64f7b85bcfde72f88c7c53623f38","sha256":"0a0204c41ed0bf5389f077f49cfda3e0acbd1a5941414f8c0fc74ee91aa81581","sha512":"6d2e8440ee6619970f1bcb5c47f3eb2e4ff5a165df28ad2f575abcc907550aa87b03f690a85b6eae7b74c5318faee536200d903c48e4789f67f68918062da183","ssdeep":"","tlshash":"407000003000cc00c0ff30c0303030303cfc0300c0000300c03003f0030000cc003000","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.376742Z","times_seen":1135,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a33748764d90c55aca2d7c5eea289616","sha1":"5d61e51294395a77b6738e3a7f82be2478f9d801","sha256":"d6cbf00237a8151746b2ebf6ba332d9f62d6981fc2b717b63e7dc5e70e026c2a","sha512":"070c5524dc825263f91ea4105c025736e0dac1e279b3954369f8256a7f579db9253f3bb1452adbec670d6fa938edd0f12635c36e14fc97009daeb352f0484749","ssdeep":"","tlshash":"7a700000f003c00000cf00c00030000000f00300c0000300c003c3f0030030cc0030c0","size":18,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.502346Z","times_seen":1131,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"dbca3d0c2e30aec4bb8135129e26071e","sha1":"c9e1cfe63d9ca153308d08d009b38f5281ac9073","sha256":"39e9000d8bf5dab29600ed51f277c601b33e2950a545e583542b9bd68cb9b1da","sha512":"5cd62ee6a5a51902cad5e230e616dbfb9b1765e6b0d981a8a94b9f33cc238af64c8d54b2e4fb92ba0d1008ccc2f570821fae447c400b8170668050fe49d5781b","ssdeep":"","tlshash":"867000c00000c00000cf00c00030000003fc03c0f3003000f00303f0030030cc00300c","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.454905Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4faba762a8b0eeda162b204eacb9c3af","sha1":"9b9ccf92f9811df1df8ea6d9d4cd650f8719d23c","sha256":"67a750f06cb8461db3c08f09cd4cb51932b8f99be5afc6e97b094be20ff17b45","sha512":"70e70ba41601a9fe1ec144ba99d592332ebfa2a4d4d9d79a555622155e0764be03d2d705df58c25380223e868e2ce5c84a44c54a95ddb69acf49519517d533ee","ssdeep":"","tlshash":"6170000000c0cc0000cf00c00030030003fc03c0c3000000c00003f0030cc0cccc3000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.353653Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f2f9eb963a5bc112561501b10eb9f688","sha1":"e7be8ffd6bdc4082a2c86b83940f291ddee8cb9e","sha256":"eb6d59fae5702df6e19944401b185d631f495acc6a1b27707bc524e4a26d3768","sha512":"20c4618e3e2878f73570ca9234390eeebcd6ff84b2c6e3041fd8d0c83cc0c65e62196eb30d97bfeca2a5cf04adaa55d389c52ba7f4dc5e4152276a58e25f6ec5","ssdeep":"","tlshash":"4a7000c00000cc30f0cf00c000300300c0f00300cc000000f303c3f0030000cc003000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.457871Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"1381ddde79e03e1767f7819397700163","sha1":"bdc8e80553918ed9d64bf922becac723bd9fb729","sha256":"9b80a2abb7cef34f34d9c1b5f2ed4154352b8b4b1802b6fa3609b3c9d2b1a458","sha512":"256cfc038c118ad64df5cd0fd40a1c9c3b15cf689dd91e3f8c1058d062d928843fbd4584a53bcd47d3f2847e688a6e420e9c4e462f7beddead220c1c171e1210","ssdeep":"","tlshash":"0d7000000c30c0c000cf00c00030f0c000f00300c03c0303c00003f0030000cc003030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.461422Z","times_seen":1115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"8dc6baddfb887c207f2cfc80a440e097","sha1":"c44cdd6dd814762e2d52f58f72f09249aadf60c1","sha256":"7f97e2f5d8ac6458a314d609681f35979521288e3a0f2950cbabb8f0c0cad0c3","sha512":"f38df28f567e21ce58a2bb804f1e706b50dbf5e6448510ece60e7e2c36ecdb623dad712f564a8f9f88a490b695c952cf3968dc24e0df09f985c663daf25ebd37","ssdeep":"","tlshash":"f27000000003ccf000cf00c00030f0c300f00300c0000303c00303f0030000cc003030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.445085Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3b7cb9e898b2368382615803a65c75d3","sha1":"60fa902993681d254fde4c6066be68db74de2ed3","sha256":"38dfdd15caf30f9899d49a6422b73018cb552f873de5dce24d1c2bd01a72c888","sha512":"025b1331e59f60815a6bf4e0ecc18ee6a3a10fab697265e9acd05509478d5006fdc8fe9bb288e58e89fe5d5f8e1a79c2b2973711d5bda0b70ac68eab41b1b324","ssdeep":"","tlshash":"e870000000c0cc000ccfc0c00330f3c000f00300c0000303c00003f0c30000cc0c3030","size":19,"data":"","first_seen":"2023-04-22T10:34:07Z","last_seen":"2026-05-13T13:04:07.472967Z","times_seen":1112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"892073ca8ede08c4c19af3b85f4738de","sha1":"eabe1476df968605084d2546e97ee712e62657b8","sha256":"ebb8dddc409d0524ba533290ecbe2f1c59ada52063109d097a5617ddd53d514a","sha512":"e9f5b86eb6dc832694430db0cbb55360951151a9707f86d7eaa92d7e965efdff635955461fb743063d776952c66e55ba4e3f3e8d8af6a35f3fdb141dad5cddf6","ssdeep":"","tlshash":"b670000000c3c03000cf00c00030f30000f00300c0000303c000c3f0030000cc0c33cc","size":18,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.464895Z","times_seen":1138,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d3b57cc7a3f68972d1d815b2b7c9d262","sha1":"d753b0fa88877e503d25cb2d4f84a46b742ea90d","sha256":"faf7526df94ba09d8201c854b3605295bd6c991b47bf736166a418e3f86ddf7d","sha512":"d7d485d7e0940479b9ba585364eea0baa6d4fb2058eafe38012c8395c1ba5a146d689752414d9ffda3c0301a22246eb83dd2afef3f426e88ae9f63dc3f4c963b","ssdeep":"","tlshash":"b070000000c0cc00c3cf00c03030330030f00300c0030000c00003f0030000cc0c3300","size":19,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.423731Z","times_seen":1137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"0d5998c0f8104238cd96cf17a9a2faeb","sha1":"8550a2347fba8b97c74e0b766f099c7610736be7","sha256":"89543153b3f84846def623cedf6219a84f697be7e8ba4f30d5b9b613c3f2ea4c","sha512":"31dfa548901d960e92f343439f06aac91e48c94a5028e32622d09e87a31c52adf666306df70e50bf189d133dac10b5b4cd2687a7694cef1be94307ae0828e259","ssdeep":"","tlshash":"8f7000c0f000c00000cf00c00030000003f00300c00c3000c00303f0030c30cc00330c","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.4092Z","times_seen":1056,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d8e70e433e262e3409d713393b5055de","sha1":"279d1b9c1b4f513b80d1b5abe34e691269a5642c","sha256":"a4627a0619402e40b332d3152fcb46564ee28df15bb24963393da28364090d20","sha512":"dfb0974cad223dd5a6202f9ec965c017270249f08f8b43765481167142e3c67b93730dcf06c76215a3235ad55ba89d4f545a922f1c3e76f83959593e71bafb69","ssdeep":"","tlshash":"86700000f000cc3003cf00c00030300000f003c0c00c0000c00303f0030000cc003300","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.424683Z","times_seen":1054,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"fcf74b4a77f8a18258dfe246846fd85d","sha1":"4c9f24c70f5d69ff80690a78e47f62c2ef9b8fff","sha256":"7a519afdf92bd1373c0aa3900c6c455811f624a070d68cccf5da124e6579f54c","sha512":"dc827220ccf2c5ec3426f6a80bd9fae99c5659bc936d2baa4fba0b9c07f6bec8664dd0e0809f6221ddf4251b3f278ad7e71b1e4a9b738b440773acd1eec295d8","ssdeep":"","tlshash":"167000030000c0c000cf00c00030003000f03303c0fc0000c03003f0030000cc003000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.492276Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"f5cab08d58af1c86a04a9231f211264f","sha1":"f2d69d788b83bd5ae40c26941d0c498b2fffd6aa","sha256":"f17b1d59157c1da10c25ba260aee32275310e2af951352611a5d40acee244cd0","sha512":"96a611175cf28ef88b66dc11d964de97377dc8f8b0672a69e311b96fda1431cc9f9de700ba3f3f210ce8815cdefcef15288a2e534708771f6796e25117714132","ssdeep":"","tlshash":"f07000000030c000c0cf00c00030030c00f00300cc000000f030c3f0030000cc003030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.495823Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ce5b835c74307454b195bc9b87ab25ad","sha1":"6e2a7143cb9d2f1c196ea81fcff842aa7ad2bfd0","sha256":"2bc85f2a21ff1488d409bb7549110022cdc2274fca518696103e6ea4ee971392","sha512":"94af6846f0e4afded87dbf8a89fc1a8900aefef1bf4bedac2e292b749eda6589fcc339ccafa613409ed4c69d6917b6b2e9e7de92fc72238699ca287911f119f6","ssdeep":"","tlshash":"49700000000ac82000cb00c00028000000b28320c0800080c00203f0020000cc8a3080","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.398295Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"4999933195d7474661a7588a5ceea991","sha1":"a10e2435d00ff565b423650e231fc3a7ab060671","sha256":"0bd8d756a5a5967d29f7675f3cdada4a6b19f54af7e23e9b62fdb386b325d74e","sha512":"79a788a952b8bde04383a9e7d35a7fac850596b206382beb7a8fce64a7cfc1f2e6ed7723f8a83d6569d1f95fd7435b23d31df0535c1827f9f46bce6078219b8b","ssdeep":"","tlshash":"697000000000c00000cf0cc00330f0c00cf00300c3000303cc0003f003c000cc0c3030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.399415Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a9760db6ce462dc40062b65a940fb027","sha1":"7d6f111c75e4d5b4b061f8c6c81692883e80fce8","sha256":"a155a9d1fd9ba999b8a5e384a89513097831bdfcec72082c4b7d8dbc74439af1","sha512":"39043af135c03ec7de880b015885544057d9025bd8946223ff960a53f2c9542cd047a2af08893334d158dfe2be0baadd64c3203a546f7b6afb3a1bdb6f6ebaa3","ssdeep":"","tlshash":"e470000c0003cc3000cf00c0003000030cf30300c00003c0c003c3f0030000ccc030c0","size":18,"data":"","first_seen":"2023-03-12T16:21:53Z","last_seen":"2026-05-13T13:04:07.503541Z","times_seen":1137,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"246541b0664433f23212b252305bb32a","sha1":"0866efa92eb7f9c75b3a45856a9c7e3310719b7d","sha256":"d056a96cf6d509c9def10b7dd78a46fc7b137713344e804ed849f9766c57ad19","sha512":"c1349dfaccad1b657deff3bd9329f111398235aa9cf2519526ff671203599809b733bb470379ccaf0afd2688041c421484966ade58f1ffde4dbe30bc28da3431","ssdeep":"","tlshash":"017000000300c00000ff30c0cc3c00300cfc0300c0000000c03003f0030000cc033000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.384961Z","times_seen":1080,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"9268bb720f57b661570d77717fb1cf8f","sha1":"b9a950fd874919ed5bb11d31b42cc036b1984ae1","sha256":"e4d50938965686c89329c9f3f0f7b67f9d183ac06da98664125994353784e4ed","sha512":"7afe9117e1e394cf14a6943b3d38112391d6af85c6923f4bf4e92d990c9a6659f9694673a5655db8c2420ce0461e841fa46daa828f6cc6d004f4d7c311fba211","ssdeep":"","tlshash":"50700000030fc00000cf03c0cc30000000f03303c0000c00c00003f0030003cc0330c0","size":19,"data":"","first_seen":"2023-04-22T10:34:07Z","last_seen":"2026-05-13T13:04:07.359923Z","times_seen":1090,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"db0a49341fdf4c15231eac4c984768eb","sha1":"7f672147079f45765be2a5aa1259520ac55d5187","sha256":"a096d07cb4eb3f9b68c17cb876dbc2e067c1092e38dbe84704fc00b1112b5530","sha512":"a5398f33a60988ff68eff961ead7ec27f66bcdb464f2b27d8fecc05dd0a8f578775f2c18e3c2226d5ee87592ea086d56f30bf93f6afa306e033fb8fb4aa81589","ssdeep":"","tlshash":"a47000030000c00000cf00c00030003300f03300c3c00c3cc00003f003000ccc003003","size":19,"data":"","first_seen":"2023-04-22T10:34:07Z","last_seen":"2026-05-13T13:04:07.457353Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c27e5c2ed7c9bc021cf46027c8d241a2","sha1":"251315bfd44456a07441481d1c9b3fc811f4aa3a","sha256":"0870b6fdcbe4700c7e9c7c316ad592e0dd191f78b472267d3946db8a8ecc8f21","sha512":"5ff6722c22fdc3a20d9f01b1d466f99779c836e841e7f4551453434bf51ac7e251e19433e907a757a77e08c9a99f050563c9526c277447bd0f209ba84477f09a","ssdeep":"","tlshash":"29700000000fc00000cf03c00030f0c003f03300c0000f03c00003f0030000cc033030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.444426Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"79c215027f08cd82c529a10402c8b253","sha1":"99e302dfaec95f521c1deee55d07fe431578dfd1","sha256":"6e6f81dd25c454e564a7dd6db3c735f45dbe63bc45aedfc18d6c63fa82b0934d","sha512":"58088a5766f6ae5f6cab1a8baf2234da56d9ae35b6591b0f51b50ea2c1a9c685966838cb26c2c1ca455d53cec6e2876e691baae9c170d5604f64f0724fc68119","ssdeep":"","tlshash":"497000000033c00000cf00c00030003000f03300c0000300cc00cff0030000cc0c30c0","size":18,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.427894Z","times_seen":1136,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3881d0ce03d76f22df4ba5ad7b17e61b","sha1":"344a651785ec5e4e5ca05d468aece729e927533a","sha256":"b14632ce7eeab46e72d4414f3ea594402c906d09dfba025f62ef714681b8008d","sha512":"4df66b1782d046d9e34662bbbce7034c57230c0b57c66a00ed9d8f4842a77f7bc01be54ace550aafea13735ef1107ac7d7ec6d7bf0aa3ad9eadfa420d241f47b","ssdeep":"","tlshash":"ee70000033c0cc0000cf00c3cc30030000f00300c000000cc30003f0030000cc0f300c","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.498512Z","times_seen":1089,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"729409264fc1bf2874651a3c16ed3ac1","sha1":"744d4edbcb9de5287abd15da414ac712e4ba7dfd","sha256":"63370806c302182c42c242c16817f18c7d204507c31a32957a241323a667b93f","sha512":"8fcf93166552d5f33e402fc5b1fc57a072ffcc6350e082e3079743c1f4ef9c4dcbefbc2686b0e424ead208d323d0d1415b4ef645f94fe3e5dcb8d1b8d0df6562","ssdeep":"","tlshash":"4e7000030030c00000ff03c0c030003c00f03300ccc00000c03003f0030000cc003030","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.388768Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"b463a44051f5ec20ae48196f36054e13","sha1":"5b732f6e972167e618e38cdcdf292c5a63dca9d3","sha256":"87da72b460eea48a4375dcf38b3192896a661cd64ec1465b856b81538f7e3918","sha512":"b235007cfb7764d3339ce0c489497814f37213734829dc2d287f9c56ba9134a1e9b1ab354e0c82d2d99311128207d05432bdb4b4ac36c9271bbb9b69f8eafb44","ssdeep":"","tlshash":"f97000030000c00000ff0cc00330003300fc3300c3c00000cc0003f003c300cc0c3000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.46647Z","times_seen":1118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"26b2bc4dfa81b43fe5a91d2c178dd361","sha1":"fd7919b5dda72e5dc5ff29f39439ed5f6ca81871","sha256":"8adcf28e1f74b9d284b6a8e7621e79f89ff5bb458dc81d9b366fc51bcb75f28b","sha512":"292f16a9750d730b3f5d2ba2847a423aebdb805686410cf8dfbfb228343e3db1d9efbc89c2471745e412493e4c7d796a2158e4f7b4a489d1af2e97b9c89f0d4f","ssdeep":"","tlshash":"597000000000c000ccff30c0003003300cfc0300c0000000f0f0c3f0330000cc003000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.420216Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c2274bf4d3d8c56c24099c9c6c922129","sha1":"f9ca14e62356c3d1ac19c1cfbaf96bd721bcafd9","sha256":"da55c710a4bfa6102e7212e9685e1e6ca6072de478b9b5a4ef73fb629043b9f2","sha512":"5b98acfddcf6c7700219b2f584de898054fed132c0f121c6dbb0a620299de9e832ec621f3df038d9d2790ee8a8864836607018c4930b5a07f52b9933df1e6b89","ssdeep":"","tlshash":"fe7000c00000c000c0cf00c00030030000f00300c0003000f003c3f0030030cc00300c","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.50003Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"22e39ae49f7a49a8c6ac9e9a426a64fd","sha1":"73706b4bf4bb0e76c3bf8edb7852f248d4e5e91b","sha256":"08d0469b8cafe434d317480ce41859356a91804de4d8fd6243a7068d7d926524","sha512":"c1e00c5ccfb523889f974a7ef4cc3adba70540f84d64a37d31ed528ce412ae52e88f10b1928cece8fa1f1c9ca6e130894ebe23b845744b62f2f1532bef54cb0f","ssdeep":"","tlshash":"377000000003c00000cf30c0003000000cfc03c0c0000300c030c3f3030000cc0030c0","size":18,"data":"","first_seen":"2023-03-07T13:51:20Z","last_seen":"2026-05-13T13:04:07.49291Z","times_seen":1109,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"a1c6b372448acd4925b2d6d2ec1a69fd","sha1":"93d1d5fade913b71328130aa3bf7e11621dd7620","sha256":"a47fb74d2df6ec243a96b3afb0a02569398d11e82a11d77acd303fe9c2ac83e4","sha512":"0c27a42c6ade1cd6443fba3829a36f40d366ef6cb0beb8f2002ca1726f6e81c0b1df64a0a08b5a61098b6bd3b46f888b27df00243f694a85373a4b23e381ecae","ssdeep":"","tlshash":"8f700000f000c00000ff0cc000300cc000f00303c00c000cc00033f0030000cc003f30","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.493965Z","times_seen":1055,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"3a3037c3b96ff0a3193bca0e7f88aadc","sha1":"76a57d086b2730b9f8ed53d9d436cec27afd6f25","sha256":"427baae29ffa2912b54f3efe7289d6feb962258dab66f3e66fe7f97a74c05781","sha512":"7816d8cadde05ab305d89cbfd7942d9bd1cbf53c42ee1e8ceb55f365fa0a96f4872973ce2ee0e6ce106811e44c96cdcedff2f0a261dea361130b9efd6f351859","ssdeep":"","tlshash":"777000000300c0c000cf00c0cc30300000f00300c03c00c0c00003f0030000cc033000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.41683Z","times_seen":1090,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"709dcd1b74993ea1d86ef30bbe75bda5","sha1":"49c6ebfdbff7a45a3af735dba2494fd9ab107b17","sha256":"4ad9deee352fba0870bc0b6f55370cf953f8a042e00c7ccbd3bceb16592f4df7","sha512":"c8dec8905a9450b9946ef6fb015313c8151828c304abfc03d00f43fa811e72c40fe57fdea7ad8d9a10488773240d88764232ede6e51e0f8150443a56ebf80ffe","ssdeep":"","tlshash":"9970000330c0cc0000cf00c30030c33000f03300c0c00000f00003f0030000cc0c3000","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.395828Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"7d5854ef579b22b85a1308a464991cbe","sha1":"bca2593c39b377d192b5be3d23f73a6acc1ba9dd","sha256":"ee855aef125f82c560259778b792cdeb143dee61b40be24ae78345ba96ab07dd","sha512":"aa5d5459522b9787974eb941675153be6a008962ff4e0bbda6c7e6844b1ce2de8058cd99607b903c9bfd509b9df5cc8e6c9c84057a673d6ed2e764fef402cfb7","ssdeep":"","tlshash":"4b7000000000800080eb08c000200a8000b00b22c2000008e00083f0020000cc00b020","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.496415Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"e517ae48d6a82cefa2de65e88b6f5693","sha1":"ca25ce518f711726cb813ee73efcddd79211e1e0","sha256":"169ebb8cf7ebcc8b8340edea912177a118a79c22c031852b1d412cffd13500a0","sha512":"3cb5a380419a0579d6422350ade0ae728ccf8cf85be361f7fc9d0ad27e695e581e712f43330792e46c144a0c7b3633313795ba7e988bbfd08208bd0880d159b5","ssdeep":"","tlshash":"de7000000030f00000cf00c0003c000c00f30300ccf000c0c03003f0030000ccc030f0","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.432033Z","times_seen":1116,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"7b777c8258be4d66daa963d0851338d0","sha1":"7d3e13bc46e3ff6b2d1365e2c51b943b6b250f5b","sha256":"690824b051f1ae8815e995f91232422bdb859066dc36605eb3d5cfacf604c908","sha512":"6c1214626f9160f0a0210098b8f658f8cb42ed3c3f7a8fb6e67acf45a10779400a56c51c03676269320ef27ccb2669ca4545203b5c539356fa33bf641ad47dc0","ssdeep":"","tlshash":"b470000000c0cc0000cf00c0003cc30000f30300c0c000c0c00c03f0030000cccc30c0","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.460826Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"54fa6a1a732804cb2eb71846c1c88c85","sha1":"ac48a7381ce0cea53de9797bff9ee3d827e1c50b","sha256":"28776dcbc8585ccfedc6125ab43dabb41c1733e77220bddc30365376adf9de4f","sha512":"da8a3b293933d9dc8dc0ab18576eaf6b25990ced15a13b9b5060bf8d20e27fd1a99e8046a6c42b648132688fa3dfaaa4bf821e5e4aa46f6921bd5db15f7859c6","ssdeep":"","tlshash":"227000000000c00000cf00c0003c000300f30300c0c003fcc00003f0030000ccc030c3","size":19,"data":"","first_seen":"2023-04-22T10:34:06Z","last_seen":"2026-05-13T13:04:07.367009Z","times_seen":1117,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/feedbackSdk.fb053b3a.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/feedbackSdk.fb053b3a.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 32466\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O277vKBw9X7VzpEoUqS9WQHPXVROVL16geTee%2B4AKKO2Ljhor1e%2Be5jOI%2BIuZ8s3N6hOhSSAKCGK%2FdnvUPa4Ox1JEoxLibvlLXHx%2B0bgCai8Z8OMN78th5wc%2Bm6NZwCGa7SRD9Rky525\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844b8b75685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":148121,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ff580ef37c441a01b0d4623c1364dd2d","sha1":"bd6f82df3e03dd24398d86c0629021bf5fadb36c","sha256":"9d6d907eaedb2f7c2fea6ac8d3de0bbc0c4ce849bfe8334df833eb91da14b30f","sha512":"5834611b47af40b7b6b42a8d77ee25125bb24b50697690804f956d5b33b837d10c34f3758e8052954d07f7cd5b9bad73a1739b6470a217fca801ab9feba92226","ssdeep":"1536:ZIv6sK4+2NPzSPXeeQbq7Yrc+twcl8/q0Bmg1R0xR0U0jUTjIFhbQrBsI7svsAq:w6N4+0UFoFak","tlshash":"eae3f896e6e03d1eb81b5d2ae7dc565e3510d4d7f8a20eeffb01b2b581c7ed81a20205","first_seen":"2024-10-30T20:47:39.164194Z","last_seen":"2026-05-13T13:04:07.259527Z","times_seen":10,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/2a34d021fa8905bfbee4b949d9112955.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/2a34d021fa8905bfbee4b949d9112955.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 08:38:18 GMT\r\netag: \"b1ef3a4c526fab33ff2d61e70691b5c3\"\r\ncontent-type: image/png\r\ndate: Wed, 17 Sep 2025 05:33:40 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 1838305195991445584\r\nx-cos-request-id: NjhjYTQ4MzRfY2RkMTE3MWRfMmZjMjFfMTY5YzgwMGU=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NTk0MTEyNDA2OTg\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3160\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17903891981012247255\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3160,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 96x64, components 3","md5":"b1ef3a4c526fab33ff2d61e70691b5c3","sha1":"8c45f00e9ebd183e98e4aba34afb9fbac36fc5fb","sha256":"9b317e8849ef1840d10379afa7a9541a6aafaa6ad1f3d97e97051ed0ae59cadb","sha512":"c2199fba35c8f7746eca59e6fda0a705ca37966ea8faa25e34aaf697833fd4a115fb021e91a1cd1fcbe325b92cceaffd2b4f5d43f32f2ccb0f71db7cfc793661","ssdeep":"","tlshash":"7a51f94bf9625b03d600d27624f786375b6852c0ed63e06cb4bdd81beca10f99a627d1","first_seen":"2025-01-22T15:28:39.172827Z","last_seen":"2026-05-13T13:04:07.211741Z","times_seen":16,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":503,"dns":0,"connect":0,"send":0,"wait":79,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/bcb080d61e19bf094ecc4297d1baddc1.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/bcb080d61e19bf094ecc4297d1baddc1.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 10 Sep 2024 02:24:20 GMT\r\netag: \"cf1477578e85ea473c4bfd4068adeac7\"\r\ncontent-type: image/png\r\ndate: Tue, 10 Sep 2024 03:12:45 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 12296676752358814526\r\nx-cos-request-id: NjZkZmI5MmRfOGFiMjQ4MGJfMTExZjlfNWNmMzY3Zg==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwMTgxMzg2NDg2MzQwNjg\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2683\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 18419690252389424518\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2683,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 120 x 80, 8-bit colormap, non-interlaced","md5":"cf1477578e85ea473c4bfd4068adeac7","sha1":"43120994f89f4dfdce6dfa5621375f79b0e28698","sha256":"5f54f14d61306892a6c066e7c8fd68ae8f55d5c9a142e550bc4cc5cfe2a5a6c6","sha512":"2376c9d465f2349205e71ee169e826efd5e9a0caf7d1db8fb4b8a0b5ce6111c5776ded2d3997f48750cc4394d0f26c3d8bf039aa940b1433a2bff8cf769534f4","ssdeep":"","tlshash":"c2515ecd84e1a700751115499d2d2a64443e7e0733543b0e5265fd3ca5334db2ac0ddf","first_seen":"2025-01-22T15:28:39.189869Z","last_seen":"2026-05-13T13:04:07.291412Z","times_seen":16,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":491,"dns":0,"connect":0,"send":0,"wait":27,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/login-Benefits.9ebfb675.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/login-Benefits.9ebfb675.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 12505\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FzoSzBhmZnzv9i923qjyfV9Z3Qz8wXByUw8tha15QTFnz1U7tq6wyXjKL7%2BeMSyNlCt9Iw0UtUvVRhJMe6nXvTxJTDo6YZf6OvuXEUE7yl2cNAAvqs4cNMiJ22rcYhvlWRzVGLb2RgzI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478cae5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12505,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"9ebfb675df57b869589d8448ec9064ce","sha1":"42a8b7c136d61a718848cb39b763cea360b1588f","sha256":"13b646194f0a6e2b0af4b8690d84d1516f5c9340e1e984d09b8d2ea1c8d2c856","sha512":"e59b5d908e63bc39a381e2e8bf1f0b0b99d28f495b27e18e2dc513802e5df1c9ba8a2371ff893a58fbda289e64df52ad72b4e2075413e4fd57b3772c866b971b","ssdeep":"192:/sZ3dhVmCm7sc2KcV79ab1sRzmCrxx+CYlp1j7GTH4P6i69l+CAtCu:/ud3mC6aKosOzLTMvCH4PslLwH","tlshash":"9142b09d23cd6835dab88020808b9cf7d83506d0938d4e9d5655a3cbcc77186a4eef4b","first_seen":"2024-08-19T17:03:14.926474Z","last_seen":"2026-05-13T13:04:07.276184Z","times_seen":30,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/pepek.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/pepek.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 53892\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Fri, 08 May 2026 04:00:56 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hFUQkNSosvloot8d180LhBWNUrTlLbv9PsFdVT5%2FbQ9MJf%2B%2FP8crvyPOlRv3kiVg3SKVspE6KC2ftsnFXoh%2FtkaHBFkd0QvKy0IJpGF8FnV1ft1lWpnOoB75pOxMblXEFOCB%2FkA5B9XS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478cb15685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":53892,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced","md5":"e3e5cdad3287e4d1c62560bb3ac4dae0","sha1":"161331304711a5ee490185e571a0f869726125fe","sha256":"a86ac211bf87ab05ca6b740d83e42e2d6d27d175bbaa8663d579978c617d70b1","sha512":"e6501ff7080815b580b8016b5f3a1996e1b8b3ad47f3577211241be04c86ba6d3b84f68de966ee94776dd4d13810716bd8a677272ed16a69e300651cf4e898d9","ssdeep":"1536:p1iHl9kLgZT2gdPl93u61USi5fwV+HkAc6z8dCNVNfyLBk:pKrBju6aSi5fNRXNsBk","tlshash":"2d33f21b2bc52633bd50da7699bb6d81de633915b411e0e9303033681387a8cf5b3ae2","first_seen":"2025-06-29T09:38:24.993288Z","last_seen":"2026-05-13T13:04:07.170683Z","times_seen":3,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/penguasa-de/de@main/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pubg-events.maxstoday.com/","date":"2026-05-13T13:00:12.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /gh/penguasa-de/de@main/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pubg-events.maxstoday.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 May 2026 13:00:12 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 20260\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: main\r\nx-jsd-version-type: branch\r\netag: W/\"1d971-csHKU8+zexcbroKPl8kUrk+yAh4\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220194-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 21205\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6VKBtxdE6r6jKEHGH6wme5rgqZ32QTutGaOha%2BUQe%2FkhehybdKrQKDV8pV7%2B2WfDRgztBGJxfgh2vInJKZFd9hLpwUn4ARKRzDWQFvdzAp9fnR1ZBnBPIKQnMFxR1n%2Bl3KU%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9fb1d83f9b75b51d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":121201,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65371)","md5":"e3e8b38fed66211f84a6d5ddb8e0f876","sha1":"72c1ca53cfb37b171bae828f97c914ae4fb2021e","sha256":"4194fb4472202061ab0db48cd8908fdfc09e95ee60edd654cac0c4e5cef31806","sha512":"611cda25d8fec8bedd724bae6f07c190f22839e5fbe6b06257ab042b01cd2bcb67fbdd1b5c3db45d81bf855859fde73bd0bfd1606f3ca01c743f0e642329aacd","ssdeep":"768:Vy3Gxw/Vc/QWlJxtQOIuiHlq5mzI4X8OAduFKbv2ctg2Bd8JP7ecQVvH1Fc:nw/a1fIuiHlq5mN8lDbNmPb5","tlshash":"2dc3c7a0f21031ea7333c55a75d0ed872219a153e56a4fb7f22f25d88f845ca1673f1a","first_seen":"2023-04-06T13:59:59Z","last_seen":"2026-05-13T13:04:07.188292Z","times_seen":538,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":12,"dns":1,"connect":1,"send":0,"wait":9,"receive":2,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/5012.b5b75575.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/5012.b5b75575.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 5521\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XFp2gBBS%2FafG248z%2B3tfZmr%2FHTdUZYJ6%2FViYXhKKGvOQj4kCaE22oIQZI9KpoksMNeJWTBKZS%2BZ04p56lV6Ka0IrclKI1BGPjlj6fMZ03iBdz2bUZwq38a4L5oG%2FXu1C00TJft9sXjxj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844380f5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":29158,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (29158), with no line terminators","md5":"8f32c5d58ed6dbd90eecbb5e9cc2a15b","sha1":"b3392126c2ba02721c6e1b461c6200bbe51d137e","sha256":"0100e5f1c770745b4322a1f0c3b75665280dc000b262838ed4e9dd12396b2be0","sha512":"6f224b4c95b2af8c91cfaa02e0321911a85cd9fc94f281182fe8a13612fd89335bcfd08ea5f714aeddd73138653335a345c1aa6ed1e523d696b6a7058f076540","ssdeep":"384:GackASjxqjkwEHCpSqTq+0/YeVp3h05iwEHCpSqTq+Ade:Ri9qZni9qbe","tlshash":"e8d2d7e1df30087eb57bde7bd676448b0a5c6702b352237eb6ce6bd753807a4581a028","first_seen":"2024-10-21T08:04:20.251265Z","last_seen":"2026-05-13T13:04:07.300442Z","times_seen":11,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/2690.2a22e3f4.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/2690.2a22e3f4.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 52280\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ReNBzug1VBK0ksCFJh%2FhxaWSibAHoB%2F2QtRHhibfLcbU35eFWITvH4DbJRV%2BwACw6wNtbYEGnSLbf7CEFHoF%2BRokzunL9wkCjXzrzSnm4xRtVrVIpwycZnf9hJtmUu0XN6a4cAFgcZw7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844482b5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":277039,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"756974ae2b8ba301e80ab97eb72e124a","sha1":"e020bcbb1fc0c93f9e263a31c59dd3d53626b304","sha256":"4c6f8aff212ccb9702794af13c0af857f2f9497c34daad30a1bfa5c7980b7d3a","sha512":"be48fa2049c7fa2090425fb3e16fd8aca68e59fefe0e3ec185b1fba4bbef457899392ff74993b27f057be4a16dd23fe45caa6fe17b47f6d2cb7ca462f9cfe98d","ssdeep":"3072:mV5zd2VsfBaAzMV84PShosxTSv06+Ta6VZVo4HxNyVjVLVsVLfAiVBQ:Q5eQaUXo4Hx6xZ2LfAcBQ","tlshash":"6a441a3fc8229d0ef2b7cd10f5835a7f4d5a800753da1a28f5687f7689c39ee2a22115","first_seen":"2025-01-22T15:28:39.091687Z","last_seen":"2026-05-13T13:04:07.216257Z","times_seen":8,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/e244669a6fa4cfe89aed057519161d78.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/e244669a6fa4cfe89aed057519161d78.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:22 GMT\r\netag: \"e08a15423337ba937e065eda36347810\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 06:22:44 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 7780438810268737174\r\nx-cos-request-id: NjhlOGE2MzRfN2Q4YzdjMWVfZWMxM18xOWQ4YWJiYw==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDczMTM1ODg\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3667\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2454104768893839403\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3667,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"e08a15423337ba937e065eda36347810","sha1":"2e5418097de8a02d22fccbc41ecafb78b3c689ed","sha256":"75cb45b3932dbc949430927b52c905d741b2418470c74a7a8dbf0e8883457511","sha512":"2981bdb016f2531033ae9cd76f5ca446fe85d15f915cb098e1f99279cbdf2096b53af77b69620519c194307db0b97c5a88c8d8fc98b90183018829a5e8506f95","ssdeep":"","tlshash":"80716d741d5cd9be402d1ce5d391a57cd6d0364c4fad0f0e9a43670d33aab4cf952694","first_seen":"2025-01-22T15:28:39.168405Z","last_seen":"2026-05-13T13:04:07.235517Z","times_seen":16,"resource_available":false,"data":null}},"time_used":563,"timings":{"blocked":505,"dns":0,"connect":0,"send":0,"wait":55,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/media/open.mp3","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/media/open.mp3 HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 12675\r\nlast-modified: Tue, 12 May 2026 21:33:54 GMT\r\netag: \r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-range: bytes 0-12674/12675\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JW6NGouxJB862pfqjPeYvSGHVI5JrA%2F5NN7q76AfqsEo13%2FnVrvukVKGabt9nvhut4ucaNpXnHxabhp9qD73iulVkOvq%2FF%2BZNBWpXAcIFfjz4eVPo2UTKElgKZhHpzWYoWj3VChoxNJo\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d853dbca5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12675,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"58418a30e1310bf4fafa9fa0e57c18d6","sha1":"b477e72668b181c3080d6b921e2edf15ef134f17","sha256":"d5ad34e8bb64fba432c1a12b24cd1e532104d0183045e73abaaec72aa824df1d","sha512":"082eb64f97dd80d382019c11f002badf74c35ba0c27e7d6ddbf04a0ef8f028b005a183224c6481f642f06609b166c1b24dcedb248d5a3f756492a88007c8daa8","ssdeep":"192:NRg5B+tUSp4IpICb0rswRVqb+nmCkyKEM7+sXspvPC9y8ZlgM:cvmmr1+60Ff+uP+M","tlshash":"26428e077f56010ff9e4a73531af2431e9c45e5e28a9cbeb36108bc095af3947b295ca","first_seen":"2023-04-07T19:47:22Z","last_seen":"2026-05-13T13:04:07.323822Z","times_seen":685,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pubg-events.maxstoday.com/favicon.ico","fqdn":"pubg-events.maxstoday.com","domain":"maxstoday.com","tld":"com"},"ip":{"addr":"172.67.223.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pubg-events.maxstoday.com/","date":"2026-05-13T13:00:12.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"maxstoday.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:43:16 GMT","end":"Mon, 10 Aug 2026 11:43:15 GMT"},"fingerprint":{"sha1":"87:9D:7C:59:72:99:20:F4:72:15:2B:B4:8F:26:AB:9F:29:FB:A1:BE","sha256":"6A:82:1D:CB:58:8F:EC:FB:D0:8C:C3:F1:3C:D3:C3:6C:22:D0:4B:7C:60:B2:CE:24:3A:0E:46:01:C2:BF:DD:59"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: pubg-events.maxstoday.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pubg-events.maxstoday.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l%2F5o0GBTOdklY1Xg9uifLbdeksShG0qqmCToIYVPdwuD1Iu%2Fm%2BiDKGMU%2FNXsgiCHkQrIzbU7tviSvdzVsbqCEGff9ad54Lb%2BK5SwHfp4nZ24x7JuYuBk%2FDKS3zpdmlWbVqdJzcS6GSYootaN\"}]}\r\ncontent-encoding: br\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\npriority: u=6,i=?0\r\ndate: Wed, 13 May 2026 13:00:12 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: BYPASS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8401bc123eb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-05-13T15:37:39.938376Z","times_seen":126566,"resource_available":true,"data":null}},"time_used":445,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":445,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"pubg-events.maxstoday.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"pubg-events.maxstoday.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"pubg-events.maxstoday.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/5cd68782d589758bb880d656abbd3a1d.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/5cd68782d589758bb880d656abbd3a1d.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"af6e8ff285587d9b614041376dfb4f3f\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 03:36:04 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 9135806937487741942\r\nx-cos-request-id: NjhlODdmMjRfYmJlZjc4MGJfM2JjNl8xYTQwYWE1OA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc2MDk4MDE\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2950\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3797891751809867213\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2950,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"af6e8ff285587d9b614041376dfb4f3f","sha1":"1b505bc42dca7af4b70320288f461f4d966d321b","sha256":"4789f7684065c72ce12eef05ba82d6dcdab7d163b5f2ce0bbf5222f181b37820","sha512":"50b64cb12c5a44e726819ad1e7f42b184e0cd45e3043affaf317b8f93cf82f8380bba246b5eee1d57dbfbe904fd46f25bfac12647d9eb932ee7ed063b11caefd","ssdeep":"","tlshash":"54513b820b7c4fbc7dc98d77ff18a56b52d187312fb83021b551ab4a51dc98b1ae4a10","first_seen":"2025-01-22T15:28:39.199935Z","last_seen":"2026-05-13T13:04:07.327281Z","times_seen":16,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":492,"dns":0,"connect":0,"send":0,"wait":25,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/3f257e30007c6b106700806f33f68c1f.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/3f257e30007c6b106700806f33f68c1f.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 07 Oct 2023 08:33:50 GMT\r\netag: \"e1c044a9f27e5341af0240977fa9bb1f\"\r\ncontent-type: image/png\r\ndate: Tue, 20 Aug 2024 09:12:47 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 14662779507684792094\r\nx-cos-request-id: NjZjNDVlMGZfMzZhZTRkMGJfMjBjNjNfMzZhOTBjOA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNDc0MDYwNzkwMTIyODU\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 4746\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6831860115040232806\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4746,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"e1c044a9f27e5341af0240977fa9bb1f","sha1":"a236b581e6f8818f516ab468eee86a7ae843c270","sha256":"77ade61328510c55deabbdc179c3b1594b3502d8ce00206605de1d8ef0a8dc10","sha512":"881b24c161f8ba6a46bb3c19732a5a951e1e1569cda53d9e456291924bf90b66afa16442d813517fcafcb5329f9285fce0835c7e76522453e571e379a32e6e04","ssdeep":"96:uVuFCNwpmvpE9GzPnREyt9B6a7DKmQ6nSqmWxxO3:EugvveKPREyfB6aBRGMC","tlshash":"aba17d97a28b3673c5edb1b2584004e663229326325ea2ec9b162c0fb6b0303fc506d9","first_seen":"2025-01-22T15:28:39.222916Z","last_seen":"2026-05-13T13:04:07.19424Z","times_seen":16,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":488,"dns":0,"connect":0,"send":0,"wait":27,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/671f8d2ec867810a0d085c3e5c94e9fb.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/671f8d2ec867810a0d085c3e5c94e9fb.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:22 GMT\r\netag: \"3c414d53f0c5db2bc26ceccfbac3784f\"\r\ncontent-type: image/png\r\ndate: Mon, 04 Nov 2024 12:09:13 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 13064905244496772742\r\nx-cos-request-id: NjcyOGI5NjlfZTgwZTc5MWVfODY3Y18xYmM2ZGFj\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc0Mjk4NTk\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2945\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 13477993639067767805\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2945,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"3c414d53f0c5db2bc26ceccfbac3784f","sha1":"64c9a6b329df7ab67e647542be34e3269e7008e7","sha256":"22b5c27d040dfde79ef65bcfbe6a6bf7d5a5c413eaf4e1f3915fcecebd852eb2","sha512":"08ed045365f1652091a6d0ac820fb0b2214340090b470e7d1827974b3d82c7ec65c53955b716520e676312160c3550177e4b662645cbdc0f68fc6a8498dd1aa7","ssdeep":"","tlshash":"a8515c31dd15390a21efbf722107362445d19d1b86bbd1098567c036e87c7948a7d62f","first_seen":"2024-10-30T20:47:39.029813Z","last_seen":"2026-05-13T13:04:07.250089Z","times_seen":18,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":465,"dns":0,"connect":0,"send":0,"wait":82,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/close.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/close.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 1170\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jrSU7mMexXy397pAisV7E68UCf1LjTgxdk2k5S8Fd5ZwDe1NUvl5TWl1bteh2JL6yYB6Kv6798Nz7cMGav1z6Igyna1kIft71906dx4osgcvIMLrDnxqADDIe854UAmQdFfyU5iMBxpw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478c9f5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1170,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 43 x 45, 8-bit/color RGBA, non-interlaced","md5":"68fb5b6f86421b10e17cb96a65cbe4d3","sha1":"80dd39fc67e874953d49ceb2321a1147d0018821","sha256":"d0eda953f3d7bb15aa078cb44b27702566108120d8b9b37e9a3324e2b767aa08","sha512":"ce1acad1d513c03a18e935cc6a9901bd828e63417ef454b11f002a8da58b833c993f170e9cb483e2b04d2b29e25146c509176183966584d21dfaa3dffa975998","ssdeep":"","tlshash":"2821c6c40c38049ed54bad25132e40a8ab19f075c25a12fa6c3ea63a734f73525b2f6b","first_seen":"2023-07-14T06:38:20Z","last_seen":"2026-05-13T13:04:07.236056Z","times_seen":240,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 33018\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 12 May 2026 18:06:51 GMT\r\nexpires: Wed, 12 May 2027 18:06:51 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 68002\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92629,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32089)","md5":"397754ba49e9e0cf4e7c190da78dda05","sha1":"ae49e56999d82802727455f0ba83b63acd90a22b","sha256":"c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4","sha512":"8c64754f77507ab2c24a6fc818419b9dd3f0ceccc9065290e41afdbee0743f0da2cb13b2fbb00afa525c082f1e697cb3ffd76ef9b902cb81d7c41ca1c641dffb","ssdeep":"1536:dnu00HWWaRxkqJg09pYxoxDKMXJrg8hXXO4dK3kyfiLJBhdSZE+I+Qg7rbaN1RUx:ddkWgoBhcZRQgmW42qe","tlshash":"8c932bdd72d2b03257ab30bd106f540ff2361959280d8850f268d8f9bc79a49a277f6d","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-05-13T15:29:14.647597Z","times_seen":65512,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/js/lenzz.js","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/js/lenzz.js HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 3386\r\nlast-modified: Tue, 12 May 2026 21:31:41 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xqGbWxLdGyWEB87E7hJet3pWkntwn6Zua6thRKTzHwJcYoSWte5dBg3zzmxIylkxQwrpU7dFaTrM8t2zErV6RqHgCYTXyvt8s5%2Far0Zb%2FMJtS1b%2BLw%2FxTR483FhvZ1A12dYEOiVX0pHH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d847ace55685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25116,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"2ae49d28bf387cfe75e2878d8b834c7a","sha1":"31877ed9f36335ed327f26222cfaf53de37f4db4","sha256":"8a93d3cac9a0d093e8f855a82d440123cabca891a1360324e15214dc68fca89c","sha512":"7eed742dae3004efd1b96e89d5b5386df27885ae3d83411d894c9a4a1b0731dffa4b57544862931c9fbecf6dec7db961a87381c9edfc1b1663f6c7ec71bcbe8a","ssdeep":"384:8ZUeivMiyzYFBr9R4FvLk6coOnfptDbxeQkkxqBflTvY0tHwGtCAVa883K0/:8ZUvvByz/coyGA/","tlshash":"6db20009b6d61d952d37a4b611bb40043b5c580b150adf08f86d6ac82f50fbefe77a8e","first_seen":"2026-05-13T13:00:55.375576Z","last_seen":"2026-05-13T13:04:07.196098Z","times_seen":2,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":202,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.10.2.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:14.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-1.10.2.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-16bb3\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 13 May 2026 13:00:14 GMT\r\nage: 1916175\r\nx-served-by: cache-lga13622-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 1, 8441\r\nx-timer: S1778677215.888219,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 32788\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93107,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32072)","md5":"628072e7212db1e8cdacb22b21752cda","sha1":"0511abe9863c2ea7084efa7e24d1d86c5b3974f1","sha256":"0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988","sha512":"3aa68568ff2592ead412a0c7f5c39abc37ac562f00b7c16af07cd5eff881aadce77ec71040b36c0ad9c2d2aa4edd7744fa72b0f44cb8b485d4f283b1b49c2141","ssdeep":"1536:L4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:LGsKXlI2p0WPSbDrstfam","tlshash":"3f93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T14:22:39.158592Z","times_seen":14587,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/7652.aef5054d.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.964Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/7652.aef5054d.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 11734\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CzxWTfMTgRzsNt1IYm2bp%2F3RmLpxViZKxAv5GOOSLE14n%2BajcKlB3LKJXA1TdkA5wczlwBOnKRjSttRa9vQSAkTco6Udhx8n8EIWywpyNvc%2B87aG7ry7hYk2gWsOC6yaE95KUjgqDBDi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844a89b5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":73433,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65531), with no line terminators","md5":"885ca2825705adb91e4899c71287199b","sha1":"660b14764bcf2ced993421e30feff2c563a611b0","sha256":"757edca2c51b171dcd66b8e981947655259b89834d224952c11f6e9d7f271c9b","sha512":"36d14e92cdd114d5a9945868c960c7ee03b47fbeac79ccb4a1966bd533b92331f59a579ccce80c22480d35e08fb77be6cea3bc6aafa9ef0a5f62fa50d18a11d2","ssdeep":"384:dqOcbJ9POasO7lMspwEHCpSqTq+gklKlGGS+5CHthnrmcQTQ34IPnP0pv+J0m1JU:Ui9qy5O+nyULPFi9qMi9qn","tlshash":"1073c668e8210e0cffffad09f3e7553c2285d9167497a67dac94d91c82a06f9357220e","first_seen":"2026-04-26T02:12:57.15914Z","last_seen":"2026-05-13T13:04:07.278164Z","times_seen":5,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/facebook-text.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/facebook-text.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 12239\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3%2BP5Xb0jXHuVcbIGMXLXS9Lj1dNLs6%2BCHacKSO4PBX%2FVVmzUZ8%2FgKM5CJg1BzTNjS%2Buu1kkZJKM3P5562Q9VONog%2F8WFpvuv%2FpVQX8Csk7U9q6SV1I0ig41H23TZY9fLl%2Bv2qda8kRwX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8477c8a5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":12239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 604 x 158, 8-bit colormap, non-interlaced","md5":"c8469979cfb24192fc638efb7784a921","sha1":"ff2f9c8fdb233dc3bfabd2ecaf11cbb70791dfa3","sha256":"0cb512d932e3ad625dfb6c1ae0d47e1dfafecdf31c9c7fd9c9677c95bf31efb5","sha512":"c8c113d704a89783dde9f471022b0e31ff28d91a3c7215721888ca88f99bec20453dea73027fbdc19e5c71f822e85578fd79430db3605532d7ce2588d1a52e30","ssdeep":"192:xNjCISJry4NhSGkOLeNxXl8qhM4r+ilUdfXSjvi01Irb/mxLRxjqFli1nZ9END:xNjCISJry4hSG1eND8qBSi6dfXSjvpIb","tlshash":"c242c04a86a4132bd1ed19cd61b7102e211ebdc62837133297fcb06acd42a4fe23590b","first_seen":"2023-11-23T03:47:17Z","last_seen":"2026-05-13T13:04:07.256331Z","times_seen":197,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/twitterbtn.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/twitterbtn.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 2167\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wzGCvWDvw2NL0qNs8a4vXNSWn4p377jLX5dH9fax3JYshNhv8XfYXL9PyxhA3iSS8TtJ7SJMhyaAfPdjxi9pjEcfIohRO2qqVhxFf3q5u5jSmgBtwQXIXGPRSINXyM3iY4FTKB9tu3jC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478cb95685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2167,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"80d9b5e608e0427576ce2f7d56d0a592","sha1":"4c1ce1d06cb6b2b3d4cca8636b14e109bc500d50","sha256":"cfcb8009151ebab2ac10399ffa57e2724834ad374e720e77e5c0900e21ed6fde","sha512":"2c677a5bfdb03ca9fa18cd81ea331aa1e93330f4e680e13aa65d03f97c5a689d6556e0aa1af613521f6e8f11b23e21367ad60a7e73a68038b1be043d132435a8","ssdeep":"","tlshash":"5e413cd67bba1c7b87b69236455a0921ab70d251932cf0200c5cedf31d4481092caddb","first_seen":"2024-02-22T16:27:48Z","last_seen":"2026-05-13T13:04:07.247317Z","times_seen":174,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/oversea_web/static/font/DINMITTELSCHRIFTSTD.ttf","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /oversea_web/static/font/DINMITTELSCHRIFTSTD.ttf HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 8774013226683198473\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"font/ttf","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/css/notif.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/css/notif.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 974\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mzs50UXlv94jt2HjPNHSUX8NbtHNrX9VS7LMOCfAnq0QCW%2BPMyicPTBYKaxxVmWL4fEnvx5AmyBRmu2l5wytRfq9BBO6yphaVzJJUgH9%2BjYBRgqRYQclbafFMswtIzyv2vNiN%2BX6aYac\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844d8d95685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":4376,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"e953ba2d94ee96cbecb7949614b448db","sha1":"0a1602baa8d259a832e7735c0ebb689acb07da7c","sha256":"33bffb6c474d5923290ee247c46b20301eea1e7d17243d775b5e4b35c4a3920b","sha512":"a60d398d7aa9f3623c607f8c4aa76b5c8706c31a81e0595a771d0cd4c3e727286308a1bc4d1fce761f90e2885c819a30d44c27c8f5a92b5a2a4d2494013fb957","ssdeep":"96:k5BBEUpnzndtXSs3f4IkJQnj/cRRP8R5VvL+:k5vEU9zn7Z7kJoERR25w","tlshash":"b191dd58da245048f272e5edbff01b92f8490863570f81ebb9a47454cf6662d3a62acc","first_seen":"2024-08-19T22:58:59.094095Z","last_seen":"2026-05-13T13:04:07.234975Z","times_seen":21,"resource_available":false,"data":null}},"time_used":324,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/4c58aa9464f6ad5893f10c49044eb73a.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/4c58aa9464f6ad5893f10c49044eb73a.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"5099a7c3bc291fd0d1370dd652b42531\"\r\ncontent-type: image/png\r\ndate: Mon, 10 Nov 2025 05:42:35 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 17672256454398081975\r\nx-cos-request-id: NjkxMTdiNGJfOTVjZTE3MWRfMTY1ZTJfMWYxMDI0ZTQ=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDgwNTYxODE\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2988\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17323953182372802634\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2988,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"5099a7c3bc291fd0d1370dd652b42531","sha1":"930ba1dc859d5d2dc32c9cf40992a778f1a46865","sha256":"e08c85c77affacdf5a5f50a74a8576f04c81da4c49949e9eba692a0dc5bd39aa","sha512":"cf4b5af28e539fef955111d225d69a1ae1772fe11ce820c2c4fb3cd6c009d1df24abc5fdcf90569677dba9f6b09217ba893fb855bf8d103f657aeb42104f4904","ssdeep":"","tlshash":"55511a18d31f452f15245cbca09e619d8b7bc326d935a8079dbce029d8fc15fe2d5360","first_seen":"2025-01-22T15:28:39.236772Z","last_seen":"2026-05-13T13:04:07.186253Z","times_seen":16,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":499,"dns":0,"connect":0,"send":0,"wait":79,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/95d5b65e11db4f4b0d51000f44521a95.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/95d5b65e11db4f4b0d51000f44521a95.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"0c51b7e04c9d0676c3456ec6e87f3950\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 14:15:23 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 1342703616422124124\r\nx-cos-request-id: NjZmNDFhZmJfOTZlZjc4MGJfNDZmXzdkMzhjN2Q=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc1NzAzODQ\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 1608\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 679244039246412112\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"0c51b7e04c9d0676c3456ec6e87f3950","sha1":"62f7700419cd97a5ebab738c9f83a3c2a69960e3","sha256":"77702c068dcd58565b8dda13412ae9af3c51acf066d67511ff533a8efbf0c076","sha512":"dd172ed93a4057b2f965436e5c725e56cc667584c690b5fce5131028fd2e3f3df2129a5b1e8e49803e76bde4d909ab2520152f5bbf1350b0e486826dbde1dd65","ssdeep":"","tlshash":"0c31eae77b80341ca8ee4b80b1b6587072dd553f71a606e4c4812ae90785c35c0ea769","first_seen":"2024-10-30T20:47:38.999188Z","last_seen":"2026-05-13T13:04:07.334413Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1277,"timings":{"blocked":391,"dns":0,"connect":7,"send":0,"wait":23,"receive":2,"ssl":853},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/be281be8b340500e662bf35df6dc35c1.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/be281be8b340500e662bf35df6dc35c1.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"f570e87ecc82504350e56871671dbe4b\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 15:27:03 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 9824401301893414281\r\nx-cos-request-id: NjZmNDJiYzdfNDc3MWI3MDlfMWZjMl83YjljOGNj\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc5MDgwNjc\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3723\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8915192260875872864\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3723,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"f570e87ecc82504350e56871671dbe4b","sha1":"64fc4078875220b575639a7a8677a4295a081918","sha256":"692398d82c491ada2ca7e4ca1f238f2e7d7f5276a07d8a9dcb6fd5c864e19a98","sha512":"c6320896c7a8cae22d6c4afebd2de51d99136955e850d68813904c140cfaccb481203c19f4b31a8ea15917a25a6424fe3d9c35cad50f6ce6380c1b3db8c4d9f7","ssdeep":"","tlshash":"52714dd396b40a850b6b56ca76179ad4a7d3882b01e7184e33e233c08d519786afe14a","first_seen":"2025-01-22T15:28:39.217368Z","last_seen":"2026-05-13T13:04:07.263445Z","times_seen":16,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":488,"dns":0,"connect":0,"send":0,"wait":26,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/0ebb4d6c45004043613005a8f40c7f8e.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/0ebb4d6c45004043613005a8f40c7f8e.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 08:38:18 GMT\r\netag: \"dc48db1d671abdcfd220a9e678948427\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 14:15:23 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 19768526227727648\r\nx-cos-request-id: NjZmNDFhZmJfOTZlZjc4MGJfNGNhXzdiYjJhOWY=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NTk0MTE0MTI3MzQ\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3512\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3343000585207078780\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3512,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 96x64, components 3","md5":"dc48db1d671abdcfd220a9e678948427","sha1":"4d17b383a4368a01a6fa6a6c328f3b524701335b","sha256":"05b94aa34e47b28b86fa8d3c16149ca254b26c0c26b843e7cb1d4ba5a49deed5","sha512":"2f6d4a6e15a5b1423355b7f05799c3463d580d6db0cddc724c3245f5a06ea88a1cfa1afd9d38707e60278bc59627855e546ebb3c94ff47d46f2f9b434cdf0921","ssdeep":"","tlshash":"d1712a17f5953b41fb589d323af38a128f051482b2e3d86474bacc0a55371b009263d7","first_seen":"2024-10-30T20:47:38.995699Z","last_seen":"2026-05-13T13:04:07.246729Z","times_seen":18,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":460,"dns":0,"connect":0,"send":0,"wait":57,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/alert.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/alert.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 3209\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1GllbZKz1ktS5ZiHt%2Fi4Kc7RTwPk5Fjy21KRd2hJpPdBRg5qgm3mY4ozcwAY9Fxq7CTPKH8EukrZtwDbE34bv%2B%2B%2Br6tv3HOoRn%2F7aE6kMXJbfUxSIQGefP3updAW9eTowNEWUGBrTX%2B8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8477c945685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3209,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 86 x 86, 8-bit/color RGBA, non-interlaced","md5":"647348a6c16dc7ffa7582cef63d47247","sha1":"8ef22a07be992cc94060b8b855be9ebfaed98d9c","sha256":"5717e656143df2f6d333dc7d08fe1c25727cd8a2076e5d8242e65cf256e8a1ef","sha512":"37c5015d0dacc74599d823f894c05d31a6da0d307ad02cebc3ccf28c87e383fa5e66e02895ff8e19890505778daac9cb3edf04f0880cd9b69040fda685a4a77a","ssdeep":"","tlshash":"e2615c6a90a27ec7f575322f59792884c0f989d6f433267d3c18d5b108cd7a7467051f","first_seen":"2023-11-05T14:08:59Z","last_seen":"2026-05-13T13:04:07.307685Z","times_seen":249,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/login-safety.8d265c3d.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/login-safety.8d265c3d.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 10522\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bZIwmBHjt5wxg9uGvZecDr9WR%2FfN24q6WqiRpmRhodAT0OTnB6P4oY3H5gYvG7f3URVeSE8cPOO41AxnkX9SVylyNnkUW0wJ%2B4yJ2%2FvWdBCbRnFy%2Bmt25L7Qw4CPwZAHiZ1qODAtbsy3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478cac5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10522,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced","md5":"8d265c3d55c1fa40061fca983ae87205","sha1":"f6d447ea557d6672302b99d27e731f43e29a15aa","sha256":"1e90d7b6aa55044f76bdc5b029d82ff9f555318b8b40ee71c6ee33f86ed34e34","sha512":"7eb5e59eea88dbcdcea3ba518fba8ca6fe7734874f5ef710b362e7ebb632acea5ed71d83e5e746654db6a4606169bcabcaae8512efccf6ff91dd8d39cbe1f9b9","ssdeep":"192:CaAIAcnrRgqvcMgL/gW+ogTwVtxfF2dD34jGabQqQ/g6t7R38r/cjQqV5KlPtpcA:CaXvzvFgLIW5txfF2GjT0/g6tF3DcqVU","tlshash":"1c22bef3519a8449c6e06a08e6ecf0ccf2564dae0c0b759602bfd60aaa4e107c9d0b73","first_seen":"2024-08-19T17:03:14.927125Z","last_seen":"2026-05-13T13:04:07.258502Z","times_seen":30,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/markont.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/markont.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 3850\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Fri, 08 May 2026 20:41:54 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MWZVL%2FBO%2FE2OoYH6rp%2FneeYWqGWnF526uXxrYxTwxhQXzw7JX47F1eMGnPqRKlc2RbrOdNgIzm5u%2B63XJ97EZwv025KvgXXlk%2F%2BlX2eMt8WkXGPSQSpHWPYT1c1bsGAlMB1zEXdSWvdf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478cb25685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3850,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"abf92cada2d8c4995d9e7760a83df0eb","sha1":"b20159672421f58f396ddc37723faba9fc7b8ef7","sha256":"ece2e41f8b78a497460b5af594b63f06257c23f0396db667d444beb81d2feff8","sha512":"759d9da35641fed21448f930fbb2d9cc3ec5d7441c819bac31f00dfa810c7ab4b0464f6d2a2f34523207038ec7c98d6b27d41461e0894d4b685c55fd18ffdf45","ssdeep":"","tlshash":"ae8129155c330673e88e737c4ce93704c6639242c8d263dea9a28ca30f60ac24e535cb","first_seen":"2026-05-13T13:00:55.386608Z","last_seen":"2026-05-13T13:04:07.328072Z","times_seen":2,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/bc39cd5cf4e6cd018cd48fb70ad91d2c.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/bc39cd5cf4e6cd018cd48fb70ad91d2c.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"4a6a3b7d9837b8f7207a3c41151338f7\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 14:36:36 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 14809323883257438907\r\nx-cos-request-id: NjZmNDFmZjRfZGVlZjc4MGJfMjJlMDJfN2JlZmY4MA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc4ODQ2ODg\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2784\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9666866125862977734\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2784,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"4a6a3b7d9837b8f7207a3c41151338f7","sha1":"a4aab93f9794a5e361beca68c9d5d734d011c989","sha256":"45b2dc66f7911350083ecdc7a31798f7b1d34e997da51001f514918254fdb9f0","sha512":"a3a1d60d15d1d5a8d4ee1936ec4b73684015bfe2f06096fa466dc26d4cd0278484c7f776f0c0278754e64ca1b3d97a3b1a152c250d2b69acc7636100ef656ede","ssdeep":"","tlshash":"71515c1d1471807dfae6dce70a2c7b7038e01e01469fc47432559ca9a7a308c2856e8f","first_seen":"2025-01-22T15:28:39.169687Z","last_seen":"2026-05-13T13:04:07.295686Z","times_seen":16,"resource_available":false,"data":null}},"time_used":547,"timings":{"blocked":470,"dns":0,"connect":0,"send":0,"wait":60,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/find/1.84558463.jpg","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/find/1.84558463.jpg HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 300293\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b8APJKrJ%2B47wuDhYhT85L3YSv9o7ranGcf404HwF7UfkRV%2Bv4sODOceBm5XnNuDpfSpN%2BHhg18trb2lFtEW6ndSuau5bz1A3U2RZ19tBS6MepdRNc1MjhqoZYtEYJRZdjNuGTmqr9FtH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478cbc5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":300293,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2460x1080, components 3","md5":"845584637878717c9f1826acf9fcbbd5","sha1":"53a4eeaab9cbb1267a6b072a037a74e25c1196bc","sha256":"ab5a2fdfd17a380d288304b941740f2b3cd5ab580202ebde0eb746e75e1c5d90","sha512":"cc2fbf284fafafb28b145487d809ace8ec7d4604036b8e9b5a1d7a3b2ea960c021e2fc46be6430368b14e5527601b927f2bfd37f2c5c42c7c8e241c0eecf18fc","ssdeep":"6144:2HqoMZjjJ+kuHSW1tpBtzTN+YOKELxCcGxkWnXfa8h9QpG:2KdjOHbpBtf7ELADCDo","tlshash":"de54223d5ff4c2a0f2b651b89b0293516841e56a46a126339573ee8bf33c5fc9d1223b","first_seen":"2025-01-22T15:28:39.070635Z","last_seen":"2026-05-13T13:04:07.234417Z","times_seen":24,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/4328.77d1c89d.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/4328.77d1c89d.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 6113\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xOMx%2BvWCSRkDSd3H8sRTBWXpQ08W9maMyDZ3iZMF2%2BmqDAIeugubK1Vb8%2B6tm0PZ3t6BC%2Bm%2BIdWt3swY3Db%2FcPaE8gXUiKNXm4JnwqYYML262v7ESRSjkkHslpL%2FVlrJCw3%2FEqvrp00a\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8442ff55685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":31866,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (31866), with no line terminators","md5":"d9725dff5039916ac02cb2ad58eaddf5","sha1":"0ae6381b6a50fc9325c3837891b60b53a6604aa9","sha256":"7f6fc86ab2258c42dce97357b64c2d1108e51a9f3d0d206dad3c37116804f77b","sha512":"c761cf376964818786e61e7b1222de1cf6efb73543c663cffd2c08620cd68e3d9380d8a379b4bbba655f60cd02db8d79693112be8e7f021aafa39671a90398a3","ssdeep":"384:0TjV4z1KES5dwwEHCpSqTq+lG/3sFI56xgbE9Vw4kwEHCpSqTq+T6FtQ+mxFO5s:0TjV+i9qdi9qc","tlshash":"b8e2b86784611d1e7d37badae6cf5c78c6148807b3d30ee8985cecdfa2513f4a912224","first_seen":"2025-01-22T15:28:39.159393Z","last_seen":"2026-05-13T13:04:07.22079Z","times_seen":7,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/1982.be4a334a.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/1982.be4a334a.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 11482\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q0mtApFrRnhxElxJSWtmNzNREMzxEokonsvOPrYOGlajYY62qVnchWcLFXvidUQ0NK%2FWLRG4Fgb5fYeuizavUujQTjNbVWPwtBigywScB5lWrq57UTuJLp9%2Bb0xeqm9U%2BXPhJqqjL0d%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84468465685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":95270,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d393bf561188d502e167186834f1134a","sha1":"830ab3387722ab846c6dd2d5e2a639de544fe738","sha256":"386b8d1d94c8ffe526c705014f6580e3f31e528eb3b7edcc4e779f5f088ed09f","sha512":"0b70476074161a00bdc72635294b65eb79cd483e8214be080750f45907f445354a2f7177348a880ae9640f8a07fae0721f0c77a14ec33a65a636842e3cb2094e","ssdeep":"768:nlVi9qmDi9qVi25B1Q6ue7A+wUT8QOFIHMBLosVBsyo6A/iwli9qBBKPqnt15Bis:lViQ6iQEWiQNiQwy","tlshash":"3893a651c844ea45b532e9c2e663617c0688f62771d39efe3fef24af92e06bd2217114","first_seen":"2025-01-22T15:28:39.093707Z","last_seen":"2026-05-13T13:04:07.252372Z","times_seen":8,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/oversea_web/static/images/big-new-close-icon.png","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /oversea_web/static/images/big-new-close-icon.png HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 3993242426900583632\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:14 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":2782,"timings":{"blocked":1346,"dns":366,"connect":7,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/EN.e6fa2f58.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/EN.e6fa2f58.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 270556\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:01:21 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pLsn8t2XRyLADa2MpJJ3DRm%2FOQ8N7wUH0Xp9n4yX4VMx2E7mQYbOQkfydOFcraE%2FhJmd5FHHzdoIYnssAz4eMp8bXTxN4mW4u8PcZS1S%2BiT6%2Fl8STzdsWkE0EW1mycMvMLLtj1hzL2yl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844f9155685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":270556,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2592 x 200, 8-bit/color RGBA, non-interlaced","md5":"e6fa2f580e0d43126c698fd1365bb830","sha1":"c4d0379d4001da0585711960f51cb616a6d02090","sha256":"0b674f16362eb143576df3aeb54c643282802773b4b77b0d264f9bf6e5d55435","sha512":"9901f0aed5aec10c4f7ab2d6502bc1ede29e5f519e0ccd1cf9270f49eef5213226b63ebc7e24e5e18049d57eab41101ed06e24c304640f8cde7452475535fbe0","ssdeep":"6144:f9Xqyaunw653O3/02zwXnrD+ChUvCS52bEvNds1Ksb5uAVEg:f9Xq3uw65a/02kXnr9avCIIcNq5u0","tlshash":"504423062b511048f1a52a27d44b8a593634e9fe4a5eab507ccb2ef7f137c8cb117e86","first_seen":"2024-09-19T21:41:24.053551Z","last_seen":"2026-05-13T13:04:07.177674Z","times_seen":10,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/main.jpg","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.447Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/main.jpg HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 14480\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vJ%2FNSD5kWgeatMHqYHIuV%2FNoHzpK0Vqfv%2BhyXU6e4SB0g%2F%2Bq9j%2B9p6USNd2iBFqg7hsFewCS8jOvQZ1m%2FTRVQqzyWIZQMXh3ysSBGSd8OUzMkXUMJiEl0c3VlDBSqwB%2FB%2FLvUcGxZ6U8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8477c875685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":14480,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 478x480, components 3","md5":"fab6e238f498673f8515f6e9d0e1f7d4","sha1":"e7f2bd6792fd33da02fa4e36f89a6812b1174c85","sha256":"0a273ea5c709aec56220151087defbb81f5cf3093ce667a140fc399d1027961b","sha512":"13b3e5c7d22c7706110a1dd77e8d6a543d256b23f961936856a7dc56bd7a5753a320cf333f528466a9dd5cc5cb320d7904573ea99c1adc57e861abb3356042c5","ssdeep":"384:qsut++Qqig5UwL4s5aeb/mXJodTnj50CQ5xp3IsTliJNKFtgO87:futnqwL4s8ej8Aj51Q5xp3I7JNKFtgOK","tlshash":"c852d16b5fa240b2deb453f48f2e4730e19610eafa6d38dfb4c07301485ea9721562f1","first_seen":"2024-05-12T00:04:05Z","last_seen":"2026-05-13T13:04:07.306742Z","times_seen":13,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/main.8f2b2f27.bundle.js","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/main.8f2b2f27.bundle.js HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:14 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 105749\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uyXi4sTWtM5y03T9MLWuyJy5%2BTKSZI%2BUiOyW5MUdhCh%2BeibilByLqtsGKwzx2JF4OyrIqNxC3TU7y%2FIOivXwsv1%2Fd9L9TXjhr1y0FTIRfHomrDZmYxSSMPXOqvUpTUlEuFfMshabA44f\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8479ce05685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":350442,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65457), with CRLF line terminators","md5":"aa7bc912b5c808de63d075e3fea3e6fa","sha1":"8950d18e740665ef2f21fefc76c19e4aca9ce12d","sha256":"85ece8c481f9a602fdce92637aa40fe02cc9e2e0151e8cffd7527c67df569812","sha512":"bdec8f43144c1b5a223d7aaa8e056cd58594f765e57cdb68c53dedfe2475d1d231cfcb3c9e0558b4558a3b042e7558f53486de9ae9928aa36031b947e966529f","ssdeep":"6144:d8X48jKzfjqMuQORd5chlezp6qPS70SuLxnn9bM:d8X9KQQnh+K","tlshash":"597409dd75d6f05217b321b6407f240bb33a691a680d8950f221f8d9b8b855ee237fac","first_seen":"2026-04-26T02:12:56.946016Z","last_seen":"2026-05-13T13:04:07.261737Z","times_seen":5,"resource_available":true,"data":null}},"time_used":744,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":741,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/media/close.mp3","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/media/close.mp3 HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 12675\r\nlast-modified: Tue, 12 May 2026 21:33:43 GMT\r\netag: \r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncontent-range: bytes 0-12674/12675\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QPy%2FUuictFhtkZmd5hlcDh9BxTgjrHGLZJ10JR5Ge52OWLZGNWHCCV2VG6YtZZJzuqFnhr6WbpaWbatWveO4n1lvUz96fgJk1%2BE4poX7X6smZlGsQYnf1KWZ%2BTKHn4veT%2FJPaQDj0eMQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d853dbcc5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":12675,"size_decoded":0,"mime_type":"audio/mpeg","magic":"Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo","md5":"2056bdcfbd551273ee207f8c6ff9d257","sha1":"6fe68c9917d3409710aee4147ada311093d33ba6","sha256":"d7633fdf0d543880acc3fdaf578728d7becc1ff429ba054921d3313f73a5a4a7","sha512":"01a0022764f49e0c395d9f40fc73f123a424401e388d05373ab44ad33bd046d106881bd1f158b417030eabd8c9b52504d19155c225a1a632ef3c99ffbe771399","ssdeep":"192:kI/h/NAQ/Qa4cLtUDImzKBlSV9hME7Be85sqHARf9jt5EIJMcL:1/LcktUDBzOWX7Be85sGIr5EUMcL","tlshash":"0b429e012b05c12ff7292f7d301f86b8e0983a8f2a22cfe1a0179f94887f151672d954","first_seen":"2023-04-07T19:47:22Z","last_seen":"2026-05-13T13:04:07.298571Z","times_seen":680,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/css/style.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/css/style.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 2159\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Fri, 08 May 2026 22:26:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gmmuXf9aHGwa9zhpbiYgHLYFoCbB%2BcDXr2LmMAW5XHMJoji6IvGuF0kn0ofbXUbPPKvl5wvJ2nogxPcZ2VSLV0313uqVFTf06bKfrWzxAsPX5D5eyFVjYN%2FKUqipiqwC%2B%2F22GjFuu9OR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844b8ba5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10980,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"4b623e11631eb9d072baacbf01428318","sha1":"9136c564496925a3aa64e4087648a9f070b716b8","sha256":"fcb570c44e1f39c11efbb60818710b12900d61b3ef9619a3c633f715fe1d138a","sha512":"f7cc45def5adfb54838eb48efcae58aec483eafece9f29d5c23ff1ec6e8e8f26e02d38b757d63daea022f5b862fe6dbaf62928651a6097835b2b2d9264e9cd78","ssdeep":"192:dJYb2LIUJy5h3S+2XhwP7XcpSz6cXhY9KtBxtrJ1gvPY:YiIj5hcwQpR0Y8FV","tlshash":"e1322421df02204df23695e9fb711796ea0425039b4b8abfb9e07144dfb15ac6672acc","first_seen":"2026-05-13T13:00:55.402429Z","last_seen":"2026-05-13T13:04:07.31166Z","times_seen":2,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/css/facebook.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/css/facebook.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 869\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2Oo3jNUxWCpqTJOrNdOBho%2B16BlNjfYfDKwGdoeuK3A%2F%2Fc0k42xWCixKR6isYzRbUmh12fhHXXAf7nQCiTGA4MG6j64iuHADA5I7fKfcVY7V%2BugqNyDf8PSrYhkGswwT5k05wFcniQaX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844b8c05685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4168,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"90c5820b3f23970aa0185904a11ff81e","sha1":"86b9c93afafee85c2b8725db333b7ab9beee1695","sha256":"9f7e4b35f78420cd9d66ec71fb534626b30112ad2b67450a821a776329759630","sha512":"8981e2808c4f014d0bc5c1230b0db5cc32209208e3554a400ebf70a4749486b77e7c6c50489c3321eaa2af59c2ba727592c8aa1a2687e3b6495bab4713fd3e04","ssdeep":"96:edqVQtm5HFKGF5bMFjaeGSFeiFeCFIKFp6J0XKYZ:edqVQtaHFKGF5bMFjUSFeiFeCFIKFp6i","tlshash":"4a819b962b670548f511d8edbf952b8bb20e5823534fdc5bbac0705ccf865a886a374c","first_seen":"2025-01-23T11:42:01.066514Z","last_seen":"2026-05-13T13:04:07.226188Z","times_seen":12,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/reward/sfs.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/reward/sfs.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 36640\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L6KEwbIBahVroLsIXKlqcIJEa37P6DVaAgzHRnnoGVIpFyPTo9Sm9%2FR%2F8KiH8g%2BxIHImVDa%2FyvSYCEPYGxZVKH1Bbptuxq8lHJpkUAXwdY1OQLIzMtMlaPcchb46kbgFA4LVvRGoV2%2F8\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84509285685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36640,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"b3a839a759d0403f4e2645ccc2d7d6f7","sha1":"0a2a09d3ca75b9a2fdd7198c15dd7d34066225fb","sha256":"255e84dd3395a7be094dfdbd60f9a3df16a5741419dceeeab0cecb82101e4787","sha512":"e647cc5af229b6db025cb4f785c5a5e11ef09f2b4b07eccdf83c648daaa4f8e159b000bdba7db9fdc124f7f02798e03ba171696a43cb0e088efa63b3efe46267","ssdeep":"768:IRG5XErKMO07aUdxu6AUnJ9YkAHbeCZWGR+BaoM2ZnhXK3PVa7jWc:c5mqxfFXYh7eCZW/55K39aR","tlshash":"e9f2e09e3874d2bdfde1020056b8caa2ce61c2cae5e13516b4078cb5ed92fcd4694af5","first_seen":"2024-12-09T16:53:48.092205Z","last_seen":"2026-05-13T13:04:07.25521Z","times_seen":31,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/oversea_web/static/media/DINMITTELSCHRIFTSTD.ae4cacf317c4c9c6befd.woff","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /oversea_web/static/media/DINMITTELSCHRIFTSTD.ae4cacf317c4c9c6befd.woff HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 15657248829285553009\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"font/woff","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/824.df542587.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/824.df542587.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 20537\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:01:16 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=e9eGYuxYQmLLIRR%2Br%2B%2BiggMtvXBjm4WtIOsvO%2FEku9VLsoWcSxUwoo110%2FV6P3ce%2B7pYdmrkrhHzy3KeiZDrvMyIOF2IdmBAYHgDoYBS0tOyyDdkxjYscy6qtas64%2F4eq0Ld8hZKYhBs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84488765685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":179685,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3bd2eb0bfedc2fb4f6bca9e0d3fc2266","sha1":"9182f064eed7d6420051ec3945c4c5085b350059","sha256":"a020653f7dcd9cf6305edc9a0b6c081602f0d6c5ba67e8658d831071208ca652","sha512":"adc731109e0de18efb5478d4b32e6942645fe3bb338955d879f121b774b3cafad75ff1b7e9543710969c2188adeb055ed22c412a079663ff258efbb6a279c6dc","ssdeep":"3072:eVeVN3+XWjX7rKSsreO5LwIVZ0akR8oax6+xrQqQp8vQJCjrTZp3GRVbVyzVoUro:IepqiP","tlshash":"880476a2a0820ae6b576ff2bafc6cdca46355ec7a5431cbd81c6d22381d15f8b35d108","first_seen":"2025-01-22T15:28:39.119573Z","last_seen":"2026-05-13T13:04:07.231898Z","times_seen":8,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/639119ab1c94cd1ac8de35c32e3fe1a0.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/639119ab1c94cd1ac8de35c32e3fe1a0.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"34cf3aa55d10f3f8869f264cdcb2ad5e\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 14:15:23 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 2435251802681037888\r\nx-cos-request-id: NjZmNDFhZmJfMzU3NmI3MDlfMTRiNzFfN2IzOTk1NA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc3MDYyODM\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3523\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 13704758418080017672\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3523,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"34cf3aa55d10f3f8869f264cdcb2ad5e","sha1":"94cd8a7d54c36f1ce3f1a5d8925ef4e5c33da7f8","sha256":"6da833d493a4e1a3bf46b9d484477687d4a3c2c92aebf24c82f9e5f128b4368d","sha512":"204744a724e1e64e3c8af81ca50b1efd69a8b0d50f64c6722d71ee8d956a7781b15b9233071e32be8b24267925d5d7e29613e7431480a4e32bc21a7b4c43810e","ssdeep":"","tlshash":"fd715cb2acdb97b2616777a957351c46d7640b0ec9227a191104ee3d483432d28caa0f","first_seen":"2024-10-30T20:47:39.071579Z","last_seen":"2026-05-13T13:04:07.241219Z","times_seen":18,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":530,"dns":0,"connect":0,"send":0,"wait":79,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/d67a787d6a09a7e13f7113353d5860d7.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/d67a787d6a09a7e13f7113353d5860d7.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 08:38:18 GMT\r\netag: \"19f4213c698a8bd2ac11513a69a16804\"\r\ncontent-type: image/png\r\ndate: Tue, 20 Aug 2024 09:12:47 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 3612255795022076232\r\nx-cos-request-id: NjZjNDVlMGZfZmUxNTc5MWVfMTMyZjZfMzYyNzdmZQ==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NTk0MTE0NzAwNTA\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2645\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 6520660309192962571\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2645,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 96x64, components 3","md5":"19f4213c698a8bd2ac11513a69a16804","sha1":"8569355e1febc504d9b8afb0099bc1ff3a108a17","sha256":"cbc004f54d5c4b39d6d69a08829c942f21d9f2efd5dd3806b1da79b6eed58b35","sha512":"fa923e966ea20edd4d99e01244f62b4bc149ac5f79815fc8407f8ae1a4cd82722be64c6f2d1539c7c84ed2703eeb8c2c186f528705a71fc76cb7915d143804b6","ssdeep":"","tlshash":"0551e958b5227b03f958de72a2f2447e1f2d48c0b6daf94df5f7c842a1980f4a1285ce","first_seen":"2025-01-22T15:28:39.188346Z","last_seen":"2026-05-13T13:04:07.220184Z","times_seen":16,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":463,"dns":0,"connect":0,"send":0,"wait":57,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/oversea_web/static/font/DINMITTELSCHRIFTSTD.woff","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /oversea_web/static/font/DINMITTELSCHRIFTSTD.woff HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 4509020749557468274\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"font/woff","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/ea5a6d6957c40eba3e23ab595a21149f.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/ea5a6d6957c40eba3e23ab595a21149f.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"d244ed5276d11a8cda6da856db0ea9ec\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 03:54:50 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 13077386745630545903\r\nx-cos-request-id: NjhlODgzOGFfN2FmNGQwYl84YmRfMTljNjljYzg=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDgxNzg4NTc\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 4475\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15938356061913431061\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4475,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"d244ed5276d11a8cda6da856db0ea9ec","sha1":"8e8dc2f5f2388de5bd7e38972dfcce8ce871cdcb","sha256":"e79a60b11e79667b7d66c3b748e100ee3f03f9fb834335896ddaa709acf95c0d","sha512":"cf8720e0983e663866607b0e41c457f425db18714d8cb78a3fe9ab7c85b28a85a3740ff06c9a27ea74b7a8195ab2189e1751b7df0d26f93a5b4aa8633425801f","ssdeep":"96:d65sWsLEEF3ehQM9xSMqtbGUR6NjRZSGR2FbyYyn64wFtT5H5sWsSk:d6kF3Af/QijOSmyT64q5HU","tlshash":"67916c389ee54620e67e217618a5dc90942aa4831b9388b7d3a7f08307545d73ffb27f","first_seen":"2024-10-30T20:47:39.049799Z","last_seen":"2026-05-13T13:04:07.182827Z","times_seen":18,"resource_available":false,"data":null}},"time_used":585,"timings":{"blocked":527,"dns":0,"connect":0,"send":0,"wait":55,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/icon-twitter.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/icon-twitter.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 5997\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iMctbxSQubKVVI7%2BNeOn3fHpApsqHkvAXTUrcYaVhBDHXHPExoMeLgEkVkcwxBwGJnKlE%2B1YH32RP0V%2Fo8Gx1Spqv9q3LDFBhymsbshLkNDK2DKlwaKQqKiNDa7qe%2BKNMimnLMqRypw7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8477c905685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5997,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 86 x 86, 8-bit/color RGBA, non-interlaced","md5":"3102bd5ece1855fd21122d8f0e2f6b43","sha1":"79e8a83aa0eaa45dd07914726ad40736fd0bcbcf","sha256":"4b3a0f6de375b108b3fd927b85f45660478919a1dcc7051ff227e4bf8d49d9de","sha512":"3c2cf28e956f19e6b8ff56a50f3e4a9cca00db32fefefca05679756d422905c0030f9a1ef7923eff4c7b907b600e580e064a76fd1ccd6f13353e209ce22c4c3b","ssdeep":"96:5KbjeqR6yWefSE9K4JoARywhJfepn0WS3IBPLWbqhqtf9Xb/19R5mz1FfHfpz2:wLpGGyypOn0WZGq4fLIHxK","tlshash":"c4c19e3c04bc78bd2173434781655d2c461b09a7f608cd7f7ca2c9b483a9681dfda622","first_seen":"2023-11-05T14:08:59Z","last_seen":"2026-05-13T13:04:07.266583Z","times_seen":250,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29671\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 12 May 2026 18:20:26 GMT\r\nexpires: Wed, 12 May 2027 18:20:26 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 67189\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84245,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32061)","md5":"e40ec2161fe7993196f23c8a07346306","sha1":"afb90752e0a90c24b7f724faca86c5f3d15d1178","sha256":"874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4","sha512":"5f57cc757fff0e9990a72e78f6373f0a24bce2edf3c4559f0b6fef3cf65edf932c0f3eca5a35511ea11eabc0a412f1c7563282ec76f6fa005cc59504417159eb","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa98:7NMnJiz6oAQKP5a98Hrh","tlshash":"db83d6d9b2c67062977730b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T15:49:28.233131Z","times_seen":57031,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pubg-events.maxstoday.com/","fqdn":"pubg-events.maxstoday.com","domain":"maxstoday.com","tld":"com"},"ip":{"addr":"172.67.223.201","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-13T13:00:11.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"maxstoday.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 12 May 2026 11:43:16 GMT","end":"Mon, 10 Aug 2026 11:43:15 GMT"},"fingerprint":{"sha1":"87:9D:7C:59:72:99:20:F4:72:15:2B:B4:8F:26:AB:9F:29:FB:A1:BE","sha256":"6A:82:1D:CB:58:8F:EC:FB:D0:8C:C3:F1:3C:D3:C3:6C:22:D0:4B:7C:60:B2:CE:24:3A:0E:46:01:C2:BF:DD:59"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pubg-events.maxstoday.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 May 2026 13:00:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gUZMMoBFrplOU5fEGBNwr62DdrRGz2amr1KZvj7obMejQeHv964hPWWu%2Bw8ArJIQb0Lo4%2BzkF5QVwKXijHgZpBMmch95raME7s2ctFBr3eYkFdV%2Fq962N%2FGQUD38WFAkm0fDjkh%2FSaBDjE75\"}]}\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nage: 4168\r\nlast-modified: Wed, 13 May 2026 11:50:43 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: br\r\ncf-ray: 9fb1d83e6d16b4f9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":1007,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"0461e14a5c45898359d346c7b5198520","sha1":"9777145ff00db12b3124206d8e8507fe8497cd04","sha256":"e87d527d4072a13bf5a58e178008a704b9a1a98442a1e7339be42bd832b19889","sha512":"d84791e849be15e644bc655811348934be13bd80654fe3d84f0c3a9bf05eb560582df643755ad2fcd0656dbc9ab86296ec2334aab33d40bf4118867e7bca51f7","ssdeep":"","tlshash":"3211e1f7ee015d2a4170928c34dab0ac65a14a52b66d9c70a2fac98e10d4f5dc87335e","first_seen":"2026-05-13T13:00:55.410395Z","last_seen":"2026-05-13T13:04:07.299754Z","times_seen":2,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":47,"dns":30,"connect":1,"send":0,"wait":21,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"pubg-events.maxstoday.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"pubg-events.maxstoday.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"pubg-events.maxstoday.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/4521.6f6cf9bf.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/4521.6f6cf9bf.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 10025\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B2ApzfOQs0YUxUfVUT3cgAT0Kug433QO%2BLJE9bw9M6nDzYVwxdf%2F7%2FCTIYlEVoKOi4OovS52De0PaKIR3N9T8LgVMzCDtJrhsZQ4ds%2BmcT01qloKJDYVHbWZXQno%2FIJ0C9fl84N1NNOy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844684a5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":42869,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (42869), with no line terminators","md5":"877bddfcbdc84f7c871dac41c72375d7","sha1":"c48de55760b5416235e942fd2ddab66d84cdabf0","sha256":"4e8acccd17c7a47ad3c406d971e3dc16387bfd5d326942495e39d129a1982603","sha512":"3d80aa94d928efb6b6dfa29e129196b3a5f0fd4664c4cad29db2371b349b2953969efa4be8396bab16ddece4e2538e24312308d57d22352ff684160270e48c7c","ssdeep":"768:Xi9q998EbF9RVisBjGoRv5EFyDlEzLEjaBoHw5:XiQ998IFLgiqqBEAx4kaBoHw5","tlshash":"b913637e77007bc8a3ed91d1c999b1a826d8818d73121d3e6aa46f6db5730cd3e290c7","first_seen":"2024-10-21T08:04:20.319081Z","last_seen":"2026-05-13T13:04:07.22248Z","times_seen":10,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/7680.54f64d50.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.959Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/7680.54f64d50.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 10909\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YE%2F91Fpz2EOSW%2Fh4IRQN2%2BWoRej0I4xKeQsJFUQFsz9aE0wk9dAYqTde2sVDm54VqTgH0PwLbpALmBw5lVgnHN6xlqex9Oxb3KSXm8TNb4GoRsbjpLa%2BZLjC%2BavLLtfZEWtVUBHUw20d\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84498905685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":93142,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"10786a507cda767262127840d5017e52","sha1":"98c29e8e92d688b3e98ce9c2a61350cf9e2cd1bf","sha256":"9a7535ca49600ff8a8cedf8c4062a65dbf8b43a21bafa8e4a4cf1c58d66fbe1c","sha512":"1ea40022d683ff61f62d7eaa1cf8f8867a694926165538ff36acc8b98ac105603f8198b10942e73923c6087915aed664c8150068acc0b9bbe5ce9fb291bcfcb7","ssdeep":"1536:ItiQSK9SEGf2qutV1eTZZlPsHlviQFymFJ83G2iQFAQDYGlwMYpjL3hiQAGQ:+VSQSEGfc4ZZlPsHlvVqV8GlwMYpjL3m","tlshash":"b29384908c02889d737b7da3d6af9e5cc794467b63e30778985c3bd78342ef52a21894","first_seen":"2025-01-22T15:28:39.097986Z","last_seen":"2026-05-13T13:04:07.259071Z","times_seen":8,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/css/twitter.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/css/twitter.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 1210\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QTnTjq9nGCfC6292EKd9N%2Bo82zbpnuoKksN2y2SjHUQy2GFtFejNRZtqm7PJGVBwzB6VxRkgJjw223a5kJ4RZgI9rjzA51GW%2F8Lllpu5dXZFuXmkvUTPTVx%2B3wASw7N8Zr2ZQGiK6D0I\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844c8c95685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6451,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"45e7f7f91fc9fe870757838a4b297eac","sha1":"1c3c665b1e88c2ac85979c10dbc605847fc17dc5","sha256":"d30e1b758d21598f80faf0e89a43d2340e2b7ff26b030a0c3dc169d6e65168e3","sha512":"2ecc46cf2990362a345b98eb383051e8f1338023d448371643b5896f9ae59af9c65d862f57cf86ac3e9d2c6d36b7d229d8950ff2d6551a3df958a22693c0a3b9","ssdeep":"96:/acJ6M6X4zezulFW5O8KZfkli6AOYNHA8VoIoV0:ScYrOlFqO8KZMli6AOyAWoU","tlshash":"a1d1fca79f221508f502e8f8ff66ab9a66094013534fcda7ba4c361ccfc659847b274c","first_seen":"2025-08-08T20:20:25.023305Z","last_seen":"2026-05-13T13:04:07.24853Z","times_seen":17,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/6b5b90bfdeca819d6a45171e85b81fce.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.171Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/6b5b90bfdeca819d6a45171e85b81fce.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"81b94ade773a1869fe01d031db36327d\"\r\ncontent-type: image/png\r\ndate: Mon, 21 Oct 2024 18:05:03 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 13652087803389900638\r\nx-cos-request-id: NjcxNjk3Y2ZfZDA4YzdjMWVfMWYxMzBfYjJlOWUwYw==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDgyMjczNzA\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 6835\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9952172343618817027\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6835,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"81b94ade773a1869fe01d031db36327d","sha1":"b448968f4de1f24e634893c0831b3f3bf8e2fc92","sha256":"1fd19cd69527b2137ee3c99d32b3d95b5316e0376bbb57b9cdafb12e8e18c069","sha512":"0178a639fd748cbf8384aae3b37f811ac2cac650bc3b33edf139d9a3bc883eabc3372cb8c97bf22821ffa787d6966b8b679412fc382afae8af1a990492c17f8f","ssdeep":"192:1daGgkirwKwTEYDOOQE6xYcu/BnJngIE1xlRSc:9ZrTEYDOOP6mf/BJDE58c","tlshash":"0be1afe81a52de868474b558ae90b91c15d7201e21bf38f32cf64973ad5d0481529ff6","first_seen":"2025-01-22T15:28:39.175067Z","last_seen":"2026-05-13T13:04:07.26395Z","times_seen":16,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":461,"dns":0,"connect":0,"send":0,"wait":55,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/icon_fb.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/icon_fb.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 4538\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1%2FooLoVjuAYtihXc02di7buOWB2Uxd9a7uvsNfZkVDfOwuuTleeaXyman%2FHpM9PoeKzTXoXq%2FxG26vpNbMGwPSZH43QF4wCQgZdB4FvPv5dFyGI0kX1AKyZWM5DTUDGV6WuxR4zE%2BDK7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478c9a5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":4538,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit colormap, non-interlaced","md5":"8552ac3c41b10ae9e7f13d95e845a35d","sha1":"86715d70cf7fada24e9d5e6647135f8678e923cf","sha256":"3963edc509012e07abe8e5e3955a1793a21cadbc706859f1a299779b4289115a","sha512":"5952b45539325f0588a781e1da4b524c08f276b8ba49539906ccd5830538ac80300fc6a5802b298780b0aa840c921ff58d2aa907d67087e10866588c77468585","ssdeep":"96:d/5DiI4ol5U4Lm/kAqGSIh3TcLa7taEbpiuSymf84Jz33iGGS1Mm:d/RJrSkAq8hjc4rbEuX4V3GSym","tlshash":"ab914b716dd81eefd71816f4267ee75ae5e09ef0e226c00ec157b66221712069f83704","first_seen":"2023-12-16T16:31:33Z","last_seen":"2026-05-13T13:04:07.318694Z","times_seen":199,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 13 May 2026 13:00:13 GMT\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":24899,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"dd59052c593dd4fd28220ef1c4ad1931","sha1":"dc1d41a2023de52c9a6c22813f4f3e4023fb18e9","sha256":"e1846912562de798b6a53af1f5fe9c464510701b176dacb7ec48fb8d20685771","sha512":"187d04ddbc2fca32f696fae47a69878f3eeba01bbbbb6404c9f7a6bc0c0acee7262676307f49f12d519aeca74f7dd239fb8d5b867f8411769abbf5b8cbbbee27","ssdeep":"768:3FsbbYSRv4wFMl22YfRiJhan6BBYERNeWwhQHHYORjUM+:LIHT/","tlshash":"e9b20ba10417440097834ce223cebf35fe1f62507042d0b5abfd9b6baddbca652693ad","first_seen":"2026-02-20T02:02:37.810981Z","last_seen":"2026-05-13T13:04:07.184763Z","times_seen":74,"resource_available":false,"data":null}},"time_used":704,"timings":{"blocked":297,"dns":4,"connect":21,"send":0,"wait":33,"receive":0,"ssl":343},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/footer-fb-new.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/footer-fb-new.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 2899\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eMOFlo5n3y7JYgIrSuptDKHvJdliHwkY%2FjcFG1ahGQnj9f2lla5Uq%2FaMCledSdaPNsZT0tA0%2FVCq71ClVSwq5UJ3pcaFk9cm7hv296qPxmzNNxzBlAu%2FCY%2FYCWbwjJ0J0l5wyZdGcjSB\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529485685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2899,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"9be2c56c1a42fab7e2f5b764573dea4d","sha1":"16f58f9b1f5fd465d3a8bc765b972eadb5166f24","sha256":"cc8830f258c471b9cb15d69cda554d5181bd680996dd0041e3b9986b3b0769bf","sha512":"bd6d9f12f0bcceeddbce85dfcd81b6c1c82963d2ddfbc4ef53f4c85071c15ad72f1a0fd91550f618b75f003398bc1ebb18f2969bb69e707d1ccd4a393c9c98cd","ssdeep":"","tlshash":"47516d9326b1d9cdb73aee2bd44344f652fd785c9360139d195c0cf7ac460494be1092","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.276987Z","times_seen":362,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/footer-email-subscribe.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/footer-email-subscribe.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 3349\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qTEgrpd1%2F3%2FgWE9DBYBc4vPi4NhS4BTZmBDxlWCZCndzKbhiSrNjmeBCb5HjrvjO2R0MO0mGiHBGlZ8b2xNP8uEbdYhDQJ7kIO%2FqTMWsCr4OukvtobeK9lCloxyf3tyeorrCUX%2B75KoI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529535685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":3349,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"150e097b432034e3fedf6443b4551a16","sha1":"a4299dadb4feda18e484362ce6892c52b507d5e6","sha256":"b9ca6c3a516ec9dfbe4f33e318d560f265836d51627cb9fa3d881062a2fd98e2","sha512":"b706811890123610964b651d9aa744644331cce7b89a68059945fbf9657f360b9432c602667327a539b99d89992f2ff6717469ab82eececc4232c66aa9c61f06","ssdeep":"","tlshash":"07616f4f519bd770ccfd59362f172290cd586f65e7f9b2385084ba4488991090db286f","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.279271Z","times_seen":356,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/6426273c411d56dea83b843208fc0956.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/6426273c411d56dea83b843208fc0956.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 20 Sep 2023 04:03:05 GMT\r\netag: \"de2290f1fd7a40307e91850dc7523c0f\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 06:22:43 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 13225242165171071254\r\nx-cos-request-id: NjhlOGE2MzNfNTY4ZjdjMWVfMzE5NGRfMTlkNmFlMTA=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNDg4OTExMjQwODI1MzY\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 7415\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3554052028651657618\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7415,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"de2290f1fd7a40307e91850dc7523c0f","sha1":"158e774068e54827713281d58df848eacddfa610","sha256":"275fd1c5a87f312d9c702467667fd5bbbc8c01ebc897a5d2712450d40755fac0","sha512":"f527fbf5d2c6173e6f536c216ebea9e0f9069d9918a9a03a391478c51d3ac6dd18049bafcf1a890ea563a32fd34741eb1a86bb61bdac9b260cb6ac271bb81afd","ssdeep":"192:S1QGd9BmU9HynuwoadVVJY9nMl3j/KrjImK:hQmq9C/Vwo3ojIP","tlshash":"74e1aee4a9806e1c8ce0777f3633b46fe6f42ebbb51791014009ba997d82cec1429c0b","first_seen":"2024-10-30T20:47:39.06474Z","last_seen":"2026-05-13T13:04:07.217562Z","times_seen":18,"resource_available":false,"data":null}},"time_used":602,"timings":{"blocked":529,"dns":0,"connect":0,"send":0,"wait":56,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/7bc1bd1d7d6bb6740dab72c08f5a65de.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/7bc1bd1d7d6bb6740dab72c08f5a65de.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:22 GMT\r\netag: \"8a4a36ced8460cff6621203b4a8be599\"\r\ncontent-type: image/png\r\ndate: Fri, 25 Jul 2025 03:14:18 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 5559300856640754477\r\nx-cos-request-id: Njg4MmY2OGFfZjgxNTc5MWVfMjYwNDNfZWQzZjVjNA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc0OTYwNjA\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2399\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17652375382581682764\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2399,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"8a4a36ced8460cff6621203b4a8be599","sha1":"345dbccbe726602e863c86c9b10cc9a7b46b2152","sha256":"fa7f1acab16c0bf21fdb72566f0d86176c59d2489d16891ad31a4abb15e1a616","sha512":"fa69a21063d5d034c0b839b853d3c57ae7a7959034003a9b77230ff0c9103cf6aad22dc5d344cb118096e4593985d29e001ff8a6c76561c3ae750eb60e469863","ssdeep":"","tlshash":"5a410ab51ba4e4d9b66aedb0727437641b7e0a36c884df085af983043b3d9940f85164","first_seen":"2024-10-30T20:47:38.972314Z","last_seen":"2026-05-13T13:04:07.297297Z","times_seen":18,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":501,"dns":0,"connect":0,"send":0,"wait":79,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api-ipv4.ip.sb/ip","fqdn":"api-ipv4.ip.sb","domain":"ip.sb","tld":"sb"},"ip":{"addr":"104.26.12.31","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api-ipv4.ip.sb","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 04:24:05 GMT","end":"Mon, 10 Aug 2026 05:24:03 GMT"},"fingerprint":{"sha1":"51:4E:90:02:61:13:15:C3:24:E5:CC:8B:A0:0D:A6:FA:CF:3D:2C:09","sha256":"CD:04:DD:39:AB:11:09:DA:80:DB:44:D4:A1:44:D8:D1:6F:83:E8:92:20:55:3A:47:BD:E2:34:CC:5A:09:DB:2F"}}},"request":{"raw":"GET /ip HTTP/1.1\r\nHost: api-ipv4.ip.sb\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kweoywum.fortoday.asia/\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 13\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PUTWenSJwfNMGmFLphSbPD0tvN4O8o6DO%2B%2FXoVEyrhYo94KqI6%2B10nmlA3VpFYZtTXwCevqHKaK%2FTPrIQJ1wUSOP6MtJvfOeqrDrP5H31qPHctvKXuyOkyN6JfoSQaCm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9fb1d853df3bb4f3-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text","md5":"d0f727049a6c39e00df33badfc529120","sha1":"bcbe610cd9d4baf88e53c32375c624b8920fb570","sha256":"4b3f1dd9b6a31b14247dec82b502a00a71d83ebb9f007bfccf7bd490e1604821","sha512":"9760d662b6b3eb1d7611cb94350ec8e578d2b8d1de263603cd098f7095e9a2d5f3673170a36f08fb91ea8f4022840b0727c965114e201864e449b149a38ac5c4","ssdeep":"","tlshash":"ba600003300300030c00c00cc303030303c00003c30f0000ccc00f000c003300330000","first_seen":"2023-04-08T10:21:22Z","last_seen":"2026-05-13T13:43:55.892123Z","times_seen":3997,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":41,"dns":14,"connect":1,"send":0,"wait":15,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pubg-events.maxstoday.com/","date":"2026-05-13T13:00:12.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/ HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pubg-events.maxstoday.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 May 2026 13:00:12 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UxzzN6gqohrf%2BpYQ5A5hwdwc5fokUwLBwFBvqKZZobexDuCamYgGJHf3dd%2FAY0e1lo9tOyJnALPsalkQyZh7q30FnaLMigsp0nmfL2G6Pzk0qbLMBDzSFyPuTq9hBgnnz5qdi%2FBj0e%2Fa\"}]}\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9fb1d840fd1f0b4d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:1.9.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":134263,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (10465), with CRLF line terminators","md5":"753cbab1cfc3dacf41ebde996d7830cc","sha1":"ed4d7e684e126d971f004a00d75b496b253130f2","sha256":"294ebb4cacbfd525e52f2f00f80eb0fee868ffde2913088591e9e2672590f979","sha512":"a57dea4da14cc5f49293bb3d678c1c6f8a2cde9877581cf6b8a7b0463ec8bef3a43963699881e5b75d003acbc509800ecd7f6e92f6e513ac237d4802339dd5a9","ssdeep":"3072:nLfXh4s4TaPeIkkTfMlC+BXkkoB0/lSaXvlag7YgDQMPU:nLfXh4s4mPeIkkTfMlC+BXkkoB0/lSa6","tlshash":"03d3843240552c2f522344f5f2a25f0bf495427bdf0b4e1573f827abebe7c5a8a26648","first_seen":"2026-05-13T13:00:55.418037Z","last_seen":"2026-05-13T13:00:55.418037Z","times_seen":1,"resource_available":false,"data":null}},"time_used":709,"timings":{"blocked":142,"dns":62,"connect":2,"send":0,"wait":423,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/1b7547721b97448e7977f42178a5d93c.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/1b7547721b97448e7977f42178a5d93c.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Apr 2024 09:30:43 GMT\r\netag: \"af552f8eeb7bfec290be99e716717394\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 02:29:42 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 11206616384710321509\r\nx-cos-request-id: NjhlODZmOTZfZWQyMTcxZF8xMjI2Yl8xOWY3NWY1Mw==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwMzAyMDkwNjU2MzQyNjE\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2039\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 15696884800569607556\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2039,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"af552f8eeb7bfec290be99e716717394","sha1":"626dad4ed3e2fb34741142a676a75f95dff82d91","sha256":"37709be2b56435194fdd16655c7a3f22b012f7354c51d3fa83092951a1881ef9","sha512":"9ae4505cd493477294130469627bd377a24224c534a21d49dd862c4c5de82acfe549c604dc3f46027555d8ac02dbd872ec01f89325dbf904e8db786426660b92","ssdeep":"","tlshash":"4d410ab29759bc90c32741fc464097843c289108a561f10fa354c763a5163cabaf781e","first_seen":"2025-04-01T11:40:37.263401Z","last_seen":"2026-05-13T13:04:07.255862Z","times_seen":26,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":529,"dns":0,"connect":0,"send":0,"wait":54,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29707\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 12 May 2026 17:53:26 GMT\r\nexpires: Wed, 12 May 2027 17:53:26 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 68809\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84320,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32180)","md5":"32015dd42e9582a80a84736f5d9a44d7","sha1":"41b4bfbaa96be6d1440db6e78004ade1c134e276","sha256":"8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3","sha512":"eda31b5c7d371d4b3acced51fa92f27a417515317cf437aae09a47c3acc8a36bdbb5a5e70f0fbfd82d3725edf45850dde8ca52c20f9a2d6e038b8eaaceee3cf1","ssdeep":"1536:AP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrb:z4UdWJiz6UAIJ8pa98Hrb","tlshash":"a283d6d9b2c67062977734b851bf410bb17a98dab80c8c60f0a4d4e47eb4a8d517bf2d","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T14:32:59.586205Z","times_seen":14452,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/9552.808739f4.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/9552.808739f4.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 7465\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:01:17 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U%2BxtYxbMWqsuNu7UNnTlCAsAkUU%2F%2FNrwh09WnXOMHKTUr9Boc5xBfR%2FGWef4q89ghSOUsXfFrIeq5%2Bnu3m5fOe70VUVJ6j5wmlP9ntMnctRQKr40LRRDd4cN5nCO139%2BYPCuRn6p1r0D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844987a5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":29997,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (29997), with no line terminators","md5":"de84973343f43542a85bb99aedf3a2e3","sha1":"e321e60e593ff35f7c03358274392bc116272b35","sha256":"c2de83da0e0995a21ddc2a4f92cd2c3890a3f1918a3c5b1939028b7fc7bcd7f4","sha512":"f809eada44d52189801f089f7642085ae31e57c470ee3e8138b858003835587680e3d70ff7ed468aeedc75c6d6ce3874db03934b5f7c5cd0e27ecea063e0b85f","ssdeep":"768:3BQxhi9qCr6dJJ254lLCe3pv1QYfQMLlGRzeLsCJ254lLMFl:3BQxhiQCr6do4lWe3pv14SLsb4lIFl","tlshash":"04d2b66d6bd3283aff2dd7cfc551b10a47fb6905f7422f7cd260689a42bc99813610a8","first_seen":"2024-10-30T20:47:38.831917Z","last_seen":"2026-05-13T13:04:07.17428Z","times_seen":10,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/2061.c1b1bdd3.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/2061.c1b1bdd3.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 91972\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cci7M3cJqTbX4B7xbeXCvze3BkQvdkLSZsF3vgHaL2cqBLH5PUgYNi6Tff6BkC7lbTj5UvjfWZwF9sI0P%2FwgUfYEU7mj3U3Hy2HxaIJrt3EXbIUd5q83X6%2FohcqGeeCf3vY%2BztRmJVF0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84498995685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":671782,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a246547653cb51ec265bd152228542b8","sha1":"adb30acb2f269bf6cc4f70607ad7fd62ab6a3ef0","sha256":"4cf0e0724378b7d2fa3b57d3d0a318c1c605337f2199d859857920d11f5a61e3","sha512":"6f2619ede4e5360d243dd796a8eca3319744c4d52433ceb3b85ec3962fb58373a635b0d4fda778436c5f589bbb756a186860f46bb4271fe34f9dc1678c506fc7","ssdeep":"6144:cgeEXs8xXnkZmDZ98Fsqr8X/qr0kqr0HdmoKhZDC:cgeGs8xnkZmDZuFsqr+/qr0kqr0HSZDC","tlshash":"5fe477f1e415094a76bb7e0ad5c698fc1b80b7c7c947797ad980882ee3f0ed73651a08","first_seen":"2025-01-22T15:28:39.128729Z","last_seen":"2026-05-13T13:04:07.266093Z","times_seen":8,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/css/animate.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/css/animate.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 5613\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HnKpwbmbW%2BFEzrjSEdIe7hrr4vC5bDHP4aMJ3PBhOaemRM8kuj7rJ6sGjS9x%2FqGlyMGlUwcKuYa8DaDt%2Bk1RClSNquPBCRg5l1qrejVrWZJaZuBzq8N9HdkUhXCxISpGwEmmyYkQNlzx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844b8be5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":79279,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1120579032f3cb1737e0819f9fcffa7c","sha1":"3981684171cebe7deeafb9d7a4a54bbad43eedd0","sha256":"bdf63257624aa701af1476c0a25c86ec555d9ccdec0a0157ed005a49d5423856","sha512":"58cc41512a92a327fef08ee58716d97e0b8ba1f93df13912ae666da83ebca50d612cd5280367fbce00b0e5a04ccef9a167ac74bf4ccf6bab47e348bf631aed9c","ssdeep":"1536:gBDxYx8x6xu899Ml5Ixxx/xGxW3BkEiH06GdX3aKMyt2MNal:0xYx8x6xVxxx/xGxUK","tlshash":"4d73389d9b4015c457328d2a8bcd4e64463cb973587a5cef7282188fdfcab9c63ca607","first_seen":"2025-01-22T15:28:39.254573Z","last_seen":"2026-05-13T13:04:07.278748Z","times_seen":12,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/%E9%85%8D%E5%9B%BE.fa450254.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/%E9%85%8D%E5%9B%BE.fa450254.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 6733\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:01:21 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CbQ3wk9v7c%2Bl7dlmP5JIT2fy6NZ8mvfmO0s%2B1WhRqTCuZ2HzDg7t5zr04v5KVz1b7jbzSGpt4z7%2BOZqPd%2FwFK7t48e3y1ybWoCUxaIoN8mLbqBFG3AkMZsD8FtG%2FoDrZaZ6nLMY88zT6\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844f9115685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":6733,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"fa4502544241dc83d3fffacae3dae626","sha1":"40f2214c45ba08a37f1d572cc5733c6b314bebd5","sha256":"e35da6074b8235df8688e044311d0c76293e12bd1d8d1be6a4cf4a8476e82c97","sha512":"21c1af9d858fab38808abf9a22949f3791e14e5ee9255d91e1db58ad28a03eb0901196111faf113f6c4bec74b6ba97b55703091b31472523fd5aae3989a100b5","ssdeep":"192:ez0Voellf9hRqRSKlGM3fTZvAR2HPqWWV02m9VJeD4:evMl1FKcMPTKMq3GVoD4","tlshash":"87d19f63ec43a31585198335b3e7867ce9c38e20dd3a743b0f397adbd2150572769688","first_seen":"2025-01-22T15:28:39.13769Z","last_seen":"2026-05-13T13:04:07.326282Z","times_seen":9,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/bfea95059a8a754ded3eb4eac49cf727.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/bfea95059a8a754ded3eb4eac49cf727.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 08:38:18 GMT\r\netag: \"c9c7250875609f2d88e68aed1d119ed3\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 06:22:44 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 10760011618917408615\r\nx-cos-request-id: NjhlOGE2MzRfNTY4ZjdjMWVfMzE5NTVfMWEwOTcxZDY=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NTk0MTE1NTEzNDA\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2658\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 798638133908218099\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2658,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 96x64, components 3","md5":"c9c7250875609f2d88e68aed1d119ed3","sha1":"40dbdecbbb8792d85aa091c9605b82fe21fe7b94","sha256":"b5356844a20ee1ec27862f19e8cc2e09f383bc41b0a5b27062eb2ea804526ad0","sha512":"e1bad15950620ba34b27a3b1789fee53eca873e0a19ce3e9091d014963943715473aa41dd330b7b93c670204d9ef8bc95859f4d6073fbbbaf4e07f97a40b563c","ssdeep":"","tlshash":"2351191bf0522703fe8ccd7062f1917b6e4955c0b9d2f7a9a1f7e00799604b6c40d2ca","first_seen":"2025-01-22T15:28:39.221024Z","last_seen":"2026-05-13T13:04:07.274044Z","times_seen":16,"resource_available":false,"data":null}},"time_used":563,"timings":{"blocked":504,"dns":0,"connect":0,"send":0,"wait":55,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/abb7da543aad342e9b543399b4f44a51.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/abb7da543aad342e9b543399b4f44a51.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"0f0b5f1b689ff5f21e47e0cfe3098120\"\r\ncontent-type: image/png\r\ndate: Mon, 20 Nov 2023 15:03:02 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 17445457594453902977\r\nx-cos-request-id: NjU1Yjc1MjZfNjg4ZDdjMWVfOWI1Ml9jODQwMGM0\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDgyNTE0NDE\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3699\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2795876769247519239\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3699,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"0f0b5f1b689ff5f21e47e0cfe3098120","sha1":"21bc4b71d70978b3f045ff1e078db3975e7c92cc","sha256":"1354edfd3ed632934e78d9c154210fa1d871103e5ce5b45fa09172b4ea8924e2","sha512":"f3cacb787ba52d05d7ed82f3f6002c5f0873a3d349f52b19794802c7f42b69798fcc20d4503c223db763a22d21ed368dc8b16d7c7573bd417083fbbb59bcf89d","ssdeep":"","tlshash":"f0713cd268ea62ccb761c63040b0db01a6286ce80e2a893bacb75df55051595f96d1cd","first_seen":"2024-10-30T20:47:39.014083Z","last_seen":"2026-05-13T13:04:07.294777Z","times_seen":18,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":479,"dns":0,"connect":0,"send":0,"wait":83,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/2f41bd3cf12ec520f03bda90a4d68c59.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/2f41bd3cf12ec520f03bda90a4d68c59.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"749b5bb9326f07330244e0839b8cfd94\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 14:15:23 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 4357609762427031897\r\nx-cos-request-id: NjZmNDFhZmJfZjgxNTc5MWVfMjE5MzVfN2NlN2RkYw==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc3MjU0NTM\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3286\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 10411540386302287781\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3286,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"749b5bb9326f07330244e0839b8cfd94","sha1":"93d3987eb336bb26c524bdc636f4a23118afee0b","sha256":"720674c55c4e72f335bd33974da2ffc871c6405fb31be3128cabe939baf1ed71","sha512":"2f464b1df087df803218b46259a532f4994ad27ee38557831783fac173e39302452d9acf68052c37b24dea7d7d9f75e1368a050242f80eb29e5fb15b9a959bad","ssdeep":"","tlshash":"4b615b951a773c365290eea81336108a7bad60b16a1c405e1837363ecc98ac5bdee339","first_seen":"2024-10-30T20:47:38.982315Z","last_seen":"2026-05-13T13:04:07.233657Z","times_seen":18,"resource_available":false,"data":null}},"time_used":563,"timings":{"blocked":478,"dns":0,"connect":0,"send":0,"wait":57,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/find/2.4d71ee03.jpg","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/find/2.4d71ee03.jpg HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 200126\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sfMgXfiwEJsG91WaYuL2WZTeIPnaCo46hiYI37jPkOpVLmV%2FT3rDBupiX0CveDl%2FiM5iacIxSSJuWKAVVO1xiDiIH46Z3A%2BxxGyysCIlYdz%2Fr5Ztb9hceLCuadXQ9QnDU6DYJKopkp1L\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8479cc15685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":200126,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2460x1080, components 3","md5":"4d71ee03b0f0bee2365c91b54956c404","sha1":"89aace8dfc7a3c29c852b081625380c305d2f5a2","sha256":"8dd984223922810afa892b8d60539352f4e30ea19c1826f46529dbbb3f42d898","sha512":"f7255d8b805069ae829b985ffe6cf3c135a688de7b27e778c02c9af2c26a77f75612cee950f15806f60ccfdd1aa3bc7457f62cc260a69208455c9ea66c7ddd95","ssdeep":"3072:9Z0h08Unwyn/2zEmk91N5jE+ytPNlT8j8VZoh3kcw7RT03gZ1vTvsbXvgv8NCY:9ZGUwkzR9fq3tPwj4ZEGU87sDg4CY","tlshash":"ab1412a5090626d7c9ffa3300296db7d2a0b85fcc5598b61e2b44f71e8e26f2bc34516","first_seen":"2025-01-22T15:28:39.132159Z","last_seen":"2026-05-13T13:04:07.22557Z","times_seen":24,"resource_available":false,"data":null}},"time_used":372,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/2291.ce051814.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/2291.ce051814.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 96260\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cZkvLN3KIgSKH1SPo0yJzKBMW7xQU1ssNYRW1Q2XLPCY%2BnWiVlVjNLH4PvWu3DUn7ewiFLPFs8sZstWZKsMVmoxQi1K0jbF0byyv0wyYMKYGOEoGr2T1Vad%2FZY%2FLlU7y6SY9PyMhPMEX\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844b8b15685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":577679,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e71c17f2e3bba590266c6a7bda9a01d4","sha1":"b3b5b2ae6e9a77e12a17adbfd01916d4338aad77","sha256":"ff89b640ad332b36420368d51ae0fc8db9dc28c2bba090337a82bab1c8621ba9","sha512":"630d663f6b152845ab85c6e8656f73fb08c863a8ad4714369d29561ffdeef4965cb42ad41514d25c81fc2583a24696a81ba643da7d1934a1c51027795cd11baf","ssdeep":"12288:0aUMnya1gUx/5lncjToP0MDnYtShiV5vstQ7cmgNu:0aUMn3ncjToP0MDnYtSPtQ7cmgNu","tlshash":"b2c4b43278a009bd7c679f82e5e7166e953244cfe3130d69b8b16d2f46601d0ad2ef9c","first_seen":"2025-01-22T15:28:39.126804Z","last_seen":"2026-05-13T13:04:07.305963Z","times_seen":8,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/pubgm_app-icon.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/pubgm_app-icon.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 128735\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1g7Ew8DTJt1OEZBvWP8v1Ce6uFe%2F5ANIpJcbYAdXfLYK46mZOurbNZOzFiKTEc6p4nLAvH83JuQ3RtDQoJ7m5tC1tRAqw1Y%2F75BbRMq2cF2FUcmJF6nkxyUGvUIMVavLbFt0qvG%2Brtvd\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844f90f5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":128735,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit colormap, non-interlaced","md5":"e9f7efc0eeeacf4a12415632abed68c9","sha1":"513ee729c3317a5b01d010cf380281ec6ff85002","sha256":"07fcd49575e786318611dba090748e3c8e0bf472723b1de06d9241d58f7efd3d","sha512":"180205fd7fd6ec4111a7c53a88ef5ced61f784ea1d15e1ba17ec1e272ab2622c21d272121a0c4804f27a3b8765f42c8ae71da1c99a1aa77cdb480d4e1c45f660","ssdeep":"3072:aL/l0xc/ishDD6CpA6Sq/KZXu3b2g9NvVHlMaBUepwvDdu:+OxKisdJCrgKty5Edu","tlshash":"a6c312e07b9c587df6cb84460529083569fb088166d6873c89acf3331ec5f8e6a72b5c","first_seen":"2024-12-07T10:23:52.361372Z","last_seen":"2026-05-13T13:04:07.288401Z","times_seen":22,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/reward/sfr.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/reward/sfr.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 44378\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TZBAumcDdZ%2BWakEre9W1pLu%2By60o0HCxoEeN3KvDSh3jif1ZKg9CCH%2BJwQ2St5FjpB%2BaUrzceVuI%2BNHDE1nj4B7vZHnsWA9y3jEI01FaqXoF%2BqY%2FSYlHY%2FyXgmAHgZX6sGWXzHIkhirH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84519315685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":44378,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced","md5":"9665828be7b6f58c283ec013c85a7c3f","sha1":"2dded3180a150d60de0d738486c3c074429d816c","sha256":"5058d3671ac6a5f186e756d1ad0e1108247df39a03165f42e288ca6442817a65","sha512":"2b0a2877384fd9cb41b33fea33573bf221768acd92f0709446e8b1defcd977fa9bf8a96d72437d5ab2280d743b8605d9134a9d50886164db8ad425e5090e17b0","ssdeep":"768:1i+FXnUCHAdYp1PduhQLs2Drz7J/g6FXbqKRpNViyyK3:sijgdQOK1rF5XbxdVbN3","tlshash":"3f130186b75278ff822396209c7dfe6ac6944539f1ba3b20413e6f28315c52e5cb521e","first_seen":"2024-12-09T16:53:48.094138Z","last_seen":"2026-05-13T13:04:07.224133Z","times_seen":32,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":309,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/disable-devtool@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.479Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/disable-devtool@latest HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 6646\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 0.3.9\r\nx-jsd-version-type: version\r\netag: W/\"4514-YJEJ2C3rDH3T2dISgI3LoFSM49E\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-etou8220132-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\npriority: u=3,i=?0\r\nage: 31359\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S43DfydFOkqt%2FtkQn9nEmfV6svlEq5lqKH2VcZYDqIYpY0R3bQpAvXBb4NJwKndtrqTOVi0lvNdMpQGH0SKeyXN4CagA73Ej3%2F7TmkVvBe8cXyS3os%2F%2Fv%2BK0txNfWtbvlXk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9fb1d847aa8f5684-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17684,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (17663)","md5":"7fa174926682313cc5a067077b0bb22d","sha1":"609109d82deb0c7dd3d9d212808dcba0548ce3d1","sha256":"5a7b9b2c807f85575c9ebc1f508e849b53430870b2d0fb6c02b2de3df661cb63","sha512":"83a593d4b8648b78031259becd96b4c33226e9462c2e26013ee0746ff58a7b710159d0d380d001d7740e9485ee346491c16e3fdb0d334f5b6cfabe6f90cda9b6","ssdeep":"192:m+5ekRvDLCpBK+BpP78nPk6O9ShgzsqcSYV0GtI+uwicvsbIUiJE2KmnyKU:mLiPCvRvT8nPk6cSCzsqGVJeZcsb8S9","tlshash":"0582c4ccb48270715b77a9e9507f454ab23aae96888c8040f13ed8e42c7c56ec267f7d","first_seen":"2025-08-02T03:49:54.562881Z","last_seen":"2026-05-13T14:32:59.64613Z","times_seen":4011,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/js/flaglink.js","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.481Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/js/flaglink.js HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 47851\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sw%2BGhBZK%2F3GTPU8EfgBbzjjof53a6oUQvVJhg%2BNrTX5I%2FgRPVmGVvvT8SqnGC5f4IIydPxGoLwIQbrmcQwuwGzplFfgeimkX4XLeJPfjnsdk43CYzGUUucePAe%2Bw4po5dt9g6vBpXAYQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d847aced5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":320021,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1625), with CRLF line terminators","md5":"a3de47d0c5149149bebc1ed56b6f7188","sha1":"43cdb6fc2a89067836557854b75cfa7f313437c0","sha256":"0348365d4d16c36ac5a1f83f46603b4266fa18902aa1b70c4ba6d5a1ec74e7da","sha512":"68b5ece26e190331743a22f2756f0806e16b8f35fc87e0e330c2d9e6589868be0e3d2dc37175c9aec38f6a02b0eb44532f5963897d46fac6ebdc9619788c1ef7","ssdeep":"3072:Pabuvjtl8VAqI7H+bGwbGKGQjNBmnnYdvw:P37/LebGwbGCi","tlshash":"f364f062d636a717b371b56c42a37dc9d98c6adbc0884cca39fe9b8d0f3d4b2459c118","first_seen":"2025-01-22T15:28:39.269469Z","last_seen":"2026-05-13T13:04:07.265521Z","times_seen":12,"resource_available":true,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/oversea_web/static/media/DINMITTELSCHRIFTSTD.ae4cacf317c4c9c6befd.woff","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /oversea_web/static/media/DINMITTELSCHRIFTSTD.ae4cacf317c4c9c6befd.woff HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 8547534505075415829\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"font/woff","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/4306.fef4861e.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/4306.fef4861e.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 5966\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=v9DvkmT3%2F7tW5LULlj7O8T%2BcNM8hJbuTsuNza9HZAZvO9NESz35g3YYt6jBjBx%2F1b9hSBwkfYkIZzUHpvRUyqUIL%2FECXw4ywxT6Wmqx6PuFFkwcnmwboFITD5oK1cFoqOOZDTcKZyw3O\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84458345685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20939,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20939), with no line terminators","md5":"33d6dbf0fbcb68d9a470f931b689e0e1","sha1":"b4b91fe1c955431473844c67bef0b61cc28611d8","sha256":"b59db49abe4a00e9056980d9df041e16b6766a2d8e6543e0baf2c5cfa0e56404","sha512":"7fb8a4bec3f53606b41aea430b02b2cb470935423ff275d3c89643d0c51cec86ea49e05f93a9b4352f1af39060c9d8e1eef07595371e80162d5c4749e4e2a83e","ssdeep":"192:fL399M79cgKU6CZmxr5PJTF+qHz80R3ck+q28LpB+qumqWv+q2OqWt+q2dxc+qzz:LRQy5H6PKwEHCpSqTq+sLyUH","tlshash":"289209f3c4702819bfeab51d86cb80491648b7cae692ddef62897318c5f129f31052de","first_seen":"2024-10-21T08:04:20.269031Z","last_seen":"2026-05-13T13:04:07.162867Z","times_seen":11,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/tokens.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/tokens.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 29942\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eGRLMsGOSQf%2BgfJ3GSC4QXCjmkzR5ABpVy7v2Fo6vWznfTZMA9NmNcF0uOldn%2FPNfisWvLFN8s%2Ftk3CvMZKMq9LNUswv0kB2U%2BWx051jvqwb1Kh4h06oJZGYyw%2FYO5VYMHF1x%2BLG2q3z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84509265685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":29942,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 135 x 130, 8-bit/color RGBA, non-interlaced","md5":"d02c9d4d558a113e2aebd45c7d8237dc","sha1":"edd72f80a319adf3fec2f3f061c1b82d6bf59aa7","sha256":"7fb8131422bba9cda088005359870721b090dcd043d3cea030367be68c6328a6","sha512":"81fc37e296d450d71c8581bc49d681546fa6e5a32456b9e9463fc97ef9d4013f95476b521b3298c48fca2f93e5b3b1e08050d44e2a40a366c18ff81ce330cacc","ssdeep":"384:d8lsNP0aaonUDdKzrxQFq++i1gPf/DLKnNjSTqSph9WfdNo3pl1U3VieMlgNfWk1:d8+NP46CKYR1gPXW5STvBWFmRaLegNf7","tlshash":"98d2f1421cd2d07e2a4ba7ef8efd337f9a2765710068ead4b299dc1b003724a75e5970","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.191911Z","times_seen":265,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/Hide-Password.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/Hide-Password.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 28029\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=w7mTVYO%2F7ZSNHCUisxq44rFxCUq3%2FR9Uj%2FzVpiLI9V8as3WzZk6t1yTJmh0EAo88mWPs3Xft5loTE41YgBwCwK63EeIwDaK4GbzL3GLN15oeE2b0LwxNkADBws2NHSTy368f%2FAng%2BN4G\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8477c8f5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":28029,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced","md5":"8d1f08b46884df302bf7300fc234832c","sha1":"5735d57b6fa211c400d439095d5ff2f5bb57e691","sha256":"e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7","sha512":"e9e6d2c2f0df932daf50f158bad52c4de66fd403a8400cf9cd25fa48fa8147f65819d722773d9aafdcac5bfa4034f5540f1fe7cfb9b37d97f2a700eb54242a89","ssdeep":"384:bYRVO2zHzAUrJJtUOqhoFiXNm3EhiPCBk5u+z+b1o98PEgkVnRsiT3oCB41+ddD+:kjAsJtUAINcEhgCBk5mI60VRcCaqdC","tlshash":"95c2ae37f3a289f37da653727a64511a14714d094abcb95ce4c9ad12fb7c2e43039b83","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.317976Z","times_seen":910,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/VIP.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.457Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/VIP.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 20891\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Fri, 08 May 2026 16:44:32 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RzTWDvtVFFUwroTKYz70Rj404UeOmmIy1i0mGqyQwbUCbZcplPc%2Fy8Jx3YHyANQZIHqE%2FhBjdyQyYYyUR%2Bcx7We4JTKsIDRHZ4r041LIBhqNtIYO9AJe5jJNftxsHZeT0PUaiR2QGjq%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478ca85685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20891,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 104 x 104, 8-bit/color RGBA, non-interlaced","md5":"10a1e2c12116e382000e49c5feb61887","sha1":"b6fc161ba32217a29419303b5c8f88bf6b60b87f","sha256":"6a345a5e809b334a9042f136309507bc493bdd82ab38b64ae5448d85a13fa12c","sha512":"e3dadf4230e872a1b7f59913f2a67ce2e1550ea6df3062c73172bad57fc64cfb709fc8e18fea2af6d70403c28dd1a8bbe08765ddc91c5e1348f7c03456223b07","ssdeep":"384:KLGnkj2VoPdGTIVECsP1GIhZEEAA+JcZtxLXY9uUhFpG8R2rA9x6dUX3wJcz:KqnkKekIERGIhpZtxLXY9uUh0tUXgJW","tlshash":"e392d0e57db5063cf3701abb6cd39bea162a343293a6c1e961129c5d08c4b617f069ce","first_seen":"2026-05-13T13:00:55.433705Z","last_seen":"2026-05-13T13:04:07.165244Z","times_seen":2,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/pubglogo.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/pubglogo.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 57914\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Fri, 08 May 2026 19:54:44 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0bR306cZnBZza0E0Sd5peM29%2FQ%2FuXeYuWAtXzH4p7TOx8PsyiOZh87G2K%2Fdkl9%2FL72%2FLoOJzJMBgEDj2orGver%2F6z%2F9s7YokIqlpce%2FuYa1j%2BP84ljjoxRwjVqP4%2BOiuml1cqfduH7oN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8479cc55685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":57914,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 761 x 179, 8-bit/color RGBA, non-interlaced","md5":"da680712cf9403c35cbee537f76ce2cb","sha1":"51d01d7ec55679ee919586998488b6cf9f735b11","sha256":"78aeeb1dbd124120dd7dcf83621c9e625461680c9d2df36a6c5c76dc5d5c991a","sha512":"dc869e89df7c21ea16a2cc525269204172febb8c6476131e210f6c46554a3bb761b1a6953f34b54d474674bc61ed952eca39d73ddef1af56574d67ee15fe6b12","ssdeep":"1536:mSrwcoN3h5TLg/OoW0yQlUoRsc5oo5xo5venrkyeuM:O3hFs/OoW05lUoyc5oo5xoIYyfM","tlshash":"d243020991b2591b5a8fab739ec303708139769321490bcce6d2bdcb8e64472df725c3","first_seen":"2026-05-13T13:00:55.434618Z","last_seen":"2026-05-13T13:04:07.213458Z","times_seen":2,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/js/trueid-api.js","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/js/trueid-api.js HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 2536\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\netag: \r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OphZR1MgR77FeAtmBj7DjfgWOTjDm%2FAZBwb1Fq%2BG3%2F4QTave2702zL9v0xlDd83OK7v93YCHRQS2bHuSEYiINeK4EJcG6WAr%2FVBwTA%2FEOnH38iTRy9HKqaD%2FVdVcvv8dpYAkrFfDlMvK\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d847acee5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":10500,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"7d8947ce02e789a387e53a1a1d4937b8","sha1":"8c4e8cf41587570255d1e41aed46d330bd778ff8","sha256":"044e9d140c4be92078f0163517586b801b4bd291e3107c7329aaa0125fd4ea74","sha512":"7bbcdf4bce1443e4fa8048ef9a01347275bb3563578fab4c554115e62c2f6c85a12fab788251a55f99a231e9d0dc9a2a26745b50833fc0a49bf9422a353c998b","ssdeep":"192:6lpzfmBAgF8F25lgp3yrUpQnJK3nYeSWEf1WE6SV3oViRe6ckeykaoBXlWrpLyy0:yKGn3LpQrF1Tn5tm","tlshash":"f722da9978f72072962bb1be4bdf4114b531a097240cdf40bc5c82949fa027a57fabe9","first_seen":"2026-05-13T13:00:55.4356Z","last_seen":"2026-05-13T13:04:07.329145Z","times_seen":2,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/6775.989832d5.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/6775.989832d5.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 21452\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cZfPVk0hRFloHiuVTXIByVWIj643AQymml74m7b0yR60QxL%2B9YDpky9I3WG0Ku%2FdjZrRWl8xqu1SeiWDMqtB9qCeoI9LFuSteWe2pUuWamDTJXLlkeUQ2sHHtGRywAH7ROiyTAlE54G7\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844a8a65685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":193601,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"c2e359a1ecbd54ae957305f4c9f31bf8","sha1":"cea0c2890d72427dec095c6cc3236b26d8544c72","sha256":"dcf9db608641a5727d309b15777175649d84bfc5983466e3e6971981eba8e370","sha512":"c96f872a64d6985dd99f4221baf2bb1a0d558f5cd955c3ce119beef505b8dc6de950d4d4e6f01505632fdccbfcb74767686d5eb748cdad6d66ffbdae78d9425b","ssdeep":"3072:mVj9K9j2f242j2ezuzLznzS0R0y0p00eoedeveeN7NkNnNuUqUXUtUc696u6U6p0:Qj9K9j2f242j2ezuzLznzS0R0y0p00eV","tlshash":"db141b17c4946c39fa7bfa93f5c788ae45348887b7c61aede698644a43d3bf4e107204","first_seen":"2025-01-22T15:28:39.11561Z","last_seen":"2026-05-13T13:04:07.236542Z","times_seen":8,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/ucc.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/ucc.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 30061\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Wed, 06 May 2026 12:30:48 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F53VvWmJIfTzfM%2FLJgUjZqbe4Kg0s%2Bu3ZFNvGFWaKAXATVCkAto0QDjxWiYnIXfN1GTxb4Lk74oRZWr1bc70JQZJ%2BigFazkq%2FJq3faJGPtAPcJpHooO%2F%2BLOv0nMFeeXJyJIoS%2BM1SoJF\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529405685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":30061,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 135 x 130, 8-bit/color RGBA, non-interlaced","md5":"801aa953743f5b70f8c1114904d2b5d2","sha1":"7c19d7c11865cc28e4263af61ab83b77c1068753","sha256":"85a03e31113911d1b5b6b81590b19cc3bf986e3bc5bc02fd0f8009bc0aa55e0a","sha512":"a8b1c780ece5371d03fa4eac9b4b2186645d214f54355dcba0a83922198c7be6d30f9e2ae31c85097e4bbebfdb679cd67262c0febbe44b288152529031676e3c","ssdeep":"768:N50PJeVc8Iyt7fkZsmk6bQDDdwVhhFccYx7f8VVSH:N5pcFldk6cdAfc7fbH","tlshash":"d7d2e0689db80553e31ab378096f37608472b6c0bca51731f7dc6ab393428918f7d2a7","first_seen":"2026-05-13T13:00:55.437544Z","last_seen":"2026-05-13T13:04:07.253935Z","times_seen":2,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/footer-tiktok-white.7743a9ae.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/footer-tiktok-white.7743a9ae.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 2135\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0em%2BbzUG8fyZBjjEKcRE5Uh0gHKnk1WnzCWotwc%2F5jXawY%2FnTYYg%2BD3RgsOfMMy3Q2TwRFihpWN4fLpHewr5WlWLf6fzFHYCOhfRwvQADLFYGO566nnzZ8mqGrk9wzozKPlstu%2B57Qjm\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529555685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2135,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"7743a9aef9d3b6d89f6567e7514036d4","sha1":"08fea638e8c8f7641edaae510c80879686ddeb77","sha256":"f10cdb32b8d7212970310db9166bb421eaea8128f1767604c22001fac1d5aa97","sha512":"3026b3db841167368fee46b289d332712048941536c8d3cad1a57502473c1d377653e3f54507141c4b4e9058e13c2407cdaadd65e38d06152bb16da0863a8c80","ssdeep":"","tlshash":"b6410ac2df97089e0dafdd241df9d59bdd2ef153838a43eae4b8a079bd809495d04c81","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.261009Z","times_seen":353,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/645a464f773db707a6bb361b894fa110.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/645a464f773db707a6bb361b894fa110.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 23 Apr 2024 09:30:43 GMT\r\netag: \"b542114db139d2b6f985ca18bb864659\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 02:29:42 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 1642500180525302025\r\nx-cos-request-id: NjhlODZmOTZfOGRiMjQ4MGJfMTJiMTZfMTljN2I4Y2E=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwMzAyMDkwNjU2MDI3NDA\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2262\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2848938241129365049\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2262,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit colormap, non-interlaced","md5":"b542114db139d2b6f985ca18bb864659","sha1":"b6c7ce74f5f2580cdabfa2a3bf6645440ac508b0","sha256":"fd33134edd9b87828ea71e7ddfefe9c875f88497ed24306d81e21eff4505d368","sha512":"0a5633dc11b34b3f1b03c0fba18fb1d4e07b49393ddd0fccd812a555c37b9fa018220ed387334245741cd9867135fe010be14f264156f6915004d1e47e03903f","ssdeep":"","tlshash":"fd412b482958eee6c2101cb6bea83f3c381cd55e1407e7457ea3ccfa2c411d8aac74e1","first_seen":"2025-01-20T20:50:27.283334Z","last_seen":"2026-05-13T13:04:07.206003Z","times_seen":27,"resource_available":false,"data":null}},"time_used":555,"timings":{"blocked":529,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/a6261977ff0293e3058964c7a2afe32a.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/a6261977ff0293e3058964c7a2afe32a.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:22 GMT\r\netag: \"b31ce4ea3f36b643d879bc775e4b2230\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 15:27:03 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 15071490587419365839\r\nx-cos-request-id: NjZmNDJiYzdfNGJhZjRkMGJfMTYyYWJfN2MyOWQzYQ==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc0NTYzMzA\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2374\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2336822196511531413\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2374,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"b31ce4ea3f36b643d879bc775e4b2230","sha1":"95e1148688e09900f7754747a1e5d0c8e8b6ff08","sha256":"7a5bbae00b4f97b85816835eb0df867db461915f68a1c9bf5db39bbc40b6e11d","sha512":"431738a269c471e9c557893a9e9ccceda588218201b71a71171f2f6ebb4346595ef1cac68bc0ad67c661f22c24a4ed66f8aef974141482100472724e252d9b15","ssdeep":"","tlshash":"f5413b198bd4c75e4ad505302b1bf38d62c9786cb1484f245180f84d2eace031362db9","first_seen":"2025-01-22T15:28:39.226755Z","last_seen":"2026-05-13T13:04:07.316855Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1281,"timings":{"blocked":372,"dns":0,"connect":7,"send":0,"wait":24,"receive":1,"ssl":875},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/2ea90a3caa3f65115931aab51dd00cb5.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/2ea90a3caa3f65115931aab51dd00cb5.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"82d0111247fcd06961845307b01a568f\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 14:15:23 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 5542716294732801677\r\nx-cos-request-id: NjZmNDFhZmJfZDVhZTRkMGJfMTRiYzZfN2I1M2MyMQ==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDgxNTYwMjE\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3424\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 17898082034663365267\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3424,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"82d0111247fcd06961845307b01a568f","sha1":"7d51c376b87fc19fdf4934b1c751b6c179734d56","sha256":"3ff47a5e812df9768d1468fcabf2b74127f5f67a18c46ba917fd5fd96c5f8cab","sha512":"56c7ab6db5b8be78add66604388ff33e059b4365b320e74988362085b2464f3d7b06ba03c8c61e5540010cfad7c142f0ad3a4b3ef9f61539692808f73a4d3e02","ssdeep":"","tlshash":"ee613b7fdb5a686fcad0b5b943913de102857a65303b0414ee27444994ef38ccd9651f","first_seen":"2024-10-30T20:47:39.033258Z","last_seen":"2026-05-13T13:04:07.22676Z","times_seen":18,"resource_available":false,"data":null}},"time_used":565,"timings":{"blocked":482,"dns":0,"connect":0,"send":0,"wait":61,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/googlebtn.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/googlebtn.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 2775\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kmXrrKl4qDXg25cAGTck%2B6Spmc7QI4%2Fr8SL9H%2F4cKG4Xeil4MtVaNTk1RHstwXZPB6syE%2FSJOlIk54xY5ajilJreavDxLKGNRDFd87tWnLOviVIKFuy7DmLHGaN8w5hi4sYHOXkvfaYv\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478cb65685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2775,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"bb07f711725f5105be35ff613045dece","sha1":"cd5003c8d6c86715cfe19485cf8ac8c3eb72d2a9","sha256":"192b586678e57d05d94f8b363c7d3bf4fbb3241e7690ef880f0cd96ff6bd34f8","sha512":"2ae6225fe93d8229d704a6d12a1e028c6a4274993ada82ed723181bdbcfe86d05b90d6d207d87442c95a2de21185fa11d50a0364c0415793262c83af7dd8a93e","ssdeep":"","tlshash":"c7512ce7e7449864c8d73a25f5e26c9e7caf4e912742e00436c2dd36cb6a10a58443d7","first_seen":"2024-08-19T17:03:14.927888Z","last_seen":"2026-05-13T13:04:07.212799Z","times_seen":46,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/oversea_web/static/media/DINMITTELSCHRIFTSTD.a7bfa1ad62bf8ba2fa46.ttf","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /oversea_web/static/media/DINMITTELSCHRIFTSTD.a7bfa1ad62bf8ba2fa46.ttf HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 16466348988034026252\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"font/ttf","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/reward/lenskontul.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/reward/lenskontul.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 25162\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 12 May 2026 21:27:54 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ccIiSvgocAIHze36V3GyNpyGyvcY33DhSci%2Ftl1z7Lo2TQ1UDuRbTxu%2BoAzeIlbezopcGJwtd3h5%2B3TOQoJ6TJfcjfkSBs%2FClNC%2BK4N26iy0cfxe0RAJAiEdMDRs0QQ3VQfClGiss1M3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529445685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":25162,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 480, 8-bit colormap, non-interlaced","md5":"a0e11a7d8eea7811f94578b389e327ff","sha1":"4bfcfe7df3495b2016ac023804f4072c90388afb","sha256":"fa96e5a6b527a55460b2855769eaad1cd9971fdccc74a7d0272309a4ba91a2fc","sha512":"f60e03ff640c17968e07122acd8f1f7ae3f6110671d4ca97acce500a62479c18fca9a4948bf35c32bb027e34f3c8baa53da33e62d84b4014abd618533d45f02c","ssdeep":"384:804Kfqa0jhHoTXn7vWeeAocay5rPERpx5tIg723IA2auivS2bfjDlAK/y:804la0jBorLWyrktIX3JZvSGl/y","tlshash":"3fb2e021dcfb9052cc6f28f4cc169ad706b39c5204264a73dae93b81dc5515fe50be9b","first_seen":"2024-04-16T05:43:22Z","last_seen":"2026-05-13T13:04:07.257241Z","times_seen":32,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/f2e1d34f93ad107cc952b7c66c903bfd.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/f2e1d34f93ad107cc952b7c66c903bfd.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"94a352ea461a1194e6d8c0fd4790e018\"\r\ncontent-type: image/png\r\ndate: Tue, 20 Aug 2024 09:12:47 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 10531465115582882004\r\nx-cos-request-id: NjZjNDVlMGZfN2FmNGQwYl82ZjFiXzM2YmE1NjY=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc3ODMyMjI\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2246\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 7029552351829831411\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2246,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"94a352ea461a1194e6d8c0fd4790e018","sha1":"9e2722de3b50d1e16dcdceaa4730b563345a5678","sha256":"ed290c84e40b717a7f85b4c25ff015758f0b8fe1752cc437f83b36f6914c84ff","sha512":"dae68476055a322964c58e12ca39278aae506898ae0bd58087dc54186e83dc1f3ed647fd5f1b9d9287df70fbb2b58a367ff2a7eba49790625bb891e328b8ded0","ssdeep":"","tlshash":"b1412bd41e4916fcfbf5eaf8138473c924644d2783165e0b08c33681bf99115775ae5a","first_seen":"2025-01-22T15:28:39.238629Z","last_seen":"2026-05-13T13:04:07.283068Z","times_seen":16,"resource_available":false,"data":null}},"time_used":557,"timings":{"blocked":471,"dns":0,"connect":0,"send":0,"wait":83,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/3200.a40b11db.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/3200.a40b11db.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 4088\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Tgv%2Fosq3HNH%2BLPbhuJbj8OQ2yggTVpPsJyamikLqp%2FK2aXFV%2FxQUGjJm9oRu6RL8GfYJsyh5ubiAZy8Maluzkm8ceXmTXR5%2Bljpo7YFlSmdw1690gxrYo8bZnO3T1FqKt71GhH9KQHay\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84488705685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":19866,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19866), with no line terminators","md5":"91e63ec78d30f8f9b63a38292d837e2a","sha1":"b8938a50e7bfd5e41a1b86f006b4de0933026e4a","sha256":"1085776e0296c9eb83650a1fc60fe43e19a2e300f1ad99edd20dd1d4d4cd4410","sha512":"6eac60b4c43252f36c316661f48ace8cf6737b88a96e2c5aeee7a76e9fb17bce4a8fd9de54d91816a9ba9a78395bf7b371252d907667ef31139d30411199984d","ssdeep":"192:nmUJbiKnePkyVkQa+SZc2NPfh2nx+osD3nsCVrSKHH+fvUkjCiqltN9ltN9u99tj:mUbeMokQa+12lMnx+m","tlshash":"239231a553803046552bcf66cba89670d8624dd1a283ecba74906e54d2f3efcf34e13d","first_seen":"2024-10-30T20:47:39.619968Z","last_seen":"2026-05-13T13:04:07.302004Z","times_seen":9,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/css/flaglink.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/css/flaglink.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 2135\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 09:01:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KZGRUaXwivfFjTMo%2FVX6a2ynN%2FlL0n8rRdM3TxloWqoAzdWA2HWWA4SEA7O6sEcV5w9JBSajwdz4WaskTnzDwc%2FnGtuIgXKeXDdFsdWsOBSPmuzO0SaP25DrXXZ8aEJiT3Re6xUOqZGR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844c8d45685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":14690,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14690), with no line terminators","md5":"958e119c09a94281c86f41edbc55e353","sha1":"e9f9710dbc493154a5ba6f674cce2b0c951f5df6","sha256":"27b19ce922bc8af7755cbd1cc6bdd1e60d7acfaf31c27bfd1d15e9dfa5e92eff","sha512":"488179055782b84126852de985208ca8d9015a81452d9c3c35087a6c73ab9d8952119de92f0941e4c1b2b7e6877b65a934560bf20dc829c3c00a402e03881092","ssdeep":"96:IqolNwKMs4aqDKsLyXvqcGc1QV5BXNGAXp1ewSkYFNgGP7WWNBU:8wKj6DKsLyXvfzm1XNGA5IwwDxpNm","tlshash":"4b6218558bf3342afa23d56261b00e85b33ea007d43a4f3c6d19bf6963417e519e3a72","first_seen":"2024-04-05T19:37:46Z","last_seen":"2026-05-13T13:04:07.267157Z","times_seen":99,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/uz.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/uz.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 610\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 06:59:41 GMT\r\nlast-modified: Sun, 10 May 2026 19:42:11 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zKxVM0JmuPuqky42KRH0ioZTu9QkX4gzuOOIzSX%2BcK%2FTtipiWFosuyBpCGZHctweXh7O78tUK6WncsL5nl4OK7l2Gg0pOhbuckNRoLDdCx9lEKVjExD6U34EQxwfbiw9Y0Cg0kxiNiFV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844e8f75685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":610,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 24, 8-bit/color RGBA, non-interlaced","md5":"70b2cfe5bc0999f01624f68c2cf2a71a","sha1":"3a71be3843dab301005b240db1f068314841eae0","sha256":"1233d51cd7d6d16196752036f58afa23d76d68bb20ee169a02df4714a56706ef","sha512":"ba7a5eb683f54a2ef4e42455b8c4110e34eb4538bbf1fea1b5083ef86772610cb8c9bdef85ba84cdf0999124214831d05de2abeb4b3ab1edbc320bda121e0c1c","ssdeep":"","tlshash":"05f062ec60ccac824fea4c615b0a6885a9877a110291cb495f98492b0a60940f305b4c","first_seen":"2023-12-20T21:56:47Z","last_seen":"2026-05-13T13:04:07.252986Z","times_seen":7,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/main.4e01e1c8.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/main.4e01e1c8.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 233577\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B4yzh7%2FrDQMC1aAI34ukEYCsdC6JQ4%2FPnf%2F762zYqC4gaGwjeKOMycB5JULlYv6nkTcLTMpkKLQOPeDc7mtcyfY1CJsZgzrzTi5ibg91in3b8OrEtA6IXmrPts2jK11mH6eNJPGlp7zT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8441fde5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":479902,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3dc13006299065c02fd22ab121e99b73","sha1":"28c69b1e43648b1a751a05547468f31392e7c236","sha256":"c820d9719b1436ee4ae91019d9647ba342b3e75909bc181cefdd2d292eb26786","sha512":"3aef10e62bf5749a140e43499348a0794f9eef86cbfded05d562e195cab88ebfbb1096b3d56fd8d9f2a8215e4d04f2019a7794fe8c9b7932a6402ef153f03bbe","ssdeep":"6144:5fAlmM3L+esj9nC5N9fZ/rFZsUEmr7VnSN08uezJACuYY/UXT+L0P:CAE+MZ/bsUXhSNZdX6L0P","tlshash":"b0a47cb1698916cdba174f3fea16683e6d1eb4ff7b4084ce5c9d36e4d322151890acb0","first_seen":"2025-01-22T15:28:39.162709Z","last_seen":"2026-05-13T13:04:07.227969Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1618,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":1038,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/css/link.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/css/link.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 1244\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CE0WwvolvRPrsb0YAL7RVrOAYxgYm1HaNzS9CYKBKqoAXNEQAYF5NVNYIO69ie%2Bg%2BrLRXrrAuiQTjEW24kJSkw%2BpV8gpKphCxBBCRNsBovYd9UMncwyP2Uk9v2qysFc0ozo9fZzW0vJl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844c8ce5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5918,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"b6503d3266f8e98ba08dc7d473d32a51","sha1":"37296ba91057307deff523337a89e819f6c2abb4","sha256":"2aff1a358bdb843cef1cc144f400956a9934a9c7d98107382925e9c862614b2e","sha512":"e601b98497c968c3fc8b391e598f10ccc6ef095d8e19ada8a2e3b4b53dccee7a29550926561f6c8f331f04ff023ca793fcf962342d535cc369c3fd1de195b77c","ssdeep":"96:uX3dyH7T1dKOLIDsyIDpIDlISwIDxYBZlqf6J90JqmEFtOUFkJt:kNg7BrosE6300VFtnFkJt","tlshash":"4ac1ff233b111c49f006dcd9fb5abf69a70f6423964f8e67f990791ccec51a403a2a8d","first_seen":"2026-01-03T19:33:29.7983Z","last_seen":"2026-05-13T13:04:07.260007Z","times_seen":15,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/29cf13fc540e0c2c10422541aefee49b.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/29cf13fc540e0c2c10422541aefee49b.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:22 GMT\r\netag: \"717de2603d3013e3d04b14c96a9e6416\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 14:36:36 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 4929961802656818551\r\nx-cos-request-id: NjZmNDFmZjRfZjgxNTc5MWVfMjE5NWVfN2MyY2M5Mw==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDcyODk4MzI\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 4302\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2019661461603148154\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4302,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"717de2603d3013e3d04b14c96a9e6416","sha1":"0a14a050a27cd9377137a9bab6724e88ba120256","sha256":"049539eb341317fa886955f7073079c9f92d1abe4f92b87d942c00d46332fa30","sha512":"bf9bc3f2b82cf63c44e160dce011da3d7c870e63aba1c5948b68e75b6bc8fe99aa1b945f7905718ff9142f6f6530c832ad553a676e0390500d4ba62906bdb87f","ssdeep":"96:P1GuxPpoQyy141hzVdx8I3z9a6x3u2WqRvVGRdT/5tSgFm2G:dRoQf6zVzJjDpuYRvVAtSJ","tlshash":"99912a10363e1b32614ef2253a347d586699108ca72f89919b28e679432e3b270d23eb","first_seen":"2025-01-22T15:28:39.177866Z","last_seen":"2026-05-13T13:04:07.335585Z","times_seen":16,"resource_available":false,"data":null}},"time_used":544,"timings":{"blocked":460,"dns":0,"connect":0,"send":0,"wait":58,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/popup-close2.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/popup-close2.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 358\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7DWgrWkPzyZ5g3K249JAL7V4nJ5MFKMlNYEt5nbYvCrLDY4qanVsrMhHDySzFwV2rZ6dLukaTYKUQjwDw0y7Ll7%2F049el03BNRwN7mqd1hGaiSMF21Espil2JHn0CuC1t1xQhyHz6LKY\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8479cce5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":358,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 31, 8-bit colormap, non-interlaced","md5":"14f983708ddeb2052c1756e3d79f7031","sha1":"56d439d66495faa3a784b161d044f6edb853f8ac","sha256":"47b6e3288d9def65b44f0ac0ea8a5e45cc77aa1b934b85aab003cd9076e1ab1c","sha512":"b5a24dd03566529fa2488801cbaa125fd3b2ad9e4806bfa60af5de0c36550d65a6e902cd444f03ea161ed8350cdfaec376e29b53d702cb8025013e8072445fc9","ssdeep":"","tlshash":"43e060818cdafdfc872dc8f2c3ba68d83808a8211708008b40c49d3ecdbd0428121f80","first_seen":"2024-03-01T19:08:45Z","last_seen":"2026-05-13T13:04:07.310876Z","times_seen":162,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/1.7de7e446.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:14.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/1.7de7e446.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 72408\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:32 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bdNOQ8nOSOQDt7HRTQ4mtocrSz3fOu%2BKFMyGI5Oc50zVt27iuttiVQ8Fil7y%2FXRFwEfNZWPUpoYgC0eSQCVu%2BfAH2kYdgpkXg3Bmbc3gvH8MPN3SlDHKB1LYYSHRBrd6h9dFD%2FcbgFRw\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84f2dd75685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":72408,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 700 x 136, 8-bit/color RGBA, non-interlaced","md5":"7de7e446e750809ad1d2af42909c5f80","sha1":"720b8ef8268157d5c9471f723f50cc033836def3","sha256":"3944c9d1283515e1cdcac98147a4d72695f406415736db82c0bbebe04c047eb4","sha512":"0d2a8ba04b3b26f33dbfee94c84359c872b9dcd6318791cb49d32d566cdd8f6b00d1eb4eb1905a1110346b0dbcde567338dce806219f73264262b6fdf9f9fc82","ssdeep":"1536:6PdJXQHkEmJkXA0vg/w53b7EumSBFkXC7RTQ9z7ACQH/M4:6XAHkoXX6umSF7RTQt7A/H/V","tlshash":"8663124d4f49d965884cc78f98ab38e5e92fea82365727df105c0462163d80b3abf2f5","first_seen":"2024-09-19T21:41:24.067631Z","last_seen":"2026-05-13T13:04:07.321946Z","times_seen":11,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/fonts/DINMITTELSCHRIFTSTD.ae4cacf317c4c9c6befd.woff","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:14.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/fonts/DINMITTELSCHRIFTSTD.ae4cacf317c4c9c6befd.woff HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:14 GMT\r\ncontent-type: font/woff\r\ncontent-length: 24996\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:26:04 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=918E09IT58vsc3Wa9Gg1NHgaF3IiEExFiO4kFo5PqPR21yiyALp11RONgtscO8hm%2BoTOyoZUQN1paeTCFxqENqeXV0Fw3ihtllU2q34VTqNET%2Fl5N%2Fjv2kr90ZXCP7gdE9qjy%2BoS430Z\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84f4df05685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":24996,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 24996, version 1.40","md5":"2018d35e708e07985693c6bc12a59861","sha1":"12faf69d54217b30d4458fffad689e758b8a91c6","sha256":"c2293fa86d99d0f1f06b2ac7f85ae0517e4a3bacfd9946de7b012f04aa2d831c","sha512":"5f80cb586d6a9c04f1f3e550283694d99fdb98bd37298dcddf94b1add4da93dfa315d123cf6527fd051a012fd38c0f9f642f707ce9f914c5a7075747be7fc42d","ssdeep":"384:HsmgD0cC1mO9aJlKA9BsPsjL+baPkl5kaa4t6+ECn9CWDBZ1hZXjhY4ev+Vmn:MmLmHJlxuPl/FT1DXjhE8mn","tlshash":"6db2e16940090d26c0722a71d3b293d8774053aee2d60eeb86790d6eddecd933c79eb5","first_seen":"2023-04-10T08:44:25Z","last_seen":"2026-05-13T13:04:07.227333Z","times_seen":461,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/41b77362b3230cc91ee4e0488822b329.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/41b77362b3230cc91ee4e0488822b329.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"81ede4eb8eb2b3db641f1cbd2f60a87f\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 14:21:20 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 4926685711299190850\r\nx-cos-request-id: NjZmNDFjNjBfMjZiMjRkMGJfMWNjZTFfN2MzZmJkNA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDgyMDMyNTg\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3278\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9258357576327222488\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3278,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"81ede4eb8eb2b3db641f1cbd2f60a87f","sha1":"220bc6235c5c923cd4f1c870331ea28e82766ee0","sha256":"58718916319e2074574e584d9e0053fb19b62f7571ca2b91d4151c124074b34e","sha512":"73b4b102a75e4ad00735ce4440d0678091dc419eb37d82cd9958a83a5a6ac4bb28c8da4861e90d3795b1f65f37f6adcabbdfd3af4d93645004ecbaa37ddb9fd3","ssdeep":"","tlshash":"9b612cf9154ed33b2daf9e30513d31b3b65152b8954f544e2a8c438255b081e9cd8058","first_seen":"2024-10-30T20:47:39.057375Z","last_seen":"2026-05-13T13:04:07.224725Z","times_seen":18,"resource_available":false,"data":null}},"time_used":554,"timings":{"blocked":469,"dns":0,"connect":0,"send":0,"wait":82,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/public/c92763068a5478ebdc393cd4f562e8a0.jpg","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.177Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /public/c92763068a5478ebdc393cd4f562e8a0.jpg HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 07 Oct 2023 08:18:41 GMT\r\netag: \"b1ef3a4c526fab33ff2d61e70691b5c3\"\r\ncontent-type: image/jpeg\r\ndate: Tue, 20 Aug 2024 09:12:47 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 1838305195991445584\r\nx-cos-request-id: NjZjNDVlMGZfZDllZjc4MGJfMjE2ZDhfMzcwODcxMQ==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNDc0MDY5ODc2MzM5OTk\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3160\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 8134467342144666479\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3160,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 96x64, components 3","md5":"b1ef3a4c526fab33ff2d61e70691b5c3","sha1":"8c45f00e9ebd183e98e4aba34afb9fbac36fc5fb","sha256":"9b317e8849ef1840d10379afa7a9541a6aafaa6ad1f3d97e97051ed0ae59cadb","sha512":"c2199fba35c8f7746eca59e6fda0a705ca37966ea8faa25e34aaf697833fd4a115fb021e91a1cd1fcbe325b92cceaffd2b4f5d43f32f2ccb0f71db7cfc793661","ssdeep":"","tlshash":"7a51f94bf9625b03d600d27624f786375b6852c0ed63e06cb4bdd81beca10f99a627d1","first_seen":"2025-01-22T15:28:39.172827Z","last_seen":"2026-05-13T13:04:07.211741Z","times_seen":16,"resource_available":false,"data":null}},"time_used":539,"timings":{"blocked":457,"dns":0,"connect":0,"send":0,"wait":80,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/midasLogo.dccd1c37.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/midasLogo.dccd1c37.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 5509\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Fri, 08 May 2026 22:39:53 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I4SiTUaeUVKF1GNqdpBmEtyHpTlmk65PAdPqEN%2BLLDDyRUFb3EwUb6R5b%2FJN9krGsrhS%2BH6xtzdLjlPcZnT0h3h22WaLJ0kl16sDMuFIMaLkm7kkLLgAmqb1qCuVymN39zlTuxlB%2FKMS\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8478cba5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5509,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 243 x 52, 8-bit/color RGBA, non-interlaced","md5":"dccd1c37642849801dd514bc9bd2bc30","sha1":"f1ff2d55663a8f7924ac4f4e067471a0ef6cceb9","sha256":"e60c984b6a348c723b94a2d0db2cc30b2e6677974d8ec5f4314bd0b98a8259fc","sha512":"97ffea5d7f3bfe0f05e111f481ac6261cf67a40e3ddbd595d410953f440629fec930ede06b8638304de310b1fc9bb163c167dde24f1f79ce0bae710f9a991ce7","ssdeep":"96:3fBSBOkkpM9oswGUVOaKXI0gnRvMqFfXw1CceIlu9H3HXLQaaOMrPKnUzlY+8an9:3fBS4m29VOaAIrhXwgceIlE3L58cUzl1","tlshash":"24b19e21b8f0982e2f1ab8df4ef5226a6434d8624931641255b863ca4e614c7d5fb71f","first_seen":"2024-10-04T10:55:06.179656Z","last_seen":"2026-05-13T13:04:07.254694Z","times_seen":12,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/cdn-cgi/rum?","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 675\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":675,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"https://pubg-events.maxstoday.com/\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":2512,\"startTime\":1778677212170,\"versions\":{\"fl\":\"2024.11.0\",\"js\":\"2026.2.0\",\"timings\":2},\"pageloadId\":\"212c9646-7dec-4271-a8c6-a8f5a33154c1\",\"location\":\"https://kweoywum.fortoday.asia/54qzQhZJ/\",\"nt\":\"navigate\",\"timingsV2\":{\"nextHopProtocol\":\"\",\"domainLookupStart\":0,\"domainLookupEnd\":0,\"connectStart\":0,\"connectEnd\":0,\"requestStart\":0,\"responseStart\":0,\"responseEnd\":572,\"domInteractive\":3120,\"domComplete\":3495,\"loadEventStart\":3495,\"loadEventEnd\":3495,\"transferSize\":0,\"decodedBodySize\":0},\"siteToken\":\"de2aafdb2ac5404a99f4c849027f408f\",\"st\":2}"}},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YJvpkHYXrBF7%2Bx7QhcVyc5E4uv%2Fg95FsSgxHrPQH6WZNQJT65RSHpmYmm3Tj5%2BZaUmPIHG52KIw67Ut%2Bp7PXnTcooSdPUUFhtgTNAHZAQjrkg60y5UEyYOID4lU1pqco%2FPbae12oPMux\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 9fb1d8560e695685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":151,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"45efc4779b2e6b43ed200755328af518","sha1":"badb6097a3c8fad00517f38352ba72b9f7b6637b","sha256":"d66dd0f2f24c4343661a5396e1ba76782fe651f7d422209eded956ebf90900fc","sha512":"862ceb668672d90ed3da9419ca69bf0214b5c34dec2353fea792a75fb1c0c2e5fd54e6e56cf1e9d4d60c4eaa7d98411f5cb5e128be2661d9bbd084d0dbd085e0","ssdeep":"","tlshash":"a1c02b3d35637e0c8563303522c3b190d0c6833774ba00220500c00330cb2e9cac33d7","first_seen":"2023-09-18T10:37:28Z","last_seen":"2026-05-13T15:32:10.402643Z","times_seen":16456,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/shapedisc.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.042Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/shapedisc.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 2654\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sy4m9wcTRKbwOM%2B8DarNgwD7uRpETKwaz9mRlGFyPhi7or5TwTSn5%2BBodoF8e3gDZrqeiB1CuMhKcVqqWR7mG9UbvfHkM0TMS6tdy8oVDCajnuM8innOOFEmiyG%2BX%2FNaPW1V1DxwtviR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84509295685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2654,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 96, 8-bit/color RGBA, non-interlaced","md5":"3fbb4d016bd3a7e7deb7716bcc3cb5e4","sha1":"b5013c5ad4599438d1e9ce89a26c2a7ced31270f","sha256":"83aef7db7b1f536a9355fa29b6a4f64dde789962db28148bcacbb35575987993","sha512":"2b6e14d7b9d799dbad11a56fcc75dc5d20e4f08a2c2a863168137be193bc2c62d39dd1f61c40af4d740f3eff2c92b3d695d8daffd3dc212ced9b4766b0fe3c74","ssdeep":"","tlshash":"ac51f9d4fcc934f9120594662747d394203382dad14334ae299956d8e869c2fcf52e44","first_seen":"2025-01-22T15:28:39.035402Z","last_seen":"2026-05-13T13:04:07.262352Z","times_seen":12,"resource_available":false,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"site-assets.fontawesome.com/releases/v6.1.1/css/all.css","fqdn":"site-assets.fontawesome.com","domain":"fontawesome.com","tld":"com"},"ip":{"addr":"104.18.40.68","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fontawesome.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 21:57:31 GMT","end":"Wed, 15 Jul 2026 22:57:28 GMT"},"fingerprint":{"sha1":"AF:65:F8:6C:70:82:CB:7C:3C:AD:4D:54:65:50:3B:13:F0:3A:0B:2E","sha256":"2A:78:5B:B0:CC:FA:C9:8B:51:86:B1:FA:62:ED:C7:B8:BC:18:15:3D:91:FC:87:53:9E:E0:AF:8C:08:D1:17:2F"}}},"request":{"raw":"GET /releases/v6.1.1/css/all.css HTTP/1.1\r\nHost: site-assets.fontawesome.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/plain\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9fb1d8456c052efa-OSL\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":13,"dns":63,"connect":2,"send":0,"wait":9,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/C8li6p0k.jpg","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/C8li6p0k.jpg HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 153147\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hWaKBj9m5QjYX%2BnEAXt04MTOvK7d4Bp%2FB96KgxoTgisHJaBW0KXMJYL8rpEt9MjG%2BpOuHOkiIlrurUwRxshcX%2BIFw9S6R%2Bsg5i%2F7Xjug1ptbxcCHqXvW1J5%2Bfc3dLZXjr%2FuTOATE06OO\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844f8fa5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":153147,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, progressive, precision 8, 1920x244, components 3","md5":"9bed2e927deee4a34da9aa87e94badec","sha1":"386700ccd9d3407ce9ac0df19a520a15769ee0e0","sha256":"b2cc518cc0f0b07baacded3e0cf6ea52f5ead9faab7b67882edae3fe7e1c8796","sha512":"c7f5d9db551b0339c11139dc3573ad64f07c5c212c14f94686d9556032f7424b05672e545827022e92d3d47c7e0f4e018edf993bd56f177c99c5d127aa1dcb5f","ssdeep":"3072:47/yV2h7JKSr2mHx31kVxW7oX89eCfrqPAjmpdJ0W9yRdBztI1//eo9A:u/yQhtKY2mRymkXCjqPbJyRdBztO//pW","tlshash":"bee3121fc9068192caa6c0beb5ecb78143082bbf550d2c573f6b897a36514e4f5a34a9","first_seen":"2026-04-26T02:12:57.136674Z","last_seen":"2026-05-13T13:04:07.176808Z","times_seen":8,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/SJ1dr284.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/SJ1dr284.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 276748\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h639Rn5SPjh8WH73gMuPrhmM7VmhMBZSPkk11Sl8dSsptdSBdzYy6Zsdb0msSqDyMHZ0XMjgmpBacPFQMrhc9a07UCP6UyD8LwjAJzsL1MDL64ueUGFJiw73%2FTu4e8a6v8VcWHkVrd1e\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844f9075685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276748,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1122 x 488, 8-bit/color RGBA, non-interlaced","md5":"1802f4b12cda8a9d358f2978c7df54c7","sha1":"50f526502847b33799b95ac24426a0c2673bcd4b","sha256":"37d33673c157cb361b368fdb7e3f979426f64ecebd01e21aeb8b580d0fde8f37","sha512":"b7278ee16a4a4a022be9729baa1393fe351a59dc08a68a65c2920383f891c950b3649ee3067849e795c3a79c4bc0262e5ffdcfe0d911179f75a3b4ed2857f221","ssdeep":"6144:+GGTOOWwcSuOL6S3lShzn8CCon0ubDvI5AyH4/x9alnBzPeZz:+py9NRW69N8CClubDw5AyYEBzPu","tlshash":"f3442390e859a9f7cb42e9f7ccc941b43121821ece532445d9cfcf2b4e015ab9eb2e25","first_seen":"2026-04-26T02:12:57.027965Z","last_seen":"2026-05-13T13:04:07.33297Z","times_seen":8,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/0a1b4dfa75b238ba484ddbcd009d0cdb.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/0a1b4dfa75b238ba484ddbcd009d0cdb.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"25a17b47e2b88c8e7a99224def3543cf\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 03:36:04 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 17448377255871127783\r\nx-cos-request-id: NjhlODdmMjRfZTgwZTc5MWVfMmQ0ZGRfMTlmY2YyZTg=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc5NTg0MTI\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3554\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 18021649860325242293\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3554,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"25a17b47e2b88c8e7a99224def3543cf","sha1":"002fceefa2fb7b4bac37629836f405f3ba721a66","sha256":"be302378bc3a5447e76b46908e654df7a6e0da64b0eecee2279d32cac26322b0","sha512":"491bb066800bd52a14e0d3baacc969a5c6e4881df4bc78c0be2f748d0b97cfedbdf75968a590cdd29acde16160f822c4d4f2cbb9284fc4daaeb49d2a9e846c0b","ssdeep":"","tlshash":"49715ead7b1443d9b557fc6626c4dfc272804f1979305bbec21d86bd7448e296c084d9","first_seen":"2024-10-30T20:47:39.067833Z","last_seen":"2026-05-13T13:04:07.333851Z","times_seen":18,"resource_available":false,"data":null}},"time_used":584,"timings":{"blocked":503,"dns":0,"connect":0,"send":0,"wait":79,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/bg-notification.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:14.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/bg-notification.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 124372\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:32 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CD5tSVq9cEALqdLqTMSqhv3OLUnprQcc4oogbh%2BwpER%2FYiuk95dERztpyQxIu6h3aWNGqFzzVeh4LOlKPlgrjBwX1kUIvHOlgt315a6LVWQXhyTEoizMDhhpIyH0V4bwxng0mnomM9Ol\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84f1dce5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":124372,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 670 x 140, 8-bit/color RGBA, non-interlaced","md5":"be262ff31cda4e8bbd0b3198ad0bdaa0","sha1":"d34ff5a170b84318462b5371caf31841115668a5","sha256":"610c96e440aa0fe3a00fee4652e344d5dd1f06ebc45ed10c3b12fffc18c17f2b","sha512":"df3449396cad0b8a2a973b20e04760a7d894ad41dea8da52e5d44dd12e20e81fe561d3e3142f14e66f523d37481ff31f836382b0c8835bfffbea44f1dc7af184","ssdeep":"3072:SD5bkbMjk0ih7YMQ3jSHKdnWQxspb7WM8VDxnxjcaAVQCk8f4F8IVmQ7tB:SNIbOkWjSqAF7JgxfYQlg887QBB","tlshash":"3cc31212fa4ce09eee00365ec7f796b4d0260db715bb4abfc8d830d29d468e57943652","first_seen":"2024-02-28T01:08:41Z","last_seen":"2026-05-13T13:04:07.247862Z","times_seen":31,"resource_available":false,"data":null}},"time_used":809,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":573,"receive":236,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/login.1b93034a.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.935Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/login.1b93034a.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 24487\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=d0uA3xjeY1zaB9aZcdQ2yQdrnbUuP%2BmiCchPMoZtWxxhSvEzZO6DSaFiHtks4jMILfpha%2FmdWAE3jN6fzpKvTLqEvd8nEca6UDvH3b%2FDwYeOXpdEb6GFAKPUBleBs6sQPQZqATzMGP69\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84478695685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":104765,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7c5646a2ad9d33f915eea7b1eb2ea9c3","sha1":"603ad6ad6602f602c3c4e17c8f181fd1016a755b","sha256":"118399449d4d66cecf8920fd06d5fb023bf4ce2d4265efbecea6c201f45fd079","sha512":"e340d6ac83eb8c8b77a8e1775367d92e6abd78fd54164391dacd314cfccfce9e4a473b65b4af4bf394ecdd88df0873d90f4c0de1868dd0859d8b0a6d99a04127","ssdeep":"768:PIbZb8gn/zxoI+Q1TG3eFurfGxYrqvGe1T0/37U+urqo7sGm6hHLPckLcsR8NxRp:PBg5FuDGGrM0/3+LlM0e9","tlshash":"7ea319a5a6b4bc5cb86b5d36e3dc569d3a04c8c764a20ebff640b27588c7edd2321304","first_seen":"2026-04-26T02:12:57.087467Z","last_seen":"2026-05-13T13:04:07.231002Z","times_seen":5,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/6437.a65425a1.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/6437.a65425a1.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 7209\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LUD2gMbvCqaodM6m8jAC7KgHSipqEqWsL1VFxirQ8HU%2BUoCMcC3pbkRXIpC5FyR6EqLYmdB2PaAYK5uKQ01K2ObaXL1HIT0sHmuZHY7Z24ZF6i3RHE7AYbGl6jQj4Cvw7gZ0MFJZl%2Byj\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844a8a05685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":27949,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27949), with no line terminators","md5":"c6f0c895f2f6edda845448d1f16160b6","sha1":"f88181a3a500a9be1889ef6117cd2bbb18d000fc","sha256":"775365cc307ca258ada710bf886b3daaf5d048a79c9291a88d225de4c8bdaf4b","sha512":"acc4c78da2ebd643ad9192041a306b6ed666f6d512e315075bb66af7d0b100ece1212aa7bc43f8d62429b54b9f47920ef0cc8bd9c82f7d9265617c3a7478e5ad","ssdeep":"384:HEdMyoraQDhlwEHCpSqTq+7SCvOOcmF1MausVApgvNd0smy27Ne:Vi9qzCvOOcmg/sVApgvNd0smy27Ne","tlshash":"82c2b62fb4623dbc617ee886d9628cfbb504c9026cd6c559d4982ae64b430bf31d73b4","first_seen":"2025-01-22T15:28:39.102178Z","last_seen":"2026-05-13T13:04:07.175468Z","times_seen":8,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.11.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 03 May 2026 06:14:57 GMT","end":"Sat, 01 Aug 2026 07:14:54 GMT"},"fingerprint":{"sha1":"87:39:8B:D4:F5:C1:CE:D2:17:B0:DA:A6:93:21:38:E7:CA:4B:7E:2A","sha256":"22:95:0A:F1:20:E2:D1:60:17:3F:96:BF:26:3A:90:BA:38:84:38:04:30:52:7D:AE:EA:74:8D:58:1E:F7:C7:0B"}}},"request":{"raw":"GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 May 2026 13:00:12 GMT\r\ncontent-type: text/css; charset=utf-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"269550530cc127b6aa5a35925a7de6ce\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:55 GMT\r\ncdn-cachedat: 08/01/2025 14:01:18\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1334\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: b0538b380dc7ddf8a39643be5721b1c8\r\ncdn-cache: HIT\r\nage: 2444683\r\ncf-cache-status: HIT\r\ncf-ray: 9fb1d84518e4c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31000,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-05-13T15:32:23.452353Z","times_seen":269102,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":3,"send":0,"wait":8,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/midasLogo.dccd1c37.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/midasLogo.dccd1c37.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 5509\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D27uP4LRrYt8SIvB7YtsODaJHnAhHipTECBHp%2Fj6ykBMx3YWgvgXRznBTiACoIA%2BJEsg8g%2FCgDluyysrQxpAhyshetnq1WDugXC3TdXLRQWdZrYBsSdjjzqsa%2FIB5GgkOzCVY%2F253KES\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844e8f55685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":5509,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 243 x 52, 8-bit/color RGBA, non-interlaced","md5":"dccd1c37642849801dd514bc9bd2bc30","sha1":"f1ff2d55663a8f7924ac4f4e067471a0ef6cceb9","sha256":"e60c984b6a348c723b94a2d0db2cc30b2e6677974d8ec5f4314bd0b98a8259fc","sha512":"97ffea5d7f3bfe0f05e111f481ac6261cf67a40e3ddbd595d410953f440629fec930ede06b8638304de310b1fc9bb163c167dde24f1f79ce0bae710f9a991ce7","ssdeep":"96:3fBSBOkkpM9oswGUVOaKXI0gnRvMqFfXw1CceIlu9H3HXLQaaOMrPKnUzlY+8an9:3fBS4m29VOaAIrhXwgceIlE3L58cUzl1","tlshash":"24b19e21b8f0982e2f1ab8df4ef5226a6434d8624931641255b863ca4e614c7d5fb71f","first_seen":"2024-10-04T10:55:06.179656Z","last_seen":"2026-05-13T13:04:07.254694Z","times_seen":12,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/twitter.80d9b5e6.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/twitter.80d9b5e6.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 2167\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R4FWA136kNVuJNwVvCgmUSjIjXZ%2Bs6sU%2BjPrAZhoq9XarrNaB026IbrY8MxYYn1ALZF395%2BY0WDRsh44u7XQXaG7bdN3SGoaBpCxqAQnmTOBiv6TSQKvpBQiXnc%2BJINExNmCsra7k2%2BM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d845294c5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2167,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"80d9b5e608e0427576ce2f7d56d0a592","sha1":"4c1ce1d06cb6b2b3d4cca8636b14e109bc500d50","sha256":"cfcb8009151ebab2ac10399ffa57e2724834ad374e720e77e5c0900e21ed6fde","sha512":"2c677a5bfdb03ca9fa18cd81ea331aa1e93330f4e680e13aa65d03f97c5a689d6556e0aa1af613521f6e8f11b23e21367ad60a7e73a68038b1be043d132435a8","ssdeep":"","tlshash":"5e413cd67bba1c7b87b69236455a0921ab70d251932cf0200c5cedf31d4481092caddb","first_seen":"2024-02-22T16:27:48Z","last_seen":"2026-05-13T13:04:07.247317Z","times_seen":174,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":384,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/c6694223f15f72bc9598ac3162376fb5.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/c6694223f15f72bc9598ac3162376fb5.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"5d49765c2a76884ccb2fe5bf478dee9b\"\r\ncontent-type: image/png\r\ndate: Wed, 02 Apr 2025 12:44:49 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 8814007657777746047\r\nx-cos-request-id: NjdlZDMxNDFfODY3NWI3MDlfYzkwNl9kMWYwZTc5\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDgwMDgxODQ\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3717\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14562440757620829826\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3717,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"5d49765c2a76884ccb2fe5bf478dee9b","sha1":"5319ba1426411a80fdd3e63a682fcb97e12d6ec4","sha256":"3dea9a73cd732f132543ac86091bd8f81bdbf4a96eb394e0e2018d9600305a05","sha512":"6fbfb3e8f8b7e5ceb84cae02203fb4f6d35f5fddbdcf7124296d56373892580b1dffde03757f302ca3bc48e3949687a3f3b3358c7dd9cc7eddf490a901fcfd34","ssdeep":"","tlshash":"d4718e25a5c0d564e0b4dc2c3c94e36bfd6430d53331ba214b0816f8283588772d7762","first_seen":"2024-10-30T20:47:39.053962Z","last_seen":"2026-05-13T13:04:07.281693Z","times_seen":18,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":502,"dns":0,"connect":0,"send":0,"wait":79,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/1462f1e033d3e26ced00bfbf97e5086f.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/1462f1e033d3e26ced00bfbf97e5086f.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:22 GMT\r\netag: \"f000f9b5ce26806ae631389c2e2625fa\"\r\ncontent-type: image/png\r\ndate: Mon, 20 Nov 2023 15:03:02 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 13992276931822056787\r\nx-cos-request-id: NjU1Yjc1MjZfZmI4YzdjMWVfMWQ3MzJfYzg2ZjFhMg==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc1MTg2Nzg\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3602\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3088906778320228027\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3602,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"f000f9b5ce26806ae631389c2e2625fa","sha1":"c1675268ac4b566c87350177a4d6f985d9d44677","sha256":"649e7a01dab790ea9c63f3787c550739ad0487697bdcc0ca814898a3419460b1","sha512":"6aa63dfea29c3f62f9ea91da6b36fdd4533d624cbd7b26b2ae724be37a5a07a70e75892fe76d6eb1f0cbd022e60a132317d8441d65a46b3817980cf50817b771","ssdeep":"","tlshash":"f4714ed930c41b919f5af9a37d7b64c00b25cb444d9118695fe1b9e21776a0e4b2cb12","first_seen":"2025-01-22T15:28:39.183552Z","last_seen":"2026-05-13T13:04:07.167774Z","times_seen":16,"resource_available":false,"data":null}},"time_used":552,"timings":{"blocked":475,"dns":0,"connect":0,"send":0,"wait":60,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/load.gif","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/load.gif HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/gif\r\ncontent-length: 6518\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UeILcMMDrWnNaTqH9%2FyQMmTvhohW%2BLji%2F%2BGOn%2FVyPKS2lKo%2Barsii1WD9iZxyTjnf6hPwG%2Bz0cQaAHJS4QQuK2dtIBcUqPlomXt%2FZebUp40Z2wRu1BI%2FnSCCc8hUm8LY%2BlZ3VPhXt1d5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8479cd25685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6518,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 164 x 38","md5":"144bb7d6f1e1cb408835fcd849acaf41","sha1":"8bc47b81f5b2231fe6ef713f70dfff07961c6720","sha256":"9a8c5f0bc8f65663a4bd8afee1623cfecb94f3c327e86705685f46a622ff6b66","sha512":"d90bd8fd31eb60cb6f64ce6c7ea06ef6814e15982fba76c283496f798d15474c0f230a93bba250b219ec9912aed16b5d3686072a348c3d6e7481b1b7cf9f1442","ssdeep":"96:62OdLI7ETbpPx/7LI7EkJTLI7EWLGzlLI7EULI7EbLI7EdLI7EhQGv:kIQTl1IQEIQMGhIQyIQvIQFIQhQGv","tlshash":"83d1b63ce3c1be14e4446a7a94af7f3d461459346b58166f306adb20ba123fc9e4c3d6","first_seen":"2023-10-28T01:32:47Z","last_seen":"2026-05-13T13:04:07.296816Z","times_seen":269,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/7309.5f36e764.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/7309.5f36e764.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 6521\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=adlfD4VCj3zV8Gr%2F0hxinmrBKfzFDzcvCQTf7z7SecnN1Yu2Rr28I78nuPaCBx3vpjHdTV2I1wTTPgxPUaxI7vcmgLPy65SZjgYBQNJCS87trsbn4unwXmyJRNBptn8Hwh5h8BuejvV5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8442fe65685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":30249,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (30249), with no line terminators","md5":"3a9fad777c99160e99252898ad59b1ea","sha1":"6d7904e412c7730160b4e7c7465f6f27e724929f","sha256":"91c5801ced00f93d75ba875463d1ffe05b43fe3e6a22e571252d6b3e86b26b46","sha512":"342d1f5af058566a2352c6546aa9f5e081883492358aefb0b740b8d1f7f549fcaf76f82a375fd27c6d3343a6806d44c67e2abea6b016e75cd48dfba0ee430f8b","ssdeep":"768:h36dFjVXTli9q0lZ5vQhrcEri2jA52LnahXn234hG5:miQQ5vQhrcEri2jA52LT","tlshash":"c5d231d2b92cfd74743ab441c74f88a95e86acfa58733cadecc794c877c1a656205283","first_seen":"2025-01-22T15:28:39.082028Z","last_seen":"2026-05-13T13:04:07.324896Z","times_seen":8,"resource_available":false,"data":null}},"time_used":336,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":336,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/167.2c475bdc.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/167.2c475bdc.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 102842\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YLVBOBNgFR0yWM5daVXIooS7mYO7Nq4D%2FXhahrPg61QSvC63Npp0j0w1z7xMX4%2BZuw4svV4s04%2Bw6H8zqxsGRxQGCQzpqircrU3a0smzXwzvmK6VyIock0R3BjO15UJiBH0tVseWDgsV\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844b8b25685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":959361,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65534), with CRLF line terminators","md5":"81c904598ce6e4c941adfed7387c9b6b","sha1":"136011930e815e408fd1f0ee637be35f1d96c066","sha256":"07751707fc06e57edeb714610d8694a4c4b5185d9206cb908d8f8e8d7cda8496","sha512":"f20236e47dfd474c80c98fc0946810391c4c81599c7844c1095d95378773109ea37c18fc8ebd6f6b933905ef71e6cfc16d4cba3136a652d56e388761a352dcbc","ssdeep":"24576:oc4f4O2HEW6KmbKjzDl0utornVObCFXkj2QvDqRAv0OnMIujR6T9nG/U4sHbAOP7:oc4f4O2HEW6KmbKjzDl0utornVObCFXQ","tlshash":"d0153a3ac8219d2df67bdd81e68350bc0518a40773d36e7df9ad7b7ad2e11ed2226108","first_seen":"2026-04-26T02:12:56.941849Z","last_seen":"2026-05-13T13:04:07.232468Z","times_seen":5,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":74,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/iconmid.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/iconmid.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 3935\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2xWsG0R%2Fe3y%2B21BIPLarqUpt22PPUjqzTqlNtXpyGzIfjLFI5phkp8oEwm2iHbmAB1RjHtfa3GvlbdHIunJ97%2FT1Y1HVSbvoCCV%2FC8JFr5GXcPn%2FFUAovHp%2FrBYT%2FA4TMB8BH4H16q8A\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d845192f5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3935,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 49, 8-bit/color RGBA, non-interlaced","md5":"464a64f6a97263cd4b329b105f445a37","sha1":"cd70fba06d5bb4e225bc01c8ecea7b0b5e03b9ff","sha256":"d125df14feab2b909f364bfcc645a504556a5d2706fd8e6bfaaa23ec5748c91d","sha512":"469e9352c098682ecc394c3eff1ad36e11d5758458c875de543fc11ba10bb19940cc10c0327831160be6ff5bdf5e08d5e2aa51b6a1da298f541e0d71fa0de6be","ssdeep":"","tlshash":"ef817d98c692f0d6b54e49052b276b74c9380132c38fd669c95db02e82ae0bdb83dbd0","first_seen":"2025-01-22T15:28:39.061775Z","last_seen":"2026-05-13T13:04:07.329797Z","times_seen":13,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/2726f630cdc34585af71b51de2b89d75.jpg","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/2726f630cdc34585af71b51de2b89d75.jpg HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 21 Sep 2023 02:36:15 GMT\r\netag: \"15db29c3bfd5e072b42697a5c8e73081\"\r\ncontent-type: image/jpeg\r\ndate: Fri, 10 Oct 2025 02:39:42 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 726770938819215980\r\nx-cos-request-id: NjhlODcxZWVfY2YxNzc3MWVfNTM0MF8xOWRkODY0OQ==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNDg4MDk5MzM2NjI3OTA\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3255\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2252539029545619548\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3255,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 96x64, components 3","md5":"15db29c3bfd5e072b42697a5c8e73081","sha1":"3b8b304ab9a53e33d2fa0185feeba6893d00536b","sha256":"cc21e5bbdb641e80ca21a41f0184a3e677cf9ef06255e5134fdd79aa1b764bc6","sha512":"f5daf9d8cf865cf4bcb7b88dac4f8463cf921b2721f56cb6d6d5dd48b4fe8664e41cfa19b869408337e87a2571553339268072c32820fdacaec3f89735dd4947","ssdeep":"","tlshash":"ad613b59e453fb4adb9cea3925f248369e1c54d0b285e048bcfec81e64240f10d7eda5","first_seen":"2024-04-24T18:33:21Z","last_seen":"2026-05-13T13:04:07.280495Z","times_seen":44,"resource_available":false,"data":null}},"time_used":519,"timings":{"blocked":490,"dns":0,"connect":0,"send":0,"wait":25,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29671\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 12 May 2026 18:20:26 GMT\r\nexpires: Wed, 12 May 2027 18:20:26 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 67187\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84245,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32061)","md5":"e40ec2161fe7993196f23c8a07346306","sha1":"afb90752e0a90c24b7f724faca86c5f3d15d1178","sha256":"874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4","sha512":"5f57cc757fff0e9990a72e78f6373f0a24bce2edf3c4559f0b6fef3cf65edf932c0f3eca5a35511ea11eabc0a412f1c7563282ec76f6fa005cc59504417159eb","ssdeep":"1536:kPEkjP+iADIOr/NEe876nmBu3HvF38Nd+uJO1z6/A4TqAub0i4ULvguEhjzXpa98:7NMnJiz6oAQKP5a98Hrh","tlshash":"db83d6d9b2c67062977730b850bf410bb17a98dab80c8c60f0a4d5e47eb4a8d517bf2d","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T15:49:28.233131Z","times_seen":57031,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Apr 2026 18:57:25 GMT","end":"Thu, 16 Jul 2026 19:57:22 GMT"},"fingerprint":{"sha1":"AB:25:45:8F:55:B6:2B:26:B5:B1:EF:90:E0:60:64:9C:56:47:0F:B5","sha256":"47:83:31:CC:5E:02:0E:51:A7:52:AC:83:1B:8A:A8:4C:74:11:A5:F1:61:8D:C5:6D:29:3C:9D:6A:C9:29:AF:7F"}}},"request":{"raw":"GET /beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2026.2.0\"\r\nlast-modified: Thu, 07 May 2026 16:44:36 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9fb1d84949050731-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31169,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31169), with no line terminators","md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-05-13T15:34:21.642631Z","times_seen":74552,"resource_available":true,"data":null}},"time_used":430,"timings":{"blocked":160,"dns":1,"connect":1,"send":0,"wait":10,"receive":0,"ssl":254},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/apps/login/font/DINMITTELSCHRIFTSTD.ttf","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /apps/login/font/DINMITTELSCHRIFTSTD.ttf HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 17310587036705994088\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"font/ttf","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/oversea_web/static/media/DINMITTELSCHRIFTSTD.a7bfa1ad62bf8ba2fa46.ttf","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /oversea_web/static/media/DINMITTELSCHRIFTSTD.a7bfa1ad62bf8ba2fa46.ttf HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 11542671169420935521\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"font/ttf","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/1446.0f03293e.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/1446.0f03293e.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 6225\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F21O5cOvJIYUWO5uu71gzl88idaFTg%2F3YG9xS%2B8MCQxmLqzMPqu6VMxfeBqqBuTZQ8X7JNwC0U9P31qtfKOdUgixrjBCl49ns7l2hkDrWpw%2F3Gbgt9zRUCxdRX5iYNDz83M8rTTpYbJH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8443ff95685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34453,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (34453), with no line terminators","md5":"0a4c924eee3c44fd29d26f35881c8605","sha1":"22cfe0751619aafc636d2963a295751b52fb4a6b","sha256":"2224f22a8b33507ca95b19701a841c7cde48c925c6bfc0a2788e0fe4d1af6a1f","sha512":"4678bd6b33a1b66cb434c27f33baa16b5193cf837c96122b1bc458bf30a98b34dc5aae92eb90085859a30603a64277638cb0eab223513381d5d309da086f851a","ssdeep":"384:FNDuXX69k575uHBwEHCpSqTq+bQCPwYvVj4WHwEHCpSqTq+ar+eIO:Vi9qKdDi9q8W","tlshash":"55f20ea1c8630d18fe7bdc45d7af70680e54bd07766309ac547859b6e2c35e8e23b1ac","first_seen":"2024-10-21T08:04:20.242754Z","last_seen":"2026-05-13T13:04:07.230434Z","times_seen":11,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/reward/lenskintil.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/reward/lenskintil.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 53726\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 12:29:55 GMT\r\nlast-modified: Tue, 12 May 2026 21:27:50 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DyNeDgstQhEJwrdh8vDiUx2KZgkQJkgGpl8FdDp5t0JnP6cb8tciXVitrulfM%2F%2FRTC%2BhfJ1LR8AfWFj5SgzUj9Oql7ETRaQNTLKNxLFDb1OcTFUy%2BvkgNQoKO%2FeyVZagbmH7HU3j9YEl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529465685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":53726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"20eef2be1e2356f89238e4bb158f8c53","sha1":"ac69d54bfe5c2ae7449d08b59baa83793a05c353","sha256":"306cbfbad098d44c0b5b229522414c6aae9131a4132a70b5b281dd46ce066536","sha512":"b14100685d301b4c851ba6efb74272ebb2343def5fd3aedf4db4266e2c31a9c4e6365ffa0a387e79c410449d269a4caf5baaad3057fffc3e553791f3febb8355","ssdeep":"1536:a+LbV2H35KO5K3jGQkyrpPcXWe54xUd2ZgJcXDk/TaY4m:a+QHpK+K3i0rpeCzZVXDk/TaYx","tlshash":"ff3302d86b9b09518ec719b8f3751b56c9b0b2458f401500720d5aefbfbaf740a3b291","first_seen":"2025-09-20T05:43:57.405653Z","last_seen":"2026-05-13T13:04:07.216817Z","times_seen":28,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/footer-ins-new.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/footer-ins-new.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 7625\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Vc%2Bj67kMqGjPG9TzgdGZaCaT8A3pao79EySOyqWorGvXeV87wJ3Ur8M02FpRmiHx72eRYk4h5ChGdLxybySffnyEq2%2B9pZicc4Lc9g1IWvMFEwoa7D%2BUKtZCli3WX5If4ma5eCCVS%2BCM\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529495685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":7625,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"cc70b37c298ba08069f3c91b1df297fe","sha1":"d7c87f6337f5a48f94190eca6a1b74eef9323f38","sha256":"f2ad27dbb5397878470e88c31ca3c398f490f9e720ba0ca649ec6bf137f4d6bc","sha512":"4bd92697f8f16cea5ff8ca25f0cf47387a942e4c19cd843a9a8756361d9b28492705d2c06ff573a61b43ca59d630f35c4357fc154f61ba10f958fe183107e5bc","ssdeep":"192:5ITf1jHCQ7vkjOdt1oNxMZ3n0P9FEsSIEiAFuX:5IJ1DtAxMZ30L3EiAM","tlshash":"4bf1af4d41101aaad38f42311f69d406d4ddc02cc336b79439f44a2f69f8b2e57d369e","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.249033Z","times_seen":362,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/9fa6d558721f6e36acd07a7e888cb093.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/9fa6d558721f6e36acd07a7e888cb093.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:22 GMT\r\netag: \"f986a3edf3564d07cf8497527a484aca\"\r\ncontent-type: image/png\r\ndate: Mon, 10 Nov 2025 05:42:35 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 7276941598825304217\r\nx-cos-request-id: NjkxMTdiNGJfYmRlZjc4MGJfMjBmMDdfMWU5N2M1Mjk=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc0MDM4MjM\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2237\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 12334863963869232522\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2237,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"f986a3edf3564d07cf8497527a484aca","sha1":"2d993ceef67ea14954dff2f59160e97b83a42899","sha256":"6c84b4807d7c29b131baf7c3f1195711c709971a2f8a528a08d00727d119841f","sha512":"2f21802f114a26d1af0e898432302241bf052005f9d3597d98bc90a9317c358fb7f6ad4c8549073818717752fd276492c8e1168d530e636aa24c00538569dbf0","ssdeep":"","tlshash":"ba41d9ae6716ed56ab0bac71cfc0c430ad9b644910c4664da3e1f479282153ca661d17","first_seen":"2025-01-22T15:28:39.233514Z","last_seen":"2026-05-13T13:04:07.185313Z","times_seen":16,"resource_available":false,"data":null}},"time_used":587,"timings":{"blocked":529,"dns":0,"connect":0,"send":0,"wait":55,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Cedarville+Cursive\u0026family=Mochiy+Pop+P+One\u0026family=Montserrat\u0026family=Oswald:wght@300\u0026family=Varela+Round\u0026family=ZCOOL+KuaiLe\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /css2?family=Cedarville+Cursive\u0026family=Mochiy+Pop+P+One\u0026family=Montserrat\u0026family=Oswald:wght@300\u0026family=Varela+Round\u0026family=ZCOOL+KuaiLe\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 13 May 2026 13:00:13 GMT\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":227151,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1981)","md5":"a4956cab6d0eab1f94b1b068b3509eb1","sha1":"962e26da86e42b07d6ebf092b36336933094c9e7","sha256":"c02a8228fd18e4e93d380fe8ae6351837bffb8bf2a20ddf0882cf028558d0420","sha512":"6d17ef05f9e30793d83e2f96233c8040a656b25a9c4fae1ce12f7ec3dd75eaa47a4be013ee5c98a0d64576557db8e977910f5ed2843450a494be971c99772844","ssdeep":"1536:uVCN1Cm7Vx9GK3psfQas3/8krtsX5WV2YoWMrUNNISLsbgMTL2ZR8oUa5gLlcXfK:Hh77lyaukpHN6jk318FjEI4FkNMIb","tlshash":"6e2401a1450746dffee71ca752ced925bea9687cf981883852f505c3ac0e01ad1cbb8d","first_seen":"2026-04-26T02:12:57.149573Z","last_seen":"2026-05-13T13:04:07.314848Z","times_seen":6,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/fonts/laza.woff2","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:14.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/fonts/laza.woff2 HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:14 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 22220\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:26:04 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rbccTTOPSjLWYI6eTksB0bgJpssnL8%2BxLsx8nsXDL%2FyFImsVjLtZwLz46WbFyS3b6DsihQ6PGuTloLTQqA8hRasbC%2F0sLd6ON63kPeNVTtj1ROo%2BixJKd8%2F9lipTgKlgeA6sVoHJJuvb\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84f5e0d5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":22220,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22220, version 1.0","md5":"345579e8566a3dd6dc9feb5362fbe7e1","sha1":"df075dd0c26e72fd7df19948f07904c1eaa72ded","sha256":"1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4","sha512":"948b48b697dc39d4c921ef8765053cb414edd47d12c69856191c5e28a580a1ebdb6020d2b8d5639d7ea89fa24fbdd73c16bc5e461b86f644420fffd3fe76b397","ssdeep":"384:1dPjUYc1ZQrSCantuGbZZHmv8m7Uh8OIXXS6pL/AzxeDxw+wBhQPyX/g2g8rYFGk:fJ0qrSCasGZZH9C+lIXppzAz0SLnPgCG","tlshash":"82a2d1a9a2a202d4dafe4405bde8f8b35cc2b43adfc687394a74f54dcc845d18534d5b","first_seen":"2023-05-01T09:29:40Z","last_seen":"2026-05-13T13:04:07.166352Z","times_seen":962,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api-ipv6.ip.sb/ip","fqdn":"api-ipv6.ip.sb","domain":"ip.sb","tld":"sb"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.293Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /ip HTTP/1.1\r\nHost: api-ipv6.ip.sb\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://kweoywum.fortoday.asia/\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/6877.6d0fd829.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/6877.6d0fd829.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 6675\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SlyyFIpPQ31MPtLu1FpO915rhVKXmUKympuzVCQg8Muluojpm%2BPXinQR5HGnZ4V3gXUjWt42OhNG%2BzunQkxLcToDtEka%2BCs9lIDb1k2ovWr0o960DM13tBYF1h91AiK%2B3WxahLlo9YB%2F\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84448255685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":28427,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (28427), with no line terminators","md5":"0a7d3e9cfff1ff17b795bcd1ef91bb39","sha1":"d16d6c316191e8eab1ec1917c3c20402b505136b","sha256":"29af4e72d261b93f81e63d4485c41f74dde97be9c6c2305a3aaae207ec8583dc","sha512":"68aae126b7c04914c0a9c2341bf07264e2cdcc6d5aa15f08c9295c720a112af1926476e701d59c99ede65e7c5a439919149f2e8808e14e039c2fac3b5372e037","ssdeep":"384:COBTTh4GNg/wEHCpSqTq+RfeozvnQH5Q+Z+UCp0xFma3Q4N2dRo0dwcuHM:+i9qY4ZQ+Z+UCp0xFmuQ4N2dRoa","tlshash":"87d296a584568e0ca622abdf915ef5791995b7ce6cf11fdfe6dbab33a2c00fc1210014","first_seen":"2024-10-21T08:04:20.255854Z","last_seen":"2026-05-13T13:04:07.251591Z","times_seen":11,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pagedoo.midasbuy.com/material/1450015065/0e9de9cb3561f51f2fb937bd34f03a30.png","fqdn":"pagedoo.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /material/1450015065/0e9de9cb3561f51f2fb937bd34f03a30.png HTTP/1.1\r\nHost: pagedoo.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 13 Nov 2024 03:34:22 GMT\r\netag: \"44d26d7a678039f819144a9b935e8b06-1\"\r\ncontent-type: image/png\r\ndate: Fri, 15 Nov 2024 02:00:05 GMT\r\nserver: tencent-cos\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method\r\nx-cos-hash-crc64ecma: 18192468951191887806\r\nx-cos-replication-status: Complete\r\nx-cos-request-id: NjczNmFiMjVfZGZiMDQ4MGJfMWM2OV8zMjRiOGI5\r\nx-cos-version-id: MTg0NDUwMTI2MDQ4NDY2ODc3NTQ\r\ncontent-length: 33331\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 891026606538844960\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":33331,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 140 x 140, 8-bit/color RGBA, non-interlaced","md5":"0e9de9cb3561f51f2fb937bd34f03a30","sha1":"3d6879bc28321f6e729b0731f6a1bbdd2cf6877d","sha256":"69af9942ae1c3ce709c358a8c28675d8fab6d35d721eedf4dd5201facaf77e62","sha512":"f95356b5951bd653fa3753b3a763ee74203b6d93e84bfce986454ac5ae7a48c037fd1cb6aac45a2b175c22b095a969ff1377544cffc88355429026c5685bd1d3","ssdeep":"768:KAvhwbFM4FdK2jAWhnNJKAfNa85QPw1I/Ul+zIEgY:TY+KA2MWhNQAfk85QPwNgzIEn","tlshash":"d4e2f17d41ed18750ecf17fd2e2c8ea6523a7d11029a9a47edb0036e71d9d101ee3aa3","first_seen":"2025-01-22T15:28:39.165707Z","last_seen":"2026-05-13T13:04:07.264584Z","times_seen":12,"resource_available":false,"data":null}},"time_used":2788,"timings":{"blocked":1350,"dns":447,"connect":22,"send":0,"wait":10,"receive":1,"ssl":954},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/reward/mat.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.038Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/reward/mat.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 22139\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:01:21 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=12w0netjuyT%2FLeVPhgdA4EDzJiov151ITga7Aa0aHh3ceqmIJiGIoJKSPVqFYu6O338PWlcNcWswP9a61FHS%2F9kFX8ci3y9HZn%2FWtqX41vIoElGOZSeel82741UtvyLsFuPS0jWeboRi\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84509255685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":22139,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 480, 8-bit colormap, non-interlaced","md5":"f2da3583c3a9efd372034ee83f2274ba","sha1":"3d7688ff15393ad038a54851ba64128c116080e4","sha256":"bfb551be6a0157558d4145e40555a5d6d5f08ab7820f36146938155d147e6d5c","sha512":"494b3a3ccc61b73f498ac3ffdb03a2e2dcac1edd684f4730b86401f4c5bb6f6ee2953d1db63f0a96b02168883b2aced6f50fa069a03e101c7a55c8626ba63351","ssdeep":"384:J5Dc1Rb6fDlhLMhp6dnCPg5foT/Y/LcAowvcsFnT3SkaEvwUubgqLGQb:Gb6fDl+0d5Cw4twPlbvSZyc","tlshash":"efa2e0035dc4e422c68955fa82391ab23f044fa93467c7ef504b75924b7a39f54938e3","first_seen":"2024-02-22T16:27:47Z","last_seen":"2026-05-13T13:04:07.233128Z","times_seen":120,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/footer-reddit.d66cdc0d.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/footer-reddit.d66cdc0d.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 5043\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:01:24 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5oONq3ySX7C%2F%2FE5U5KIj24itttCzbB5lOQkjN%2BRbtXqeBF2q%2FUnv4xnbXsdFPvm2gPn0hektk6oSAbKL1zOguqr5re6%2FN46Kukip5bNFK%2BJvmx2SBFI%2BcwoOVoQ8OHn6HddGNTk6XB7d\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529565685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5043,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"d66cdc0d92659b0e64d7aefab70a60f6","sha1":"f8dcf359bb72ed8aa3ef84a6d3f79102869a82f0","sha256":"642703b53950fc841394918d79cbabec6060242e45c8ded41d324e7d6dce8924","sha512":"559231e5e96e800fa3aafef4285dc5757c0974f7eb5588dede8e7f15f85790f797d0a98ce127760fd3641b7ef97ecf614dcef9f865a2a9896f7a036cb1ed6ae4","ssdeep":"96:0c3T5gjdJSEQbE7xjUA6Ybic1eG4kOiNJJqNbBU6syHj+:0U5gXSVQ7rh1KiVqdm6XS","tlshash":"f6a18d9b612a64f8aed6e960c53c8910eafd42df4ed45704ac16c1d1c98b50fff20f08","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.237141Z","times_seen":353,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/9862aeaf448f32090a4c61dced07ae74.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/9862aeaf448f32090a4c61dced07ae74.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Tue, 11 Jul 2023 12:09:00 GMT\r\netag: \"525e2453f58f8f8a52d4d226557f7947\"\r\ncontent-type: image/png\r\ndate: Fri, 25 Jul 2025 03:13:26 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 13514664086594741981\r\nx-cos-request-id: Njg4MmY2NTZfNGYxNTc5MWVfYjM1M19lZDg1MWQy\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTQ5OTYzNjk0MTUzMzg\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 8273\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 5615621913876704004\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8273,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"525e2453f58f8f8a52d4d226557f7947","sha1":"fb295832a2d81edd5c7cc16e946d3728eb1795ce","sha256":"4b6e1dc3fe4ab6e3017023bcfc253977a3c1924c84ac1cf0dfc125d8c3c2d2be","sha512":"88ec057f1c0ede6380c96c852067997059a81ddd73cf307d32cbe0e3d27a0b2339052e455762ef48da0998ffda2eda25ac8f4bae0e8500057b6baaaeb8e5bb76","ssdeep":"96:T6Zb9cKbr0s2O2A2J+aN+ZlTErMrkyo7m0C9enWRM+70QeKmv8rZylSvXd7/NiMS:ub9c7O2AiN+Zl1UM2+70QeVJYlxD9Rk1","tlshash":"fa02ae579cfaede1cad4b5e354508acc8a762544a98e3b3380811e0c8b67e329875b4a","first_seen":"2023-05-01T11:58:24Z","last_seen":"2026-05-13T13:04:07.218196Z","times_seen":62,"resource_available":false,"data":null}},"time_used":583,"timings":{"blocked":501,"dns":0,"connect":0,"send":0,"wait":56,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/25a8889049a89344ddb6a1d99fddacd3.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/25a8889049a89344ddb6a1d99fddacd3.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 08:38:17 GMT\r\netag: \"c215c8e11cb084d49e5b9de1d4a95c90\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 14:15:23 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 9041043765420463187\r\nx-cos-request-id: NjZmNDFhZmJfZDJlZjc4MGJfMmVhOTVfN2M3ODAxNA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NTk0MTE1NzM3MjI\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 2977\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14509762531985333795\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2977,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 96x64, components 3","md5":"c215c8e11cb084d49e5b9de1d4a95c90","sha1":"fd583e8bfe1389b58f1bf6356518e26c686b09c0","sha256":"74bff356ceca1af7fc6b0603fa11cbf7a5ac5eea8d0acc6628a88e1865203d95","sha512":"8d257be119157948296ef67c0a1359f549bfcdf5128036007cf97bc186276af5607cb898af4ceff27e3eaf748a682a5df1b99c902128a9dd027859c700693757","ssdeep":"","tlshash":"8c510904e7336703da49b83574f9615bc6791684fa93e069e8fec9a609720f08d525cf","first_seen":"2024-10-30T20:47:39.008354Z","last_seen":"2026-05-13T13:04:07.237622Z","times_seen":18,"resource_available":false,"data":null}},"time_used":1171,"timings":{"blocked":493,"dns":302,"connect":23,"send":0,"wait":27,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/641903dfb1304392d5b0865d594833f8.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/641903dfb1304392d5b0865d594833f8.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"34cf3aa55d10f3f8869f264cdcb2ad5e\"\r\ncontent-type: image/png\r\ndate: Wed, 25 Sep 2024 21:06:23 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 2435251802681037888\r\nx-cos-request-id: NjZmNDdiNGZfY2FkNDgwYl9kNTVkXzdjMTIzOGU=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc2NzI2NzI\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3523\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 164104272401583537\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3523,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"34cf3aa55d10f3f8869f264cdcb2ad5e","sha1":"94cd8a7d54c36f1ce3f1a5d8925ef4e5c33da7f8","sha256":"6da833d493a4e1a3bf46b9d484477687d4a3c2c92aebf24c82f9e5f128b4368d","sha512":"204744a724e1e64e3c8af81ca50b1efd69a8b0d50f64c6722d71ee8d956a7781b15b9233071e32be8b24267925d5d7e29613e7431480a4e32bc21a7b4c43810e","ssdeep":"","tlshash":"fd715cb2acdb97b2616777a957351c46d7640b0ec9227a191104ee3d483432d28caa0f","first_seen":"2024-10-30T20:47:39.071579Z","last_seen":"2026-05-13T13:04:07.241219Z","times_seen":18,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":471,"dns":0,"connect":0,"send":0,"wait":55,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/821807bcb8b09695389119ca62eeecdd.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/821807bcb8b09695389119ca62eeecdd.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"e63c1f67df6289456b01d42a291f0d18\"\r\ncontent-type: image/png\r\ndate: Mon, 21 Oct 2024 18:05:00 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 11247417401204316228\r\nx-cos-request-id: NjcxNjk3Y2NfODZlZjc4MGJfMjcyMTBfYjJmOGVlNg==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDgxMDc5MzA\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 7193\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 3117416687725679162\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7193,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"e63c1f67df6289456b01d42a291f0d18","sha1":"8a02133aac57a9de863144dd4488d58b072fdb96","sha256":"4cc861f22423295e6aa783d42fe48758704158254a608945d0443cf12b88b258","sha512":"4b148ef7349ec890d02fda04e8419f823cb4cd8ae953bdf9c726861082652bb7b0c13b2a8ff43063b1f915f6acb6a1f303ce840d1322dfffcca34e1f797efba6","ssdeep":"192:E/Lsi+poMn7+rUmSYSumePlusdda9Ogt46HmId:MQpoM6SYSZcVdoHJ","tlshash":"dce1a0de6cc556742ea7ce078b24ecb4eb35853334ea3d5db013da46a57f1081808e09","first_seen":"2025-01-22T15:28:39.24145Z","last_seen":"2026-05-13T13:04:07.279791Z","times_seen":16,"resource_available":false,"data":null}},"time_used":606,"timings":{"blocked":530,"dns":0,"connect":0,"send":0,"wait":59,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/f269367cf868dddf53a2f5fb46c5839e.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/f269367cf868dddf53a2f5fb46c5839e.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 26 Jun 2023 12:34:41 GMT\r\netag: \"b5f20f732e6b6e682834ed01251dd18d\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 02:51:08 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 7863818824923771470\r\nx-cos-request-id: NjhlODc0OWNfN2FmNGQwYl84ZDFfMTljNDhlNjk=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTYyOTA4MjgyODQ3MjA\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3036\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 368326179958750345\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3036,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"b5f20f732e6b6e682834ed01251dd18d","sha1":"765090392444768db4fc5b4ce661597797e2f868","sha256":"1bbd31380e44dd6da3f306c3074af3e42b83049e5af2e714fa8e39b52f998f32","sha512":"a0aa0c46d7e018e7d042ca299e67829bc9435217e606fa3e74d8aa1452c2b24d07f7fc750640e9e8a13d502c1537b9a3f16096fe855a5abbe8d58811570382b7","ssdeep":"","tlshash":"60515ecfc6ca9d58c67b97588581409174bff28c497f178b022bb582fbb97c62208247","first_seen":"2024-10-30T20:47:39.025718Z","last_seen":"2026-05-13T13:04:07.169303Z","times_seen":18,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":457,"dns":0,"connect":0,"send":0,"wait":55,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/google.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/google.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 70339\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o8AT4lg24GJjzZh1JAX4UVtZJclNXCBdHhW9dgyAUT9T2wqz%2Bg4Ne%2FTmmUDNpPsG1eY4qAaAO5M6FjiX5mfNKHaN68GJJfT6skceazaFVA3zi%2FQsXSoTQrGFCwTwlKmvcyI%2F2dCBdcuy\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8479cc85685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":70339,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 465, 8-bit/color RGBA, non-interlaced","md5":"95ee18d0114fd000ad2f4d71d7e694ce","sha1":"18864af07d81ba8ed080b3d013ab807e3e558c3a","sha256":"c5a73974a7cc2f30ba0bf1280f10994dd3d2c39b828f7c1a72c24bf9e14fe2a3","sha512":"d4aadd30d1e23e86011aa929f34d6ccef667607e9bd6ba19428f2602023bb9678efaedeb73a802fa04a26e05980fd7e671efde53914cddff403ad012537359f3","ssdeep":"1536:i8vXzmuCDICIwDQfjdXO6atYwHZwjcmuzcAW46Z27UbcG2fAO:ityJX6YgZw4mfAW46ek2Z","tlshash":"df6302adc2f7e046c5df3325ebba5bd787436bc33296d192ac06143ee811c425498f9a","first_seen":"2024-09-07T03:45:51Z","last_seen":"2026-05-13T13:04:07.257689Z","times_seen":90,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:34 GMT","end":"Mon, 13 Jul 2026 08:36:33 GMT"},"fingerprint":{"sha1":"25:C3:78:A0:E1:97:BA:8A:CE:43:FA:9C:BF:89:EF:DD:A3:CD:9C:40","sha256":"C1:18:7F:C1:92:8E:D0:83:CA:E8:62:DB:BE:FE:89:B2:84:13:70:FA:0E:40:65:D2:B6:8C:09:37:73:46:4D:4B"}}},"request":{"raw":"GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29707\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 12 May 2026 17:53:26 GMT\r\nexpires: Wed, 12 May 2027 17:53:26 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 68807\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84320,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32180)","md5":"32015dd42e9582a80a84736f5d9a44d7","sha1":"41b4bfbaa96be6d1440db6e78004ade1c134e276","sha256":"8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3","sha512":"eda31b5c7d371d4b3acced51fa92f27a417515317cf437aae09a47c3acc8a36bdbb5a5e70f0fbfd82d3725edf45850dde8ca52c20f9a2d6e038b8eaaceee3cf1","ssdeep":"1536:AP1vk7i6GUHdXXeyQazBu+4HhiO2wd0uJO1z6/A4fGAub0i4ULgGiyz4npa98Hrb:z4UdWJiz6UAIJ8pa98Hrb","tlshash":"a283d6d9b2c67062977734b851bf410bb17a98dab80c8c60f0a4d4e47eb4a8d517bf2d","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T14:32:59.586205Z","times_seen":14452,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/apps/login/font/DINMITTELSCHRIFTSTD.woff","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:15.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /apps/login/font/DINMITTELSCHRIFTSTD.woff HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://kweoywum.fortoday.asia\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 7774074973102833942\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:15 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"font/woff","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/349.85fa8586.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/349.85fa8586.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 5755\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DimU27OiPrm9eMd5CWK%2B7O%2BMVhsew3yRv%2Bnv5BzUWl3sKyfDQ1w384qizbMWSAgSc4Xr%2Fh7%2Bo7iv%2B1Q5WZgIZ7kbPvOtVHkYU0R6LP2likvJ%2BwF5ccPGx3UB7wScCF1wzKM4RyY39zZe\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844481b5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":20354,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20354), with no line terminators","md5":"d725c2898d0505fb148218bcaaa810a9","sha1":"e9cef5db014c255a279e3d0770aa236761889584","sha256":"fa1178047d8611ead5a29342beb1f5292c411779da1d04fc715a8bfb26289062","sha512":"5e6139e2da95b11b960f7baf516c9616cfa2af43ad27e1fc552b904a106a9f0299e48014e8b12a27730d63a358a20486807133a4f2f2c83992189036319df365","ssdeep":"384:PolFZOQqUKuikIzvEEXHRkZ6XDlJQwEHCpSqTq+w4UyWY:ueQqUKuikIzzXDlJ6i9q2","tlshash":"ba92d6748970ed6b76b7dc60dbc586cd1e28e906638316ede6c35168c2b25e83332b1d","first_seen":"2025-01-22T15:28:39.106893Z","last_seen":"2026-05-13T13:04:07.325444Z","times_seen":8,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/7960.77071778.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/7960.77071778.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 26881\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mUb4SOD6aO%2B1R%2BFKEE0X0ilMG5AnUu7dz4onFB9AAtMhujQoI34haCbgB%2F%2BB3DLH5lsnXjH375kcv%2BDyTmNCPV48jXg9M2B7UM8tiVsrG19Z6lXKPaWX3omT4xgjK3ymuxUiso38fYW5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84478665685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":204774,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"cd1f77b2f47b6069360c9434ad4fbfaa","sha1":"6d619a2a8299313aa3d78b6ae1da61f24bbb187f","sha256":"5af08c600e0ef25df3884999ea210bb4949076f7e7ae47cbd9237b914f933796","sha512":"5a14d2a0d10a09b66da3353b1e3bd4648be3b7e45de343b3df42558b8b6f08aceefc8a8ebdbe81e284ef81ce20f3596f30b886166dd94403bb36a430cc938fb9","ssdeep":"1536:K5npj1T/eBmwiQ8iWiQH5iQziQyPFGOiQ8iQKiQnmmTbdUiQno/WiQ6fwax:JBmwVsVH5VzVyV8VKVn1T2VnoOVC","tlshash":"1314f836cc625e2ef13f9d8adec7805c512c7c47f5936ebea4697368c2d05e8226b508","first_seen":"2025-01-22T15:28:39.089792Z","last_seen":"2026-05-13T13:04:07.277574Z","times_seen":8,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/Discord.8277bca0.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/Discord.8277bca0.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 5224\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wiWPRopx3BKTfGE%2BKP5sth1r2VoNR2rHDceRWVv4vNH%2FrHJv%2BJJvM3MTUWChTThY1OjiG4RU9RqD865X7Z5XptPq9BOe7Q%2F2sTadiQDEWMeEH9DN6SaJUl3wCR2KlgwKJi%2Fla8S9D0Sk\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529525685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5224,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"8277bca0aac01af0b679d71f4de55459","sha1":"e06892977682cd5f57c31245ff7cc8efb14c92f0","sha256":"25157739816315d396c664fd1f45336d8ab8bf9d768aa911e93cbebc95614a58","sha512":"6bd7888fe29f4c12a4924a655e309d52d4250e07988304f4896dd66d676141c3faaf93198e34a1c78fceeff1515caa62e70ea9a701a4c97df847c1a66b7069fd","ssdeep":"96:JJnyJW3IWaylbEXSDOt03N8ddUYyUPC/rQWfMclX6Iys1p7WBh5aF/G68+:yUIVylW+N3NbOqMnclXnjCBEH","tlshash":"b1b17c64aaa44ca9f0f2fbc58a4c7855313e611f742faccdf1365cfa41205082af3a27","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.265052Z","times_seen":361,"resource_available":false,"data":null}},"time_used":350,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":346,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/18c55dfcf1979f56d48e1870b4f421c1.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/18c55dfcf1979f56d48e1870b4f421c1.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"b774c39776b7dd697ecf88fed774b8f8\"\r\ncontent-type: image/png\r\ndate: Mon, 04 Nov 2024 12:09:13 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 13057886671716270029\r\nx-cos-request-id: NjcyOGI5NjlfZWQ4YzdjMWVfMjA3ZjRfMWI4MWFmZQ==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc4NDY0MzM\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 6079\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 14460532726231426949\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6079,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"b774c39776b7dd697ecf88fed774b8f8","sha1":"d66ff1dd99523a66e995fb8438e252ba1b5c9edf","sha256":"1098b18c70cefcd362a7e60e28189a42302d0bda259ced33efa1f2c92098a606","sha512":"fed5b8cb3bc37767597166a52cb0476c95fce43be9d896cb2ea65092f0b9137dd4c34e6afc1d76e713466de28355a790349414e8f243e850a50fe4c48486e52a","ssdeep":"96:e5/CTP1T2YwGH4PM3B2CxrwPbL2YYowx+bzhnrQ8TH89CxNVE6/KDFFh77RA0:eVy1y5GH4Pi1twz4ozlrPcMvJ/KDNd","tlshash":"37c18e4e495477f936aa21718a153347ab63c391efbe72253ce48433aae2c550837f24","first_seen":"2024-10-30T20:47:39.060318Z","last_seen":"2026-05-13T13:04:07.164553Z","times_seen":18,"resource_available":false,"data":null}},"time_used":589,"timings":{"blocked":506,"dns":0,"connect":0,"send":0,"wait":80,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/c1e8cfdb317c02f0892c59027811a97e.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/c1e8cfdb317c02f0892c59027811a97e.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 08:38:19 GMT\r\netag: \"a5e078ed46cf0c3027950fb7f5ad62ed\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 02:39:42 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 10577499968579057018\r\nx-cos-request-id: NjhlODcxZWVfOTE3NWI3MDlfODgzNF8xOWRmMWQzZg==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NTk0MDk4NjY0MTU\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3920\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 2343915967964559240\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3920,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 96x64, components 3","md5":"a5e078ed46cf0c3027950fb7f5ad62ed","sha1":"0e24822ced161ee4e8467008565250880032cbbf","sha256":"892bf5c3feb460f2a3f62e3bf7f912738ab3ac59f4b7172cf5795332e39b67d1","sha512":"b9054b711bfda15423543aa7319729f466741bc2b7ea8d13c07f7f75b0906c6b841141881b39829f5b3489371a0f630c77564cd45b30e8dbf5b54bc6bff5ce6e","ssdeep":"","tlshash":"59811717e1b23b52ee98c47735fac00f1a2d59d025c56508b8ffd1aa17b44f81b6a0db","first_seen":"2024-10-30T20:47:39.142108Z","last_seen":"2026-05-13T13:04:07.249506Z","times_seen":43,"resource_available":false,"data":null}},"time_used":511,"timings":{"blocked":484,"dns":0,"connect":0,"send":0,"wait":25,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/1889.06cd5bb7.chunk.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:12.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/1889.06cd5bb7.chunk.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 17044\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:01:16 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mky3uq6JIkgiKnrX3BLuZtjtrsI6pkz6FzOg8JNKzdkELBzRAcDEN%2F5DVMohmkz5d%2Bh2IJJHefFJCJLBON%2FeA%2FTDYzrxSYZUV4sjaopo9QOjuhL5mc4aOIvCFeugpbd3lvKfDpuWxpAu\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84458375685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":178455,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d149353e4982c7991830b57aa0b5ea8f","sha1":"35721d92288de33009fb8d6534bf5395d0228bf7","sha256":"5e64ec5e3c386f1295276e7947002765a4e2f2cc26ce7b0331f0f2dcd1b18f0c","sha512":"0060a4e3a4f4e92b30532a0190fb7b7b525c486571ae158a3adf4f6bf4fc3033601a531910884345c18e3f01bb2fc258c0e9034564192b23282cc938f23712ea","ssdeep":"3072:ZbBbEI8IQIsId+Z+z+Q+ZnmnynSnT6T6t6I6ldwdkdwdd595n5W5jyKy2y/yOQns:x6q/onB8f","tlshash":"ce04f865c9108d39f97e5f82fa8740f91114dd0263a3ca3cf945e92ed3ed2eea22651c","first_seen":"2025-01-22T15:28:39.09562Z","last_seen":"2026-05-13T13:04:07.18352Z","times_seen":8,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/css/google.css","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/css/google.css HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: text/css\r\ncontent-length: 1538\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HGPJUVEDHhrVskPv10GteCR8h1S6swzxUenxzxgeVhON3BXhEPmTVrEr8BwL178Eufp78Vcbr1SOB642CVkeBrzWWDMEd1yVqdWD3UGICOeBWrD2xfkniVe%2Fws0tYisOzc2ZWX5q%2FGfC\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d844c8d35685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":7548,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"6b152699476854bb4c139fffb3519635","sha1":"8c981380a5a3c1c2ab0e87daf1cf5da1538ca1cb","sha256":"dfd32d82e39b0b720e9c9c2adf95c4b65ee95ff4f8649f6dbf96425fed89f87f","sha512":"e5ef09d46a94481991287a8cacdf8d11514789d0f21e862b40955cb72f1a8cd1a08551bac215a20d0696ba5dd598ba72b583f768f4f4bf951188137e33eca440","ssdeep":"96:cObJ8PC4vIQwMORAT3Ls6LCLlQMk619By6gBxOBurUXVIoC0AU/+xOXKK3KKk1:c08PA4bs6LCLlQ16PBy6soC3U/+xu9m","tlshash":"70f1df5aeb106009b132dbb8bbb24b45e91d04639b0785b9bb9d6340cfb156c5372fdc","first_seen":"2025-08-08T20:20:25.057934Z","last_seen":"2026-05-13T13:04:07.281074Z","times_seen":18,"resource_available":false,"data":null}},"time_used":378,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":378,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/reward/lenzkintol.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/reward/lenzkintol.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 15294\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 12 May 2026 21:27:45 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J5wmYGTcPF6rawsWuWzA8EvYZQbBTAyoXp3YXiAFjpphrX215VwTzQfseMX71yLqbqXHka3bHQzvG%2B%2B6kRidz%2FxNo0NNpoaKZp5doJA2tfCdgCaoZYkHRfc8PT6wLpHUQRridv8TpK7m\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84519325685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15294,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 556 x 543, 8-bit colormap, non-interlaced","md5":"7cb34961c5da7be99d0b3cf3d2394892","sha1":"ba5a9b0c4c3d916b65c30fa1c560246e13ff122e","sha256":"5ec6dc9824138a6a66378b8c6de830e704fcf4a0b28911c1461395d8338f2e30","sha512":"4bff6da31015e023fe4a7eb55bcbd3c424f359bc12c6307240f018930bef5a96ce5b8ff9326b134c20f4d5cce047c098610c984f540f524d854babf3098f96dc","ssdeep":"384:lj8mHIdduiqZ48Td17WAirsD0N6if0wVUkU+OV:GmQduiqZ48Tv9iGifFVUkhS","tlshash":"fd62cf9bd9538e7380930f1843d9f738ae87a46c7a25d08afd06f85d109e6d06009fcb","first_seen":"2025-09-20T05:43:57.426849Z","last_seen":"2026-05-13T13:04:07.26292Z","times_seen":22,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":556,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/5dc29c6aed47ec3720c283738821ffce.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.160Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/5dc29c6aed47ec3720c283738821ffce.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"7806da70aeac080017ff00ccb132f2a6\"\r\ncontent-type: image/png\r\ndate: Thu, 26 Oct 2023 09:34:02 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 14132467261481362850\r\nx-cos-request-id: NjUzYTMyOGFfMzQ5MDI4MDlfMTJhZjFfMjBhNTBmMA==\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDgxMzMxNzU\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3578\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 4276603907933081980\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3578,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"7806da70aeac080017ff00ccb132f2a6","sha1":"8443ced94e2de0bba00e48dd05008119dc0c435f","sha256":"0f2902e79394b80957cc01d3abf9cc2263531356f8e1807d0fe8b9f6d98d52d9","sha512":"4e5e9dadec2f97632b2777bab684e063caae6db452056b9362b4be8bb984bbc690aca5ccc7b1f3c21c408d13ca359debb068e80560d2e17312c01789aee9b22f","ssdeep":"","tlshash":"43717cfa7993d69e803f402c2bbded5866b04669a0cc77fcd608e00b454957d88ee642","first_seen":"2025-01-22T15:28:39.184949Z","last_seen":"2026-05-13T13:04:07.297862Z","times_seen":16,"resource_available":false,"data":null}},"time_used":549,"timings":{"blocked":472,"dns":0,"connect":0,"send":0,"wait":60,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-1.10.2.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.66.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-1.10.2.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-16bb3\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\nage: 1916173\r\nx-served-by: cache-lga13622-LGA, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 1, 8440\r\nx-timer: S1778677214.658900,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 32788\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":93107,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32072)","md5":"628072e7212db1e8cdacb22b21752cda","sha1":"0511abe9863c2ea7084efa7e24d1d86c5b3974f1","sha256":"0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988","sha512":"3aa68568ff2592ead412a0c7f5c39abc37ac562f00b7c16af07cd5eff881aadce77ec71040b36c0ad9c2d2aa4edd7744fa72b0f44cb8b485d4f283b1b49c2141","ssdeep":"1536:L4mCgi8DyCuXXFiJ+L0kJQsJVPEKLQRZdC/RlfDknv+p0WzH/IoSZ7qABZnu0sFv:LGsKXlI2p0WPSbDrstfam","tlshash":"3f93f8ddb2d1b06257bb21bd006f540ff236195e280d8850f129e8eabc74a4d9277fad","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-13T14:22:39.158592Z","times_seen":14587,"resource_available":true,"data":null}},"time_used":472,"timings":{"blocked":177,"dns":0,"connect":13,"send":0,"wait":14,"receive":5,"ssl":257},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 May 2026 13:00:12 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18778\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"64cac444-495a\"\r\nlast-modified: Wed, 02 Aug 2023 21:01:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 381583\r\nexpires: Mon, 03 May 2027 13:00:12 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SQQJ11E%2BQBg%2BrrYYIxCnhmnImeEI74iNfgzGnbIEFAfItkMO5v5XUv%2BtrlJbWGXAbNu7MGO0YJk2vsD3am6wF%2FIcRI4erb9fD84eEpsu8imit1jEjwPCIoDedfbm7VYYFZZUHGmI\"}]}\r\ncf-ray: 9fb1d8450d708be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":102217,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"5222e06b77a1692fa2520a219840e6be","sha1":"8b4236206a8b86af3761a244277663046d7ff7ee","sha256":"0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5","sha512":"cf780ba5def29277f562835b0b3a9129ce2aca8afc81a294d6a9a7f824a1c5bb81bac00d23d42946884606b7821642b12e17a2e92f424171446db2aea8b8340c","ssdeep":"1536:0wMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuuprrlCq:M709gMGFiyPGuuprlCq","tlshash":"09a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-08-04T22:28:10Z","last_seen":"2026-05-13T15:16:39.526226Z","times_seen":40614,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":7,"receive":1,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 13 May 2026 13:00:12 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 5845\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ed9-1149f\"\r\nlast-modified: Mon, 04 May 2020 16:12:09 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 387549\r\nexpires: Mon, 03 May 2027 13:00:12 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r0kiuwRvJJ3YgXsd%2B38WT8raH1njTD%2Bb3xHo1gD2GlHxJPX4XTI8BVyy694G2RPfHOEH3Jrn0yuJiSltxUhOiTsomYVsoeVFM%2BWfZSgHzJesbeaGPN%2Fl6lrZKxWzWT%2BlE5ISuq1J\"}]}\r\ncf-ray: 9fb1d8452dc98be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70815,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e9365fe85b7e4db79a87015e52c3db6c","sha1":"2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9","sha256":"dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56","sha512":"ad142d178576c2d02f5eca2ee22500b369171e2dcb8fd344ef1251efb0c4ec61ecc6063d4535b2f77773317803206f13a224530f8e55b0335d4e251a80e15e64","ssdeep":"768:/KvcqyF7I4rb84dLM+JKvcqyF7I4rb84dLM+k:B/nLMu/nLM5","tlshash":"40631be8e80900d26fb1cc03ef62b7ca1685f0a3f9d10dd8f17a998c29d16551597fab","first_seen":"2023-04-05T03:25:07Z","last_seen":"2026-05-13T13:09:02.025565Z","times_seen":9825,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":4,"connect":1,"send":0,"wait":8,"receive":1,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/reward/lenskont.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/reward/lenskont.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 34516\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 12 May 2026 21:27:32 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HNvRBGJAcMv%2F%2BdSUzYKL3IXEE73eHr6RC5lr7qeLFm%2FWpDhPIytaQBKLsp6DHx9ovTfKETaOnakScK2TOu%2BcUSmeaktOKcNL%2BmdjnX0RezGHiwTakzQx4FdfsIMdJehcKjR2PB4N3ztD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84519355685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":34516,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced","md5":"d32f2127f2d611441ee8652d7a630fe4","sha1":"15906f737d3d2c1b405f8b2a6df8efdd4332f307","sha256":"218268f9c27ec29bcc962b130d4a81af35233578043771da3b167cfd41c378c5","sha512":"cc72e8f0373cd6085060a4eaf43373d4f608c7553df9986d0375fe24a905eb2bdaaed70478bc5fc38bd38bbea3675fd46d542b83ab5867179bef8a1be29e47b0","ssdeep":"768:XmvKawz1rOACY6xLtAj7jUquwFfos7jUglFdXXRkmIkrMBleAwn0T:XmK2ACYStALposjFlRrMSA7","tlshash":"94f2f1cbca64d044c0abba7dc21fcb344b761fec1b97e569b82a05814fba411497bcd6","first_seen":"2026-02-16T13:31:30.377659Z","last_seen":"2026-05-13T13:04:07.260608Z","times_seen":17,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/jestore/footer-youtube-new.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/jestore/footer-youtube-new.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 3955\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Op%2FQnOcN7OCMskgEy5lAKeDmUFhjPOtSzK%2BWvytA1Wmy5vEQwkjgVW70Z6dQDFbh0uTwLWNEE7OmNXKozAUPF1Qzkl0iU%2FPzWziQ1pnLwQHbVqoT%2FmRAE7GG8xXnGBGagvh%2F7MeW%2Bc9A\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84529505685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3955,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced","md5":"b6f18fca57bb1657d719961d350bda7c","sha1":"1e99ce9e9852ea8615b1c8c6f361058019d92dab","sha256":"0e888a266c4ad5136be1cf650faf222ed0d644c54d83068f0dfabc0fae53e90c","sha512":"6d55a83407bbfacbc7b7e56ebfa087040591f46763bf17288ccf4ac9241338b865b437e1a1c12b55e44f9e2d1bfc663ed5a38b570b0887f8832d596c1a8519fe","ssdeep":"","tlshash":"90816ee3ad0ff0c7ea155596ddf7bbf16b80002cc3015267a914511fe6486b34de5711","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.19352Z","times_seen":356,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.harvestsharp.com/images/midaspay_channel_icon/60855adbbdc396b3a4c349f14add0d69.png","fqdn":"cdn.harvestsharp.com","domain":"harvestsharp.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.harvestsharp.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Mon, 01 Sep 2025 00:00:00 GMT","end":"Mon, 31 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"02:6B:1F:32:B3:B2:6F:A4:25:AC:1C:E3:87:90:E7:4A:78:36:9F:BE","sha256":"EA:E9:7E:E4:22:E2:21:19:4A:C6:3B:27:29:3C:BE:BE:35:A4:A6:F4:0B:C6:AA:9E:C6:EF:BC:30:7D:58:11:67"}}},"request":{"raw":"GET /images/midaspay_channel_icon/60855adbbdc396b3a4c349f14add0d69.png HTTP/1.1\r\nHost: cdn.harvestsharp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 30 Jun 2023 11:59:21 GMT\r\netag: \"3b6531a792234bdf9571cd6a8561b6fd\"\r\ncontent-type: image/png\r\ndate: Fri, 10 Oct 2025 03:36:03 GMT\r\nserver: tencent-cos\r\nx-cos-hash-crc64ecma: 13581828408463138716\r\nx-cos-request-id: NjhlODdmMjNfZTgwZTc5MWVfMmQ0Y2VfMTlmNWIyNjY=\r\nx-cos-storage-class: MAZ_STANDARD\r\nx-cos-version-id: MTg0NDUwNTU5NDczNDc5ODQzMDY\r\nx-cosindex-replication-status: Complete\r\ncontent-length: 3177\r\naccept-ranges: bytes\r\nx-nws-log-uuid: 9344900525957889220\r\nx-cache-lookup: Cache Hit\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: POST,GET,OPTIONS\r\naccess-control-max-age: 86400\r\naccess-control-expose-headers: Origin,DNT,Accept,X-Mx-ReqToken,STAFF_NAME,Authorization,x-request-id,X-Request-Id,X-MVS-CSRF-TOKEN,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type\r\ncache-control: max-age=604800\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3177,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 96 x 64, 8-bit/color RGBA, non-interlaced","md5":"3b6531a792234bdf9571cd6a8561b6fd","sha1":"2029d4fccb902e1381170523cd6bbbc62dd77cdc","sha256":"06ef03fd9107c454bce3d7393c802402d4b6254440823fadf5b7d16107b5382a","sha512":"7db8acd72e70105c7d0e1dfdc2defd156a9113f4fbd4ffa49843e3b1de97dd11c05b8b1036715e5680832033d664480918a45aa837c58915883819dd58f406ad","ssdeep":"","tlshash":"22613dcbf715f9a76953513a513eec24521b7d980158c6cccc9bc18fa2c51ee20d5eca","first_seen":"2025-01-22T15:28:39.220065Z","last_seen":"2026-05-13T13:04:07.218913Z","times_seen":16,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":491,"dns":0,"connect":0,"send":0,"wait":26,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/Show-Password.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/Show-Password.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 28355\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zlt8Hy%2BRkZDiIF%2B6yOgZb9pjbjDPr1CqP9c65jdIA8nNwXLF7jbXihiNmbj7sA%2FUw5ctwtv%2B2DjxEfhcVZyIzFYycoDlCEBOgA7uASpKTExzkz622wsw9i%2FGmnjBYd8ufGjKywcF%2FnoR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8477c8d5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":28355,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced","md5":"2fd203703821d5ce5d18bee2a51b779a","sha1":"a78d7b1369ce8bc34de57909af142043cae446f0","sha256":"6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8","sha512":"f889c843a380cef9b5746614b9bc6ab067b483049cc03866953867e1e5ce2b5e1936c965975c88e2352a3ebd0d6a1840252edbf70f01092cdefc7e4cff1868b2","ssdeep":"384:O0uuuuuuuuuuuuuuuuuuuls7IhoG2PkCEbDk4otLQORTaxqw9YLFjKIUjuMYu3PV:D7NGasw4otBaMw9WF5UvjXP3nt","tlshash":"41d2bfe3d7b94ab7c9a53271a150924722221cb901bcb89810c0bf9e673e6cc6e76f11","first_seen":"2023-04-30T19:27:11Z","last_seen":"2026-05-13T13:04:07.256793Z","times_seen":916,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/kotak.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/kotak.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 12543\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:31 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S9dXhg0Nh1%2B9Hw5FeLmdjd%2FUojBHfH4Nu0FziWWOK%2FUpQlpuDvsg2Yro2wB0pmyDXjfADYDQVIqex8O4XpYHuocrh16v3V%2FuSslUEArpwPAhnP7yrIUn5JuCcLkJfTzbmIg%2F1ue3k97L\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8479cd05685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":12543,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 396 x 396, 4-bit colormap, non-interlaced","md5":"96998f93318eeb1ebadbcb472410be96","sha1":"1539b22930c46c466425015b14fdac2b3b2782a2","sha256":"693719b4fc80e357b8adf14a5aa17f3cc4ae6e757ec8c2ad05cf5060eada7a07","sha512":"4d3ad974095d6a2c7e3344d34e621ce855cb1519f9326ab95e5f941d13a38f30686a4dab4729bc2472bfe045559dd0ee0aaf7a37b132dbdb1771d12b2f5cfea3","ssdeep":"384:uFls5m1PVT5RxUaC9w2ggVyX7D1atXIGMK:0s6BxUaqlnVG7D5GMK","tlshash":"6d42cf56208695bde506a3ac595598cf24c1f59db5bab0d7efcb3dc42ace318308b331","first_seen":"2024-04-29T19:19:01Z","last_seen":"2026-05-13T13:04:07.19503Z","times_seen":31,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/style-img/icon_2.jpg","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:13.449Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/style-img/icon_2.jpg HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:13 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13303\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 08:01:29 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=al8qWh3x%2BhWrPwzDSoqSwQZKQToUlAUuVW21Rdl%2FlwTS40SdlMB22skYVGH7Ks%2B2Bu2Utg9intx3ORkJr%2BhMq38zU5JrCjd5ggFr3AIi8zOTXfIGD1LA6kQe%2BKW0YYBYyig4UshG6xsD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d8477c8b5685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":13303,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 554x554, components 3","md5":"7c769800798574703b2bee43f5b6c0e7","sha1":"b57395a2544ceed657b00d088004cda7ddbaa7a6","sha256":"15c67df51c82b0b84d5f0173c405d8e075ea4980ec30613178daa32ef976e047","sha512":"7afb2190ebbbada1c016363039d34d7c70259638903d01e351b7f7d49e8af52e9c180d3a6b1a1910d1f4ae09440ddce2fc504ae4773f963e75d8b8865db6b50a","ssdeep":"192:3OgsGP/QVdegrmi9ZkXE5OMfU1kMQqzetuR9pCAJs8VdH6Zj6m7k1sBZj8fc4d:tsG74mSbgMfUuKzea9C8XHYX7NIdd","tlshash":"7752c037bb2daeb6d669b7718b47075deb76ec20439b954683e23121083c1425c1cfa3","first_seen":"2023-12-16T16:31:33Z","last_seen":"2026-05-13T13:04:07.284849Z","times_seen":35,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.midasbuy.com/oversea_web/static/media/bar_bg_m.5561b110fa7cb24b096a.png","fqdn":"cdn.midasbuy.com","domain":"midasbuy.com","tld":"com"},"ip":{"addr":"43.152.140.79","port":443,"asn":139341,"as":"ACE","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:14.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.midasbuy.com","organization":"CENTAURI DYNAMIC PTE. LTD"},"issuer":{"commonName":"DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Tue, 21 Apr 2026 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D8:AA:29:F9:AE:E8:71:32:E3:53:9B:9A:8E:E0:02:65:B9:87:F3:C4","sha256":"3A:84:02:E7:BF:56:E5:1B:74:95:6D:67:BA:6C:6A:D9:6D:DD:06:3A:50:8C:FA:FF:CA:1C:4C:64:A5:DD:DF:9F"}}},"request":{"raw":"GET /oversea_web/static/media/bar_bg_m.5561b110fa7cb24b096a.png HTTP/1.1\r\nHost: cdn.midasbuy.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-length: 0\r\nx-nws-log-uuid: 9892370360665747193\r\nserver: Lego Server\r\ndate: Wed, 13 May 2026 13:00:14 GMT\r\nx-cache-lookup: Return Directly\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-13T15:33:13.162002Z","times_seen":15117490,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kweoywum.fortoday.asia/54qzQhZJ/img/bg-item.png","fqdn":"kweoywum.fortoday.asia","domain":"fortoday.asia","tld":"asia"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kweoywum.fortoday.asia/54qzQhZJ/","date":"2026-05-13T13:00:14.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fortoday.asia","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Mar 2026 07:23:34 GMT","end":"Wed, 17 Jun 2026 08:00:16 GMT"},"fingerprint":{"sha1":"82:CF:C7:9E:0D:CF:FE:4B:17:8B:52:84:33:14:7D:F7:88:A5:91:F2","sha256":"4D:A9:CD:77:E2:DB:CC:1E:07:30:B7:5E:52:3A:AE:82:0C:14:88:D1:96:D7:F5:77:DE:8F:2F:8D:1E:5A:F1:7D"}}},"request":{"raw":"GET /54qzQhZJ/img/bg-item.png HTTP/1.1\r\nHost: kweoywum.fortoday.asia\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kweoywum.fortoday.asia/54qzQhZJ/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 13 May 2026 13:00:14 GMT\r\ncontent-type: image/png\r\ncontent-length: 20086\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 20 May 2026 00:31:32 GMT\r\nlast-modified: Tue, 05 May 2026 14:14:24 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\ncf-cache-status: HIT\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6hSnoEgSiZUwN5r6BtqB79x5NRSE4HDDQ2sXhhDXuV3TLBIG%2BBmB%2BozxkfdthJh0nnApqJpWwGd7zhZrP3iqVHqElBfgXn0L5Svhrzx0IM8StSfnOxjTGuIWgxZkl8lppR9kXk6PHVab\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9fb1d84f2dd95685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":20086,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1632x1632, components 3","md5":"bdf3142535e0b2558eaa41e064df57a3","sha1":"a1be2fc9d34c0bfb25eeac746e5533e2424be53f","sha256":"87b730c4e7516de36135cc25458deb7b30818e829c6c491f615f26f82b808812","sha512":"bfad575f7cf1a5b250ca9dcafa4bc6dc164730e8cb1fdf5d9a22a822ff5922c129385707936cfdc4b6f596b4abc86be9c0b5e8263c8cc6d7be5307e6caaa210f","ssdeep":"384:WTJ1Mt2wQiy6HIu1d4qlivUMmu19RXJaDOJlWp51mPYKhLyn:yWtd3Iu1d4xz9iElnLO","tlshash":"4e920773eba2a6d7c09c337585cb26393b1a0da7d25c5907a6c90d3478bb354bc4e6c2","first_seen":"2025-01-22T15:28:39.247493Z","last_seen":"2026-05-13T13:04:07.214346Z","times_seen":12,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-13","alert":"Phishing Block","trigger":"kweoywum.fortoday.asia","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-13","alert":"Sinkholed","trigger":"kweoywum.fortoday.asia","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}