{"report_id":"33725e1f-c061-4740-b9eb-1b700f91c44a","version":6,"status":"done","tags":[],"date":"2025-12-25T17:28:59Z","url":{"schema":"http","addr":"www.iwvlrne.top/","fqdn":"www.iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"iwvlrne.top/","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"title":"Cute And Fluffy -","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.iwvlrne.top/","fqdn":"www.iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-29T17:28:59Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-25T17:28:38Z","timestamp":1766683718,"ip_dst":{"addr":"104.21.89.52","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.23","port":36006,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-12-25T17:28:38.820770+0000\",\"flow_id\":599197133200150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":36006,\"dest_ip\":\"104.21.89.52\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"www.iwvlrne.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www.iwvlrne.top/\",\"length\":168},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":552,\"bytes_toclient\":958,\"start\":\"2025-12-25T17:28:38.744214+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"www.iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"www.iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"iwvlrne.top","ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-20","domain_rank":0,"first_seen":"2025-12-25T17:29:00.166596Z","last_seen":"2025-12-25T17:29:00.166596Z","alert_count":22,"request_count":11,"received_data":1731475,"sent_data":5018,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.9","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Backstretch","description":"A simple jQuery plugin that allows you to add a dynamically-resized, slideshow-capable background image to any page or element.","website":"https://www.jquery-backstretch.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript graphics","JavaScript libraries"]},{"name":"PHP:8.3.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Yoast SEO:26.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]}]},{"fqdn":"www.iwvlrne.top","ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-20","domain_rank":0,"first_seen":"2025-12-25T17:29:00.166519Z","last_seen":"2025-12-25T17:29:00.166519Z","alert_count":3,"request_count":1,"received_data":417198,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.3.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-21T22:17:07.06462Z","alert_count":0,"request_count":1,"received_data":3943,"sent_data":463,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-21T22:14:03.270461Z","alert_count":0,"request_count":2,"received_data":33854,"sent_data":1091,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"iwvlrne.top/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-06T10:06:04.608107Z","times_seen":642710,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-includes/js/wp-emoji-release.min.js?ver=6.9","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-04-06T10:05:57.202676Z","times_seen":134363,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-content/themes/agency-pro/js/responsive-menu.js?ver=1.0.0","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b5d40d190923dc7f205d340ff9d0cad9","sha1":"8934485888021b2c625efc84c558f8a2f194130a","sha256":"fb3b989b50094052c794affae01d91e0ab44759f70c6a14f6f7bf00122da88b3","sha512":"67375e020abfe9496032f6eaf645fb3cd4ac1f0ff8f69b45894d09f182acb0ee2f373b4f36dc763a07fc2bfba173e836a3237ba4d1017926fd10e0fd5e06f222","ssdeep":"","tlshash":"18016dbae5c8567002b53058e36e538b277904426f49c801b4bd85a63d9272948f1fa4","size":765,"data":"","first_seen":"2025-06-26T00:56:05.766195Z","last_seen":"2026-04-05T22:42:26.718206Z","times_seen":84,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-content/themes/agency-pro/js/backstretch.js?ver=1.0.0","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"91d4cd427e3b6649cecaa8e689f284c7","sha1":"8bfed4e534efe706b0b20898a9cfd0dcfb2a8a6a","sha256":"579d9d9773858e863e7d802489f84b27b7f557b99900a3c6090a16ce8431ac45","sha512":"8d674a1b4e434f2780c0158308486f3d58255753bc1d269ad61ace7af281b85fd07a594797c552126c8bb280110fee4f8240eeb79c48707bd0822a820db5d07f","ssdeep":"96:2v1TdqYZYYkM6PNLYOM0CUWVJAwlY0OhO:6j5YYAVLq3K6YzO","tlshash":"5a91855b37623143d126e1e9520a4b05fa3518297807751efabc9df198d0d4d127ff38","size":4233,"data":"","first_seen":"2023-03-07T01:25:59Z","last_seen":"2026-04-06T07:12:59.844731Z","times_seen":1142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-includes/js/wp-emoji-loader.min.js","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ded137e976af292be9814f85271ed3f8","sha1":"d1f28369c8fdb4e237af3c06078bc78e68e9f9f9","sha256":"f86aa687631aca364d39eebd45411b0eeb28980fee6d86982d19e482a24b1366","sha512":"afbb03001ed89b276395d698b517fe8fd005d958fb394dec7c2b1dc9fcf3b90cedea5eb18bab48a8e979338f34ac1f7947f1b29ec60a2b6af684701efb83766d","ssdeep":"96:0vcHtHRA5NTDXnM2E0+1lfYsPHgRhR3Sm:BN0LE0+1lfYsvS3","tlshash":"cad1859ae77a38dbb2f900f2697a0d47eb614435d6c8d438c9ada3241cb5893c274b46","size":6477,"data":"","first_seen":"2025-12-25T17:29:05.135833Z","last_seen":"2025-12-25T17:29:05.135833Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-content/themes/agency-pro/js/backstretch-set.js?ver=1.0.0","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c2ca303f41ff142721575617b9691ce","sha1":"5e9d47c9a99c2257ba951132ecd912e502a5df5d","sha256":"112f7f09fce95d9a7ead4cb63fb7b303b6940589b44e6aca824336768faaf9c4","sha512":"c0b30043ef964b6f465cc3a2c92e9cd16e1a2d12e3a8e8edfc91802e1d46c80d2f41a4de4cac61d5be9bba7039210f426a0b6fced8b6f3568d60b5e6bae13e5c","ssdeep":"","tlshash":"95b0927e4568b4c7057351505a320b08a82f3a21a95629812d99697409146782647a15","size":111,"data":"","first_seen":"2023-03-07T12:26:30Z","last_seen":"2026-04-05T22:42:26.73444Z","times_seen":93,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/agency-pro-backstretch-set-js-extra","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"71a5465522e68c5d8aa252ef238de9f8","sha1":"a8936a293f561860030b84eade91097132de056c","sha256":"6e7e175a94d2ef296ca1a237b4ecfb04d8090e0cb16d4df9f48d0497607d52a6","sha512":"6bf1b20ca15e0b235eb2feac542ca51a1e63f5fd0ee9ff4f71c9e9755bd125f19a2a5a87ae4f9ac75b36648189d9ea98623bf96c26c4352ffa618f7abbd78a3f","ssdeep":"","tlshash":"6bd01272c2962cd323a189b032461b73e5ca9449c425665aed9cd16906b04d0d195756","size":254,"data":"","first_seen":"2025-12-25T17:29:05.137893Z","last_seen":"2025-12-25T17:29:05.137893Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"iwvlrne.top/wp-content/themes/agency-pro/images/bg.jpg","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:42.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-content/themes/agency-pro/images/bg.jpg HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:42 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1076610\r\nlast-modified: Thu, 23 Oct 2025 05:29:09 GMT\r\netag: \"68f9bd25-106d82\"\r\nx-powered-by: PleskLin\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xLo%2F9fdhZoWG1K6imd355O53%2BR%2Bpg%2F5GzR1nb6hMC3loO%2FR0m%2BF6LRbllbuEdIXpTBPRUmpM5ITpOzn5Fi5GOpAP%2FZT8REwWO6Qq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e707d5b0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":1076610,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x1000, components 3","md5":"5bb34b61c14b1233c10446720a10dd79","sha1":"5542f26673a7a74188340ab49bbaa463ef7f90e4","sha256":"5425e41c9df64a8004eb92014f437a0d98fab8950b5392bf130e688064a0849c","sha512":"2302971b53facac68b2a04d8f02a2613f2b429c6ab1a886047c59de41558a4ccc81b82a0cc3ee7438daebd81de8687f074b381586384d503583f394730fdb26e","ssdeep":"24576:NZMzGvtf+ayRAl5fkYmroC7VL5ncR+FhbyCTv8DNPI+sKz:EoJiiTi5VyR+MBg+Dz","tlshash":"4b2533ded06276020427e0c962e945f2fcec1f2e96fd7ad737205bd5358768960acb28","first_seen":"2025-10-01T10:57:03.568676Z","last_seen":"2026-04-05T22:42:26.7109Z","times_seen":72,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":155,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-content/themes/agency-pro/images/favicon.ico","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:42.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-content/themes/agency-pro/images/favicon.ico HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:42 GMT\r\ncontent-type: image/vnd.microsoft.icon\r\nvary: accept-encoding\r\nlast-modified: Thu, 23 Oct 2025 05:29:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"68f9bd25-4cd\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5qTDx2r0b2r%2FvNRffxiEk6wgIhtS6TrUk135vRFHYM4nRcopzcpuecQvP%2BSpVr%2Fm%2BsQAFuFAOdKp%2FmFoLqr%2Bzc8Wm4jYqbUG7W55\"}]}\r\npriority: u=6,i=?0\r\ncf-ray: 9b3a0e6f3d3c0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1229,"size_decoded":0,"mime_type":"image/vnd.microsoft.icon","magic":"PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced","md5":"cba861664fdf847f1e7c45001bceae52","sha1":"d704e19f187a12443a19fc9dbf1859dfad1c85ab","sha256":"63e7cb065a5681b17de39d0a049d0e80ec147c2d27f84ec6c8250ff0d01cc1a6","sha512":"648d42470c4f9186dc4581a3f5c1672bb00572a07c1f86b96ced650dfac05ea3ae9aa051a7655f36665990e7e08d958242b056dd18eed3318956f0495367ad7b","ssdeep":"","tlshash":"d921e75163885e68c68ed131c093216680e6029de84ff312f27734f49e10c7c2f3dd84","first_seen":"2023-05-04T09:54:45Z","last_seen":"2026-04-05T22:42:26.735626Z","times_seen":282,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-content/themes/agency-pro/style.css?ver=3.1.2","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-content/themes/agency-pro/style.css?ver=3.1.2 HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 23 Oct 2025 05:29:09 GMT\r\netag: W/\"68f9bd25-a172\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IH5OXb7dTE0ySdPXd1OarLLArG4bnzkVeOyj6pr%2Br4ADE9TQjZkZ3nmfmFVPP8uTTxpI2ZyyzT2SRw9HbmbrvwwQHymOI9j30j2k\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e6bbcec0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41330,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1783)","md5":"aaed45e4ead9fa91a2ab8878ef3e54b9","sha1":"3d8a4959f1024aaabad6bde5570dfb93f2f19ba7","sha256":"cd9bba0460b60b3da02fbf770b204cdf8806d6f58366827f3275ccc80cb40c81","sha512":"165b21141d0178f6e18f771ec310545b7f1f1e2b755ec955aa796e7e5e27afe9fecc6955e9729308d4705d74136717377ce5e705417ceba7910655bfe3c33831","ssdeep":"384:OAk82gj53pX07uBnmuoWtAASJdEvlOdXro8zbBfPr:zV2gNnmqAASJCyroGdHr","tlshash":"800362b2ee903c20d35ed129fac4a272d71d01d6de8d0de9b068916c96c439085fef9b","first_seen":"2025-10-01T10:57:03.58073Z","last_seen":"2026-04-05T22:42:26.730628Z","times_seen":76,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 28 Aug 2023 15:14:24 GMT\r\netag: W/\"64ecb9d0-15601\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9WZ1daobihLHZKbpVaxScjL21qLrrxMqVWUyLlQjwEEQv1UrOZbh8Ih7UcgRxedgmrGhBL1yJhf9AXzxj0KJHDDGVDGS%2FPd%2FVnL1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e6bccef0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-06T10:07:55.618232Z","times_seen":689847,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-content/themes/agency-pro/js/backstretch-set.js?ver=1.0.0","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.582Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-content/themes/agency-pro/js/backstretch-set.js?ver=1.0.0 HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:41 GMT\r\ncontent-type: application/javascript\r\nx-accel-version: 0.01\r\nlast-modified: Thu, 23 Oct 2025 05:29:09 GMT\r\netag: W/\"6f-641ccb65dd340\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TuRnyMGSc4%2FOYA0fGZzsUV7SfXQe0zCDdQJiZc9okrgr0nBvdY4vrR4InNLYSFILkSKSn1k%2BqFs7TfDCAsGef4ah03titiFwqLrt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e6bccf30731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"0c2ca303f41ff142721575617b9691ce","sha1":"5e9d47c9a99c2257ba951132ecd912e502a5df5d","sha256":"112f7f09fce95d9a7ead4cb63fb7b303b6940589b44e6aca824336768faaf9c4","sha512":"c0b30043ef964b6f465cc3a2c92e9cd16e1a2d12e3a8e8edfc91802e1d46c80d2f41a4de4cac61d5be9bba7039210f426a0b6fced8b6f3568d60b5e6bae13e5c","ssdeep":"","tlshash":"95b0927e4568b4c7057351505a320b08a82f3a21a95629812d99697409146782647a15","first_seen":"2023-03-07T12:26:30Z","last_seen":"2026-04-05T22:42:26.73444Z","times_seen":93,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-content/themes/agency-pro/js/backstretch.js?ver=1.0.0","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-content/themes/agency-pro/js/backstretch.js?ver=1.0.0 HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 23 Oct 2025 05:29:09 GMT\r\netag: W/\"68f9bd25-1089\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ok8IhjoHH0brvgSjkE2o3dB2eT1ePrLsEWbtD32QXLiasn7qpQBzq38ZwoXawVR0krl3dWGyv9jtLDvbYt0gQXnGLIxrRxkn117K\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e6bccf20731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4233,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4095)","md5":"91d4cd427e3b6649cecaa8e689f284c7","sha1":"8bfed4e534efe706b0b20898a9cfd0dcfb2a8a6a","sha256":"579d9d9773858e863e7d802489f84b27b7f557b99900a3c6090a16ce8431ac45","sha512":"8d674a1b4e434f2780c0158308486f3d58255753bc1d269ad61ace7af281b85fd07a594797c552126c8bb280110fee4f8240eeb79c48707bd0822a820db5d07f","ssdeep":"96:2v1TdqYZYYkM6PNLYOM0CUWVJAwlY0OhO:6j5YYAVLq3K6YzO","tlshash":"5a91855b37623143d126e1e9520a4b05fa3518297807751efabc9df198d0d4d127ff38","first_seen":"2023-03-07T01:25:59Z","last_seen":"2026-04-06T07:12:59.844731Z","times_seen":1142,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.iwvlrne.top/","fqdn":"www.iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-25T17:28:35.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Thu, 25 Dec 2025 17:28:38 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: https://iwvlrne.top/\r\nserver: cloudflare\r\nx-powered-by: PHP/8.3.28, PleskLin\r\nx-redirect-by: WordPress\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cm5toBNSrJsDRX6b0XiPcHBKG7UGzZbpiX35GUhdaZOs2bUEOyoHGDRgsNhtYWdl%2B0tGSZYjCBOX4zl55fGNY7kU86V0F8My4uLVcZ%2F5eA%3D%3D\"}]}\r\ncf-ray: 9b3a0e47de152efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.3.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":416570,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":2313,"timings":{"blocked":63,"dns":41,"connect":1,"send":0,"wait":2187,"receive":0,"ssl":18},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-25T17:28:38Z","timestamp":1766683718,"ip_dst":{"addr":"104.21.89.52","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.23","port":36006,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO HTTP Request to a *.top domain","source":"{\"timestamp\":\"2025-12-25T17:28:38.820770+0000\",\"flow_id\":599197133200150,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.23\",\"src_port\":36006,\"dest_ip\":\"104.21.89.52\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.SuspExeTLDs\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2023882,\"rev\":5,\"signature\":\"ET INFO HTTP Request to a *.top domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2017_02_07\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"http\":{\"hostname\":\"www.iwvlrne.top\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":301,\"redirect\":\"https://www.iwvlrne.top/\",\"length\":168},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":552,\"bytes_toclient\":958,\"start\":\"2025-12-25T17:28:38.744214+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"www.iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"www.iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-25T17:28:38.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:41 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/8.3.28, PleskLin\r\nlink: \u003chttps://iwvlrne.top/wp-json/\u003e; rel=\"https://api.w.org/\"\r\npriority: u=1,i=?0\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4yhIE50uXrEb%2FvvDJhD%2FoBh3D6UJmDRhxeUOxmKxhcgmx3Vedu5z3Py00%2FJwnDvf%2FAF%2FolyuUhyEAVnFO55DaL4QT0YUL3OByBzA\"}]}\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e55e94c0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.9","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Backstretch","description":"A simple jQuery plugin that allows you to add a dynamically-resized, slideshow-capable background image to any page or element.","website":"https://www.jquery-backstretch.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript graphics","JavaScript libraries"]},{"name":"PHP:8.3.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Yoast SEO:26.3","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]}],"data":{"size":416570,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8832)","md5":"f89076c819cf6b7734a3fa7d9aa36225","sha1":"6ddb5494e1eec8746f948dee792d5ab22ca2dffc","sha256":"63e63cf92a0dab27aefe67491aeeb9e0b8dbe461ab1043b220c8dd0ce5a5a053","sha512":"0ffda64eee93f8355e7657b6577500ecdce9dfe649ad4ff9380641ecd54a1492d1e99a9e8a6cb968f29cc5a3ceaea374eaaba3639b583aed0fb099712344a024","ssdeep":"12288:Mu+mXAzyaUQd4mTltQnKWxYwvQZoHi6skqWo464:Mu+mXAzyaVd4mTltQnKWCwvfHBskqWoK","tlshash":"7594b57be34223bb4b1347c29714766cd22ae65d96c22c4ee08d40d0d79aaf7722b7c5","first_seen":"2025-12-25T17:29:05.127889Z","last_seen":"2025-12-25T17:29:05.127889Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3409,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":3311,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=EB+Garamond%7CSpinnaker\u0026ver=3.1.2","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.574Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css?family=EB+Garamond%7CSpinnaker\u0026ver=3.1.2 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 25 Dec 2025 17:28:41 GMT\r\ndate: Thu, 25 Dec 2025 17:28:41 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3257,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"59c2c764f153fcb1ec0fc9a1c347928e","sha1":"0a3fd6e5bb0adcf623cbec9b39ecfd888ef19c5b","sha256":"557fcb96e56cb794ba5046f1e5df66775059a23d90fa4a9fb41c7583d5fed109","sha512":"9c19cbf650291256f7539b497f56120658a412e08a326e24f72c8c66852f6e5246abfaee8c2c89296b7f89b1507d6932b8e5ef03ac07ea6378691f3eb6158cca","ssdeep":"","tlshash":"ee61f0d00027e940a7831cc153cf7c32df8e61107085a976bbfe2c4caca9d674269b5e","first_seen":"2025-10-01T10:57:03.616892Z","last_seen":"2026-04-05T22:42:26.714419Z","times_seen":93,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":193,"dns":1,"connect":14,"send":0,"wait":33,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:41 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 09 Jun 2023 03:49:24 GMT\r\netag: W/\"6482a144-3509\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G%2Bbdgzl%2Bd%2FB0WI8I88OPmjEe8oXlH227dqlaEDJRJySxjsJTcM6Ec%2FNK9ydd51GWLVZ1NHaTNG%2FM6B0vQcex6nPeThvkK%2BG%2FZNmA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e6bccf00731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-06T10:06:04.608107Z","times_seen":642710,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-content/themes/agency-pro/js/responsive-menu.js?ver=1.0.0","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-content/themes/agency-pro/js/responsive-menu.js?ver=1.0.0 HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:41 GMT\r\ncontent-type: application/javascript\r\nx-accel-version: 0.01\r\nlast-modified: Thu, 23 Oct 2025 05:29:09 GMT\r\netag: W/\"2fd-641ccb65dd340\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iwnH0EsqKTnfdAj0pMszDCNHvjtK6dadSQa86mGEkaw5sJk4ec%2B5EA1jW6FA2%2F3BTs5KmWw5%2FJ3X8T04e0GkovmfDInhh%2FPQdEgR\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e6bccf10731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":765,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"b5d40d190923dc7f205d340ff9d0cad9","sha1":"8934485888021b2c625efc84c558f8a2f194130a","sha256":"fb3b989b50094052c794affae01d91e0ab44759f70c6a14f6f7bf00122da88b3","sha512":"67375e020abfe9496032f6eaf645fb3cd4ac1f0ff8f69b45894d09f182acb0ee2f373b4f36dc763a07fc2bfba173e836a3237ba4d1017926fd10e0fd5e06f222","ssdeep":"","tlshash":"18016dbae5c8567002b53058e36e538b277904426f49c801b4bd85a63d9272948f1fa4","first_seen":"2025-06-26T00:56:05.766195Z","last_seen":"2026-04-05T22:42:26.718206Z","times_seen":84,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/ebgaramond/v32/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /s/ebgaramond/v32/SlGDmQSNjdsmc35JDF1K5E55YMjF_7DPuGi-6_RkBI9_.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://iwvlrne.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 21704\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 19 Dec 2025 18:22:51 GMT\r\nexpires: Sat, 19 Dec 2026 18:22:51 GMT\r\ncache-control: public, max-age=31536000\r\nage: 515151\r\nlast-modified: Mon, 15 Sep 2025 16:29:59 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":21704,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 21704, version 1.0","md5":"29ecccd89bf796bf85a999a9763c12d8","sha1":"41bbbb867157d1bbfc896830e03f4225d303c9da","sha256":"b63448e2680a0dbde70ebb2f3de78f6c515122835491f938e8a8595b46f29210","sha512":"2781b7ee38c4ee43c3fcab3fe77ae218b4eb94640f9e6052286f98b2e2edd4cf9f06b17f49ae79c9cc13f8527410c2e4369d4a9a508b2adbfb33e01534388013","ssdeep":"384:GctkW6iCi8AppRZl5r+t+X+a4xebLNVA937vtMQmZCMbyysczvBG:GXWsApplb+BEb5g37vtMQmZCMbyysAG","tlshash":"e7a2e078b84a66d0b3c126b11abc9adbfb7736ac1048bcb60d96655c01c948c2adc55f","first_seen":"2025-09-18T22:31:34.257149Z","last_seen":"2026-04-06T10:52:12.935945Z","times_seen":938,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":99,"dns":1,"connect":14,"send":0,"wait":15,"receive":5,"ssl":82},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-includes/js/wp-emoji-release.min.js?ver=6.9","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:42.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.9 HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 03 Dec 2025 08:53:09 GMT\r\netag: W/\"692ffa75-58ea\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\npriority: u=3,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bI2c5rQ%2Fd%2Fxv0GTtk%2BUrhFYfB0hw24nXMKk28GuV3n59JBmXWnkaIB9EMZ5fekYeMWU%2FB7S%2B20F%2Fr7NvF4gEv%2BNEg7xlqhbLVArN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e706d5a0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]}],"data":{"size":22762,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-04-06T10:05:57.202676Z","times_seen":134363,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"iwvlrne.top/wp-includes/css/dashicons.min.css?ver=6.9","fqdn":"iwvlrne.top","domain":"iwvlrne.top","tld":"top"},"ip":{"addr":"104.21.89.52","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"iwvlrne.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 21 Dec 2025 12:39:36 GMT","end":"Sat, 21 Mar 2026 13:38:16 GMT"},"fingerprint":{"sha1":"72:F3:66:54:C9:86:6D:53:3C:70:6A:3F:C0:2E:A5:A8:F4:43:60:44","sha256":"A8:43:36:05:61:AC:62:AA:C2:61:57:9E:36:68:96:38:1E:19:3F:91:5B:FA:AD:A5:77:F9:65:AE:D0:A1:3C:55"}}},"request":{"raw":"GET /wp-includes/css/dashicons.min.css?ver=6.9 HTTP/1.1\r\nHost: iwvlrne.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://iwvlrne.top/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 25 Dec 2025 17:28:41 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 03 Dec 2025 08:53:09 GMT\r\netag: W/\"692ffa75-e67c\"\r\nx-powered-by: PleskLin\r\ncontent-encoding: br\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DXT4g4Muk5%2FafTDSkvEw16Hg2TT8aZ1hhH1sBy8esn%2FuOUuZzkXo4Vs9d5Y8spp%2BIijh9cYjGNG1lGmxuoMFzGR7xBU3Mz91QvaZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9b3a0e6bbced0731-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Plesk","description":"Plesk is a web hosting and server data centre automation software with a control panel developed for Linux and Windows-based retail hosting service providers.","website":"https://www.plesk.com","common_platform_enumeration":"cpe:2.3:a:parallels:parallels_plesk_panel:*:*:*:*:*:*:*:*","icon":"Plesk.svg","categories":["Hosting panels"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":59004,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (58969)","md5":"6c05185027c3a169cea5b065ac28b6f9","sha1":"d075b19cf8656586e9a561d00ea64f19ff0218ee","sha256":"26a7e7b9d4bb9948771c126085b99fba6546af4399e6263e8a69a3e33f6271cb","sha512":"ecb2602801c8b16c7c079c8f76b09e7b42d71000ba3968fc8c173f8c88cfe99e3739f1cc0149ddea7e69e04755f9b077c48f622e7ab8275ec8b4fdf040ee81f5","ssdeep":"768:oey/Z24B3P3aXOhUzSv16CAyLquqSfurIdUMbs73KO08QSJ2BQH02CRqxMWs5IJq:ox/ZvB/qPWMiquqioMUXQSJYIMW+IJq","tlshash":"2c43c2b1a74a40d677b0c843af65b26a5582bd7df8409cdef40b821c1af3635069dfb8","first_seen":"2025-12-02T22:25:19.065399Z","last_seen":"2026-04-06T10:25:15.931801Z","times_seen":26408,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-25","alert":"Sinkholed","trigger":"iwvlrne.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/spinnaker/v21/w8gYH2oyX-I0_rvR6HmX23YK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://iwvlrne.top/","date":"2025-12-25T17:28:41.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /s/spinnaker/v21/w8gYH2oyX-I0_rvR6HmX23YK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://iwvlrne.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 10480\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 20 Dec 2025 10:13:28 GMT\r\nexpires: Sun, 20 Dec 2026 10:13:28 GMT\r\ncache-control: public, max-age=31536000\r\nage: 458114\r\nlast-modified: Thu, 04 Sep 2025 17:26:36 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10480,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 10480, version 1.0","md5":"384f7f79a88734e8c84556ae756e5fcc","sha1":"ccbaacd081ae44135b38435c235486aada5d4e49","sha256":"30fed205471d2e627b18975eb3276714519ba417be9fa25be5d4e2b3efcede8c","sha512":"44bb01351b393e483bf1f4a49c950774b575960d56d5901a0a5e554556cb2793527fc9e1e89d53d709c529c93b3f1916f626d89b3e88e7dfe4bf0501207be239","ssdeep":"192:vEr1Fw4GAF+SdPC13mpmyAsBaynGf5/d5du4yocbMi60DIVhFBPLU7e/:vQFHhJCNqohZde4ncAJgIfPAq/","tlshash":"3b22bf610d80cabdf4858f73ac257b0363c9602ab6b54246585cfcb1ee45e2bd46e8bc","first_seen":"2023-05-09T05:08:34Z","last_seen":"2026-04-06T05:30:22.754635Z","times_seen":308,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":172,"dns":1,"connect":29,"send":0,"wait":14,"receive":2,"ssl":139},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}