{"report_id":"3d82feba-b058-4db7-9e09-bd19ea20ddb7","version":6,"status":"done","tags":[],"date":"2025-10-11T23:25:43Z","url":{"schema":"http","addr":"intesaqp.com","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"final":{"url":{"schema":"https","addr":"intesaqp.com/","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"title":"Intesa QP | Official Website Platform"},"submit":{"url":{"schema":"http","addr":"intesaqp.com","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-15T23:25:43Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-11T23:25:22Z","timestamp":1760225122,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.13","port":57052,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2025-10-11T23:25:22.398151+0000\",\"flow_id\":390802956250573,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":57052,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3576,\"start\":\"2025-10-11T23:25:22.355789+0000\"}}"}],"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"intesaqp.com","ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"domain_registered":"2025-10-09","domain_rank":0,"first_seen":"2025-10-11T23:25:45.051029Z","last_seen":"2025-10-11T23:25:45.051029Z","alert_count":180,"request_count":45,"received_data":1502755,"sent_data":52459,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"jQuery:3.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-10-05T22:15:40.094389Z","alert_count":0,"request_count":6,"received_data":407081,"sent_data":2838,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-10-05T22:15:09.164871Z","alert_count":0,"request_count":2,"received_data":37418,"sent_data":1004,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ipinfo.io","ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-04-23","domain_rank":1327,"first_seen":"2013-12-16T07:25:53Z","last_seen":"2025-10-06T00:19:09.516817Z","alert_count":0,"request_count":1,"received_data":1155,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-11T23:25:22Z","timestamp":1760225122,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.13","port":57052,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2025-10-11T23:25:22.398151+0000\",\"flow_id\":390802956250573,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.13\",\"src_port\":57052,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3576,\"start\":\"2025-10-11T23:25:22.355789+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/js/init.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"eee5b49553be731b922c810493fa5754","sha1":"3deced4180a2efbfea993feea10e51cb5e0bea25","sha256":"47f0c19b76743f5b058b894d36a80a6515b14a10beb58532fff557f0bbde0f17","sha512":"a0b361bd5526366779ba52195f9f9363efd2ff64a2e0ed12c129bfc76655fc942239fc40e6c832245628e20ac2c5a9aa86761f7eeeb92f0048e9207d17e5ca01","ssdeep":"","tlshash":"4fe026295ce9501a10bae4ebde6f4906e226005b46404a48bd8d0d550f5023c55bee28","size":428,"data":"","first_seen":"2025-04-08T10:05:49.333394Z","last_seen":"2026-03-08T19:49:45.593649Z","times_seen":2840,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"e42775d6a903a6037e3096277eec4952","sha1":"bda36e587d25b6ac664173c3f7c76bddb4545d0d","sha256":"ae62d9c1ad8c4505ee0c9f99af1f98025e135e7703faa0cc7959f10049d1b6ba","sha512":"b69b437531facdac136dfb39692fc80765f9714508a7cbf0d317d88b9774cbd2460022360fe1a0360b528fa21a762ec047b702e7a11e5e2f99718a6f5426e59a","ssdeep":"","tlshash":"ebc0221102504420033b04bfbbd3a38421624037a8c0d8e27b0c88096f4008b96bfaa9","size":187,"data":"","first_seen":"2025-04-08T10:05:49.36518Z","last_seen":"2026-03-08T19:49:45.612005Z","times_seen":2831,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/en/dist/js/script1.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"3d0892d336959ffc3116f3c85ac1f1ca","sha1":"ba9dafbc2165b509325094c33f1ebe7458fe68be","sha256":"a82f48e366c855affe0c103158ae6b6d02923e633e95103bd196f2195790788e","sha512":"e88ed3b2a9ba03f7cc54f8c6cf3315156024974eba16e9f3e229dd99acff29c467f5555a6bc2a7ee55e12e835703b7d87f8aac29aa0b0ba6c20cc53ee45d9c1c","ssdeep":"384:uKWwubC7r3oQIrc6ZhTnJ4NjEgcMwPTa39F54Z/+w2fSLaBASB7V2bd4328DYSlS:uKWwubC7rYQIrcenJojEgePaX4Zr2fS/","tlshash":"ec72c5da328174a20baf20dd407e5547f2281899f44a90acf62d9dfd3d2988631b3f7c","size":16817,"data":"","first_seen":"2024-12-15T07:55:37.941654Z","last_seen":"2026-03-08T19:49:45.589996Z","times_seen":3034,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/?callback=jQuery311022741362383749752_1760225122182\u0026_=1760225122183","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bae060dbefe0203899a241a08b9fffbd","sha1":"c3c03d3df5ee03c264e96cec799c4067962f3f02","sha256":"edf66667f4db38b80b186bd209992e0aaa35946fc004cd92d40adf9a8988873e","sha512":"9c19a936ba54846c995a7e07d894df8bc63678d1995b5d7081aaaf64013a43612dca6df90c30bd4897abfa21bcc7abb4974419425846e5c8ba1ded995ba075ca","ssdeep":"","tlshash":"9401cb2720782b3abdbe428840079e0a33596d2b018175964ea25f1c5049abb706036e","size":674,"data":"","first_seen":"2025-10-11T23:25:48.284906Z","last_seen":"2025-10-11T23:25:48.284906Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/utils.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"be8412b24dc2374a8eb8c446774e2765","sha1":"c98f7005e9dbd00ec118c3cc2370bf3bfe6cf8a6","sha256":"8d6246375bc856c30649b3e800b02a22d913a7f03f08d92a7b2440824ff2ce9c","sha512":"070efefcd7228793e742ac76bbbae58d49ad8de94cd56863838f97955bfd86dbbd53eb41b1ff2aa59eaa3e6aeeabd5334e622824a48234d8997b6db397c79004","ssdeep":"3072:9E030DWujFs3OwPss3MwPaPjq09Q2xFM8M0TrpEBW6cC56kmLxTg/QKWVSpDUkzy:9E03+WqHjvxFM8M0T7IUT","tlshash":"0044f0ebd63c9737a1e87b35968eb3cd5a8cbca3c858567826c3b54f52784e0706c205","size":264516,"data":"","first_seen":"2024-11-14T19:07:22.956908Z","last_seen":"2026-03-23T15:52:20.858655Z","times_seen":4244,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d7c34c441a0c73f54b225cc51f30de1","sha1":"f0b6bee317c54aa421626eac803f682cb1b06fe8","sha256":"5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7","sha512":"ae4eea7dfe62cd0ac55c3ea87ddd3f1da2a0e8514657b3a7bd608d64d95d6776522f2ecef700dc0a8eb83bded5602b5b0bd22103e2b71948d00525eea77c93c5","ssdeep":"768:3Pn03Xlqn/kiICXpwJx3ycC/nFjjB7dH24y4Js:3+iIfycCxB7dG","tlshash":"4bd2e6aeb3652b37a7fd82a260a50543af7f79444604042d7cac8ede1298ed171f5b38","size":31113,"data":"","first_seen":"2024-11-14T19:07:22.945119Z","last_seen":"2026-03-28T07:52:11.702391Z","times_seen":4315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d7c34c441a0c73f54b225cc51f30de1","sha1":"f0b6bee317c54aa421626eac803f682cb1b06fe8","sha256":"5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7","sha512":"ae4eea7dfe62cd0ac55c3ea87ddd3f1da2a0e8514657b3a7bd608d64d95d6776522f2ecef700dc0a8eb83bded5602b5b0bd22103e2b71948d00525eea77c93c5","ssdeep":"768:3Pn03Xlqn/kiICXpwJx3ycC/nFjjB7dH24y4Js:3+iIfycCxB7dG","tlshash":"4bd2e6aeb3652b37a7fd82a260a50543af7f79444604042d7cac8ede1298ed171f5b38","size":31113,"data":"","first_seen":"2024-11-14T19:07:22.945119Z","last_seen":"2026-03-28T07:52:11.702391Z","times_seen":4315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"ac3cde2d85ed9ac8902a60f7c8f8d12f","sha1":"682a3690ed88c99855e612c25ce450903812f788","sha256":"d916279d790ecb70e94c50dd7695d2812dbf7a58b5b82a581a4f54fe10ba8c6d","sha512":"63523de0164c26f1d8873d1232050485931c6c013902b54690c56bc6018e91f41a7f9d885fa1cfec4ad252d8de3a79e5ea7154e08a1a79123d7f7431ceb2ba57","ssdeep":"","tlshash":"9cc0121102504421033a05bfb7d7a38565664077a8c1d8e2969848496a5148796bfaa9","size":177,"data":"","first_seen":"2025-04-08T10:05:49.365964Z","last_seen":"2026-03-08T19:49:45.613035Z","times_seen":2827,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"43cb7fdd8c6b65ac47a7744f384eb61f","sha1":"411a7ae7ac03b98a9c74c0288a2217d0c872db19","sha256":"1f15ca22a1520682c15afb82ad2fe5948e844527491a8ab9a7a25dba9f008117","sha512":"d097cc7c9641dc0418b15e63641a36c57413a5adb0f8ff06443c194eb02f3dfe4ac6b5a347cba2bc66173a7c8209c06b850765a5490a8e4e58bb95874e23ad23","ssdeep":"","tlshash":"99f0ec3400b44036c113579739ce7ec0511114b7a14c9c99775f860eafba8b00d792d6","size":474,"data":"","first_seen":"2024-12-15T07:55:37.981429Z","last_seen":"2026-03-08T19:49:45.614216Z","times_seen":3309,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-04-03T19:30:54.29811Z","times_seen":232736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/da/dist/js/jquery-3.1.1.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","size":86709,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-03T19:35:04.092003Z","times_seen":138340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/da/dist/js/uikit.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"749a2dd79038dfbb16587c3067fb9291","sha1":"d1ab89b4fdace3c084baa45bc031ee29ca84a788","sha256":"9523eead7091f1929fd1c309a8df06cf02821bc7ca282f5d086d5ca2cdc164e5","sha512":"72b90e5809fba9e10b4cbfcf29656ed41a37ebcc674cd7b96748d84814a589ff1d64021a52d2928f8bf5a7c6a41041044606a1729a4b50b33e8170a93dc66d1d","ssdeep":"3072:NFR0qgTMS7E2qsR+0HWH83vagarqnlXN8O:NT0t4So2q4+MLabrW","tlshash":"0ae30a9733a5b02543e742f510ab4606f3395984b80b84dcf67caada3869849727ff7c","size":146716,"data":"","first_seen":"2025-04-08T10:05:49.344419Z","last_seen":"2026-03-19T10:32:07.745292Z","times_seen":2871,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/js/jquery-3.1.1.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","size":86709,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-03T19:35:04.092003Z","times_seen":138340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"12e6cebaa36f0e69ac1d943d22f5e817","sha1":"f3e3bb39707c9519c873d47253771b1c10cc13fe","sha256":"414f038e40be940c8ea174addb48a8efcdac5072c0bd05804f7b725e325826fc","sha512":"100e9f4974bc66e7cb0125fa1fd8e4c65db5a3fa86dfb079943dc3b902d63a587ba45f38913df33f0af773fbc5f02e6ba6a0e1000dbee790d8ba1faae7702aad","ssdeep":"","tlshash":"fdf0e94446fd10e0034fb27faaab5f863130408f60044e0a3e2c4fe43f65c655ac57e4","size":557,"data":"","first_seen":"2024-12-15T07:55:37.983784Z","last_seen":"2026-03-08T19:49:45.615073Z","times_seen":3228,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/en/dist/js/jquery-3.1.1.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","size":86709,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-03T19:35:04.092003Z","times_seen":138340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d7c34c441a0c73f54b225cc51f30de1","sha1":"f0b6bee317c54aa421626eac803f682cb1b06fe8","sha256":"5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7","sha512":"ae4eea7dfe62cd0ac55c3ea87ddd3f1da2a0e8514657b3a7bd608d64d95d6776522f2ecef700dc0a8eb83bded5602b5b0bd22103e2b71948d00525eea77c93c5","ssdeep":"768:3Pn03Xlqn/kiICXpwJx3ycC/nFjjB7dH24y4Js:3+iIfycCxB7dG","tlshash":"4bd2e6aeb3652b37a7fd82a260a50543af7f79444604042d7cac8ede1298ed171f5b38","size":31113,"data":"","first_seen":"2024-11-14T19:07:22.945119Z","last_seen":"2026-03-28T07:52:11.702391Z","times_seen":4315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"1a50d2e6e8e90cc82b217a9205646058","sha1":"5f70f6bd6e4d85fda05bbd5662a53de02c245670","sha256":"c43c08de88fca1e8209b1e7d2244b09184cf801d0fff419bb26409619645ef0c","sha512":"fedffdb1f9d9d9e53dee603951c65450de258a7990955527445764d727a544f1b7f7143de5f9823a2249568e0df449331954777c7b6fc248ca3f84212a558302","ssdeep":"96:ySvWs+v+JV89Xlt6jyJDjYo6M2Jz2i3/Js3:9vWs+vbdlvJDjYo52JCi3/O3","tlshash":"74c1208a35b127699a33747967cf5100262aa16b4440ec417ddd4be02fc8eac27b7bdf","size":5642,"data":"","first_seen":"2025-10-11T23:25:48.333673Z","last_seen":"2025-11-01T18:57:45.412336Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/js/uikit.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"749a2dd79038dfbb16587c3067fb9291","sha1":"d1ab89b4fdace3c084baa45bc031ee29ca84a788","sha256":"9523eead7091f1929fd1c309a8df06cf02821bc7ca282f5d086d5ca2cdc164e5","sha512":"72b90e5809fba9e10b4cbfcf29656ed41a37ebcc674cd7b96748d84814a589ff1d64021a52d2928f8bf5a7c6a41041044606a1729a4b50b33e8170a93dc66d1d","ssdeep":"3072:NFR0qgTMS7E2qsR+0HWH83vagarqnlXN8O:NT0t4So2q4+MLabrW","tlshash":"0ae30a9733a5b02543e742f510ab4606f3395984b80b84dcf67caada3869849727ff7c","size":146716,"data":"","first_seen":"2025-04-08T10:05:49.344419Z","last_seen":"2026-03-19T10:32:07.745292Z","times_seen":2871,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/images/shape-02.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/images/shape-02.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/frontend/assets/fi/dist/css/main.css\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 891\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":891,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 259 x 259, 8-bit/color RGBA, non-interlaced","md5":"27e04debb85a890c4257f4f2191ccd4e","sha1":"09c62507cfbed0678cf5e35293277acf0511afec","sha256":"f5d4b2a6e469f0fec42efb17c82bad92760ebc401fbc975ebbb30972a3e90981","sha512":"2fe65a3be8b5da7aec3b2af4ff8f8afeec414c1bb138457151e006db73c0f80f3fd67c100d3e4675cf7c579998d0baecc19ff01c0320fcf0f860313489c2045d","ssdeep":"","tlshash":"011165c1a32d0c66c87b1c3c487c42e0607b4dfa4710649521a0ea24abadc60433cfe8","first_seen":"2025-03-03T22:55:46.441354Z","last_seen":"2026-03-08T19:49:45.594244Z","times_seen":2846,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":230,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/css/intlTelInput.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/css/intlTelInput.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"403c-QBsg/WGPIFw7qhwA2rXqpFy0oOU\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 11 Oct 2025 23:25:21 GMT\r\nage: 1639441\r\nx-served-by: cache-fra-etou8220140-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 2666\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16444,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"31cc7c1401a02ca75f8e903777df602a","sha1":"401b20fd618f205c3baa1c00dab5eaa45cb4a0e5","sha256":"04a435c7d3f367d9816544975c24deb53596f62f801d8a1f208d4e55cc7c4277","sha512":"13f510ea338392976fc33b28c2b7392e44ee0640bda2a0f1f7a7148fdbfd4f9aa47bf24b15bdd103f3c0be1cc003dc38adb3041dff2247d4873db62cc2a746d9","ssdeep":"192:WzvSqT2sd5uVsAPRY6e5yE9y3tzEUbyhG/JYyiKdjr+/TEHRik1B3EBu:4v2sdk1RdE9y3C+Rd3+/TyH","tlshash":"f3728c2742b41d3ea75dc1ba38a2c4f5733f588a70aecc96eec8100e5c87791a5ebc40","first_seen":"2024-10-22T10:29:57.919158Z","last_seen":"2026-04-03T19:41:14.343937Z","times_seen":5478,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":17,"dns":1,"connect":17,"send":0,"wait":14,"receive":1,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/en.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/en.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 530\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1290,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a60a1cb88e021acfa9dae480687c55b4","sha1":"0badf2ca702eb29df29786296160d68ec247af9d","sha256":"c1fcc7d1f18d3597c793170b12cf568207e5d13ad0c2778fd165d33be41c05dc","sha512":"354c148d992a22b729fa7b5736d0f3bde4b477aeaa9d157d692fd190dc57f566f11e2741775534f5a69c3c499e3d8482da01800db5cda5bb95dc5ad49ed88ec4","ssdeep":"","tlshash":"c821ddd2495459c08d8a037cdf1f6bdb72335cce3a584af832d53a165d90bb7341ad85","first_seen":"2025-04-08T10:05:49.355682Z","last_seen":"2026-03-23T06:40:05.851434Z","times_seen":3557,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":229,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/nl.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/nl.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 355\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":355,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1932756ac7767c2f33986237417d8731","sha1":"84a604da4f8df24af728a73685c4cc2cad9de962","sha256":"8ca8a2dc879e29edd00a08bffc8d825f67d0988e55538d52e43861bb3af22f83","sha512":"9138b8b056aa4c5a5e0179ba58175ec8b98b2aa66b2a9f0bf17e2defed3b441f9f0d5d91a463bb45ed6f002c6e81d85730338890c3990a604677ded0bfdff8e9","ssdeep":"","tlshash":"d4e0d886a4e989095a1947694eec71d6406270ce218d01fd70853529fe4d3db2451aa8","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-03T12:51:26.974251Z","times_seen":4970,"resource_available":false,"data":null}},"time_used":401,"timings":{"blocked":340,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/tr.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/tr.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 520\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":520,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7af14a6fd5253f05724502662d478fac","sha1":"df6f03167492046dd2f02e3e005e66201f80ceb9","sha256":"f101fe5cf7c2fe25bb1d2c7efcacb8acb52c90561497576f2f16be8a5d628315","sha512":"a1b4e0fca3d92adf4b6bd1473bfaceb5d1877c682378f84bd862e54927c9bea34b0781cb4e1cc5d44ce637887ac93a30465496e63b94169ac15cd1c155396802","ssdeep":"","tlshash":"c2f0c0d91a78c4ddbf4647314d3db0d92639209f399900b830c96529ea6a24b2401904","first_seen":"2023-05-07T18:03:13Z","last_seen":"2026-04-03T12:51:26.912536Z","times_seen":4214,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":454,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/images/003.jpeg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/images/003.jpeg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 122335\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":122335,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 1280x854, components 3","md5":"218c636203cd00338197ad66487eb7b2","sha1":"749d287f9e373e6953a2de91536c770b96bff6df","sha256":"6ce49eeb47f95816e46cc6c916dc0b10374fa7cec716cd3633043ae31c8a33bf","sha512":"fbc60d5a2dae988e4f45cc5412682d4e71a6d3b31de8638039f39bde7f9f1f1ea8d750e3631c43e9ea1b09619171dbb808bdcae582e83d07f53fa0afb82ff39b","ssdeep":"1536:fyFN/uqvLg86nAmzc2U9q5iH9K0GC6mIBH1dxPxjkPLzg641G1WmtRMlEozvdZji:aHuqzLRcEdiTdpjeL9WmtRizvdTc","tlshash":"d2c31297402e64f346145bad2ce30a67c11c6e46b0a371bbd320df5f2ad47a1e8ec978","first_seen":"2025-03-03T22:55:46.448953Z","last_seen":"2026-03-19T10:32:07.736611Z","times_seen":2867,"resource_available":false,"data":null}},"time_used":714,"timings":{"blocked":491,"dns":0,"connect":0,"send":0,"wait":63,"receive":160,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/images/shape-01.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.693Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/images/shape-01.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2095\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2095,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 135 x 135, 8-bit/color RGBA, non-interlaced","md5":"97f200d647fc0084df2e5f2693808ab0","sha1":"b89bbd2efa3d8420d003feddef25cdba90944013","sha256":"9b2db7e9abe44409d5e2e26da4340428646b53007ccbc5019ebc7e1eb64182ce","sha512":"b08bfd95747458100d88d4f28a7de11c46acccb813a2b891a801c8b323e25ead16f5fe60dd7e289d02b51e22db146ac7c220e356aed607d3ccb0c4c976a46485","ssdeep":"","tlshash":"82414cea01cafd0ca1dfdf3c82a23095747cc99d4e13e51ad40da71b22b02c4e91b904","first_seen":"2025-03-03T22:55:46.451256Z","last_seen":"2026-03-19T10:32:07.752611Z","times_seen":2867,"resource_available":false,"data":null}},"time_used":564,"timings":{"blocked":502,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/images/stars.jpg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/images/stars.jpg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6035\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":6035,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 115x21, components 3","md5":"5ef4c4c641d720352707829c91ee4f65","sha1":"b3303a5978c705ace5a95b2b46469d88658ec5a3","sha256":"3dadcd11ba2b9f4c335b4131fde40367edb9f9bae6387a38b33c4bd3282dcd9e","sha512":"12ef2001b660bfbe96318f18e730345dc1bfb29e441a597610addda396617fbd4273a291a01ca1cb0afeac04fa28b06cdc9f1ebf3398a579dd153c7aa0bd185a","ssdeep":"96:qP2N1VQ//16UJwJSZJCc8oyKaKJVJ7NHpucs70MQd4sCEO4UA74Dxsbk2udeG8lI:VXuJTZxwXS+ckQase7DaoBdUW","tlshash":"2dc16c426d53c684e8cbf93158b6022e42af234e689330aa99d8c415c5700f6dee2bd9","first_seen":"2025-04-08T10:05:49.332507Z","last_seen":"2026-03-19T10:32:07.74183Z","times_seen":2856,"resource_available":false,"data":null}},"time_used":572,"timings":{"blocked":508,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/js/init.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/js/init.js HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 10 Nov 2025 23:25:20 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 428\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":428,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"eee5b49553be731b922c810493fa5754","sha1":"3deced4180a2efbfea993feea10e51cb5e0bea25","sha256":"47f0c19b76743f5b058b894d36a80a6515b14a10beb58532fff557f0bbde0f17","sha512":"a0b361bd5526366779ba52195f9f9363efd2ff64a2e0ed12c129bfc76655fc942239fc40e6c832245628e20ac2c5a9aa86761f7eeeb92f0048e9207d17e5ca01","ssdeep":"","tlshash":"4fe026295ce9501a10bae4ebde6f4906e226005b46404a48bd8d0d550f5023c55bee28","first_seen":"2025-04-08T10:05:49.333394Z","last_seen":"2026-03-08T19:49:45.593649Z","times_seen":2840,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/css/uikit.min.css","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/css/uikit.min.css HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 10 Nov 2025 23:25:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 27560\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":271195,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65532), with no line terminators","md5":"069dab2087cfe449dfab0443912c3427","sha1":"8de1ba9ba591cccbdcc89e4a3b909ba94493a03f","sha256":"14aad0bfb03b7a363818478e72ed1ae18a1f4e9ce89a4a4ffdc7e9c0b6e753ea","sha512":"ea30982d4bd17d1f189ed8d5a5abe5a4b215d5fbd401c0b64ad87d02434c171d0c8a1ea3c7c405983ac066a007920fcfb5860cfddbc8ce75dd124f336689c4a2","ssdeep":"1536:2OJ9WL6OOSnCEirktQ/22n9s6kxhoCror9ACQgv6:2MSnCEiC2nS6kLog","tlshash":"1d442094a24479fe8d37059b90a8b5fdf7998d01b23a2ef7b6ee82c14e457430135c8e","first_seen":"2025-04-08T10:05:49.34209Z","last_seen":"2026-03-19T10:32:07.733768Z","times_seen":2872,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":73,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/hr.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/hr.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 982\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"41a7b90f600ed32eefb5e620a4f653fc","sha1":"7a6ab7cfc55a1239de75e073430c9634d5c18746","sha256":"63e36970eea32e52849d7b4d3a15d1da36be12ad3078df8c2b848aa7e9baa19b","sha512":"004bddcda655838947c0922be1f74ac3833ca444f3c872c9432232e5660f7ca9288c87acf2d1df19a21a768ae8a04e3f67278f7b6be4998a5e0355f279ba92dd","ssdeep":"","tlshash":"261165dec411043c410b39e6ae9b0bd989b767ac43520a45906db49abc795043ee49a5","first_seen":"2023-06-13T00:33:19Z","last_seen":"2026-04-03T02:42:57.92216Z","times_seen":4094,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":276,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"7989-8La+4xfFSqQhYm6sgD9oLLGwb+g\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 11 Oct 2025 23:25:21 GMT\r\nage: 1601566\r\nx-served-by: cache-fra-etou8220024-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 11767\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31113,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30745)","md5":"8d7c34c441a0c73f54b225cc51f30de1","sha1":"f0b6bee317c54aa421626eac803f682cb1b06fe8","sha256":"5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7","sha512":"ae4eea7dfe62cd0ac55c3ea87ddd3f1da2a0e8514657b3a7bd608d64d95d6776522f2ecef700dc0a8eb83bded5602b5b0bd22103e2b71948d00525eea77c93c5","ssdeep":"768:3Pn03Xlqn/kiICXpwJx3ycC/nFjjB7dH24y4Js:3+iIfycCxB7dG","tlshash":"4bd2e6aeb3652b37a7fd82a260a50543af7f79444604042d7cac8ede1298ed171f5b38","first_seen":"2024-11-14T19:07:22.945119Z","last_seen":"2026-03-28T07:52:11.702391Z","times_seen":4315,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/hu.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/hu.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 359\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":359,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3621c5eb449691cbe1d3bc8757c831a1","sha1":"e7e3674fe42359cc9a376e543d7548418071aea0","sha256":"2c1380bd6fb1a88cabcae439eaf960d4dffa929a74cfe3d44f7552084fc1150b","sha512":"7c66bd80019b994685400d020e37d38ba3c45ee3cec449b83bf8a2e8d08d346e03d6245e81f9b868eab42325782107cbf837f3c057efb2c83a5151b22b1104c7","ssdeep":"","tlshash":"61e0d8caa9e9c90e9a1947694eed71da416270cd21cc01fd71843528fd4d3ef2411764","first_seen":"2023-05-29T23:05:28Z","last_seen":"2026-04-03T08:56:34.785621Z","times_seen":4080,"resource_available":false,"data":null}},"time_used":399,"timings":{"blocked":336,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/no.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/no.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 424\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":424,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ebe2b7f4aefa3c8869fa9f0a402210bb","sha1":"dc0ceab0f048a8c8ac97e3277f2ed237b974f005","sha256":"7021694edfe47096e0aa9a5ea85a6851181f723ae3a8806779a8e01702325804","sha512":"f176bd1aa2416960b0eec285da0b91e983a162a1d475bac76786b33ab0aede45783d422ce4d909b62ee6e6ba1fa55bf5b6b6ffcdf2463e305941e2d804073da5","ssdeep":"","tlshash":"d6e0e5809b9d1a6da91283a41ddcb885022b70e6328c0ced658dae987f412eaf466264","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-03-23T06:40:05.860079Z","times_seen":3695,"resource_available":false,"data":null}},"time_used":459,"timings":{"blocked":397,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/en/dist/js/jquery-3.1.1.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/en/dist/js/jquery-3.1.1.min.js HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 10 Nov 2025 23:25:20 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 29238\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":86709,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32030)","md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-03T19:35:04.092003Z","times_seen":138340,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":75,"dns":0,"connect":0,"send":0,"wait":73,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 11 Oct 2025 23:25:21 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 1466\r\ncf-ray: 98d21dc3ae2256c0-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e5d-841a\"\r\nlast-modified: Mon, 04 May 2020 16:10:05 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 675350\r\nexpires: Thu, 01 Oct 2026 23:25:21 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=sXaLrstt9yHUQfiJQVTVNHNbfOHW9Tgwc0NJCXqMhl7Aq%2FXo1zgrSuklKMoCs0z%2BIwBBxQlyHINZCXmQFYlYQpej6%2Fs7xkNpHo847prBHK%2B8P%2BXrg4Gb5JOTnzi6%2BLpKQ0WDTHli\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33818,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (33818), with no line terminators","md5":"79fb36dda0a235254c3e31bf00b57065","sha1":"89eb6d6adc16de57dda315fb2b5602bfe5728ccf","sha256":"623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c","sha512":"c5b2a3dfc61a9b039ad72c82f604c52c4c616db57aafc599c1a11861869e75f534828b10ba772fea9ffff737232b534eda7915fcdbf95f94e433fce33a795cfb","ssdeep":"192:o5B9y1dbzi85+DkROJup2j0S+iSM2nTMVZVJggtfQxK/dySeOW:ldK85+DkROJup2j172nTeVJgAfQxOBW","tlshash":"dae2f963da83e41fb60756337a167618a3df2492db814f2a34bf52b1d576244343afb0","first_seen":"2023-04-05T03:09:34Z","last_seen":"2026-04-03T18:28:31.843022Z","times_seen":6154,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":5,"dns":0,"connect":1,"send":0,"wait":11,"receive":1,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:22.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 11767\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"7989-8La+4xfFSqQhYm6sgD9oLLGwb+g\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 11 Oct 2025 23:25:22 GMT\r\nage: 1601566\r\nx-served-by: cache-fra-etou8220024-FRA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31113,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30745)","md5":"8d7c34c441a0c73f54b225cc51f30de1","sha1":"f0b6bee317c54aa421626eac803f682cb1b06fe8","sha256":"5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7","sha512":"ae4eea7dfe62cd0ac55c3ea87ddd3f1da2a0e8514657b3a7bd608d64d95d6776522f2ecef700dc0a8eb83bded5602b5b0bd22103e2b71948d00525eea77c93c5","ssdeep":"768:3Pn03Xlqn/kiICXpwJx3ycC/nFjjB7dH24y4Js:3+iIfycCxB7dG","tlshash":"4bd2e6aeb3652b37a7fd82a260a50543af7f79444604042d7cac8ede1298ed171f5b38","first_seen":"2024-11-14T19:07:22.945119Z","last_seen":"2026-03-28T07:52:11.702391Z","times_seen":4315,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/images/cropped-Favicon-32x32.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:22.648Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/images/cropped-Favicon-32x32.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:21 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 609\r\ndate: Sat, 11 Oct 2025 23:25:21 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":609,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"f17b2d52496a7b6283c91478bcb1d51f","sha1":"c497b97a94a45f2de7310d4722a10c6c54abfacc","sha256":"06a0640bb63a5e1ffb8e6204b8bc4b267997a6a5c0834d2e54cdc5cfe5c2d3c2","sha512":"22a93460f5dae42f5005a67ce62f2f46ab640c060b14a07819a84cc3bba6bb8a12a7cffbbe751a4f24fe32e27144739c7f4bd310d5513776d462f3d0637a08eb","ssdeep":"","tlshash":"3df062dd15d0280942e6e6f2db4f0467f887ffa102ca105cc1a07ce9f1868a174fab05","first_seen":"2025-03-03T22:55:46.45545Z","last_seen":"2026-04-02T10:01:19.651681Z","times_seen":3275,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/en/dist/flags/en.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/en/dist/flags/en.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1767\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1767,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ec7233b5c80e5db85f7733b2ec25203f","sha1":"d4c36fff06dc7d920b10eb13b58ea9cd9321b430","sha256":"347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40","sha512":"89e59fa7fdef1f61485176467fd127acf55424aefcf78aca5c3944e59f0b802591587c9d90c4ff158f955b74798e933b41c84fd0d3842fa4600ec8b583c113b4","ssdeep":"","tlshash":"693109cf0b91610bd9cba7827ca71c17366659d422a7be1b4bda0dcc7f85c2ad004e38","first_seen":"2023-04-08T21:50:50Z","last_seen":"2026-04-03T19:30:26.395635Z","times_seen":5504,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/cs.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/cs.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 374\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":374,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0fe0a2e4225eee5dd8a3c73a5ab5a312","sha1":"c930c1341640bee697cf50053721ddfd750dae2e","sha256":"2a3a7fa3da584643cbac6234aa452705982f50454ed0a259d8c8cd6a9c2fa8c8","sha512":"92390117a5b345c7f9123d5d06839d95959664b32e621961e0d28a353ee515df51a446563354cf9f3911acbd0032a0fb61b1ca356250262157aae05dc907fe8e","ssdeep":"","tlshash":"80e06889a0e88e094e1803b60efcb0d5612330ee208d02ecb0c06619e9197cb2808ee8","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-03T12:51:26.9032Z","times_seen":4143,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":175,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/sk.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/sk.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 739\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1637,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6ed3cf547a2f8579e45330fde3095537","sha1":"dfc6023844bb5a110c3d9219c82dd326940ae055","sha256":"c1b338efd99956c2ae0c62fcf559b2d956fa11f71751985d62c9942b061dad6a","sha512":"4ed0e6912bfa55a7bee5b4f6318c3878bff3bf23d5a220225b5e19d207d7f55bd816f06dfb8daf8a5eb4c2e266d0fcce8f40d0f797c81d97a2517e5eba2a3be4","ssdeep":"","tlshash":"193176c55178aa4849c7a76fde7cb8959015a0fd21f940fd7a4a470c956caceaf00cb4","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-03T08:56:34.942111Z","times_seen":4068,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":454,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/images/background-5.jpeg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/images/background-5.jpeg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/frontend/assets/fi/dist/css/main.css\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 106073\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":106073,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x665, components 3","md5":"e25c00899aa5b1b8405e29563b32d057","sha1":"26b794fe18b74f663c0b67cba9839779ca14b7c0","sha256":"09ec5c19e3c258221a14db7cc27086b58aee6106c4252f444fe854d4b1a9f50c","sha512":"a51a5ee61dbde9a0890c92a21867989c66ee4898a549081cb01e5f3cc68e5b652ccfe90a4d3cd964b326b22b1453461aea08bb93b81db9ccbbf2fde3200814d1","ssdeep":"1536:pnEn1iVJZSBupSxQTfrVm07sIWy/Qytz200bvZu/u8KEVjXbpIS9bkD6Fh9Usd7A:Q4V1pfbf7sC/tCERKcjOyb1vUsdts4mj","tlshash":"dea312305d86885aec3d203a9202ddd6bf73f24709806bfb053b5363789814fbca16e2","first_seen":"2025-03-03T22:55:46.467168Z","last_seen":"2026-03-08T19:49:45.586158Z","times_seen":2845,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":119,"dns":0,"connect":0,"send":0,"wait":63,"receive":108,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/img/flags.webp","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:22.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/img/flags.webp HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/css/intlTelInput.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 28174\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: image/webp\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"6e0e-+c9J+qvl4+pvpQpQCqvUf+8x4WA\"\r\naccept-ranges: bytes\r\ndate: Sat, 11 Oct 2025 23:25:22 GMT\r\nage: 2803074\r\nx-served-by: cache-fra-eddf8230089-FRA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28174,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4099564bc7b03997031ad1348e646601","sha1":"f9cf49faabe5e3ea6fa50a500aabd47fef31e160","sha256":"667642959de122c4b844afcae211c1c54c9166d262fb833beb63abc02ebd0dd4","sha512":"e1633c3f57dc45e189d3d0ac97afe6ff1f44063cdb0948632e9c7fdfcb848f92ef854b22c11a9c58c6f304b0123f34f3b0d132399ec27c95943dc3564fb7640e","ssdeep":"768:Xtn4kqql2jDWRFRS21T2r9lDAkRYKU01RENG:Xtn4kq2wDGFRN16wwYKU01RE8","tlshash":"6ec2e2f1690d6390ad635390c0f66355cdd927393a7f8ca4f96292848234177db3eb64","first_seen":"2024-10-17T04:51:34.39147Z","last_seen":"2026-04-03T11:10:39.063709Z","times_seen":4927,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/?callback=jQuery311022741362383749752_1760225122182\u0026_=1760225122183","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:22.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 17 Sep 2025 06:26:46 GMT","end":"Tue, 16 Dec 2025 06:26:45 GMT"},"fingerprint":{"sha1":"F7:6D:4C:F1:C4:E0:71:B6:08:E9:D6:09:AA:F2:0F:31:4D:06:A9:09","sha256":"61:07:CF:29:5A:BE:51:7D:3A:03:E3:E1:D5:EB:EF:1E:70:26:49:5F:68:6D:49:8F:0C:C9:C9:09:A5:DD:9F:15"}}},"request":{"raw":"GET /?callback=jQuery311022741362383749752_1760225122182\u0026_=1760225122183 HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Sat, 11 Oct 2025 23:25:22 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":674,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (393)","md5":"bae060dbefe0203899a241a08b9fffbd","sha1":"c3c03d3df5ee03c264e96cec799c4067962f3f02","sha256":"edf66667f4db38b80b186bd209992e0aaa35946fc004cd92d40adf9a8988873e","sha512":"9c19a936ba54846c995a7e07d894df8bc63678d1995b5d7081aaaf64013a43612dca6df90c30bd4897abfa21bcc7abb4974419425846e5c8ba1ded995ba075ca","ssdeep":"","tlshash":"9401cb2720782b3abdbe428840079e0a33596d2b018175964ea25f1c5049abb706036e","first_seen":"2025-10-11T23:25:48.284906Z","last_seen":"2025-10-11T23:25:48.284906Z","times_seen":1,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":66,"dns":13,"connect":25,"send":0,"wait":146,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/de.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/de.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 335\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":335,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"51768606d83a265da9e7ee8efbb21edb","sha1":"b22c5b98344da8d3ea54ecb9baab4c5a5a7ebdb4","sha256":"8fcaa96d8835e39fa6a74ff4dc781d908112d46ceb8fb81ff37c433f390a4c8b","sha512":"cec42089404b17430bc0d8c7882cfd6249d4fa7401b538f1899b2d315d639cb6fd28cf33da34d91afc40572f5dd59aac75dee16b0c65aa1abf2e0b93bc779c3d","ssdeep":"","tlshash":"a7e02644e0e98d0a8e2607a88efc71d280a230cc12cc00ed72842528fd4e3eb6845be5","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-03T16:30:58.669634Z","times_seen":6145,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":225,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/es.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/es.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 714\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":714,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"82a1bb6b96ec71df6247971da6e35155","sha1":"bb5be7dedff6612e4c8cb7c8019563c547238897","sha256":"8fc508fdb3ef11a4e38f9123f1ae903962ca14841cefd7b98ed5550d50d2f1bb","sha512":"dc54baf3110ea3a0512a272b5dac1bd1b24e50ecc32e9944436708791394a98fae1220f440ed1615c7d5e6f05d761190f3720105c9bf5f63300ff940cbb2738e","ssdeep":"","tlshash":"9b019cd4ba6c498c9e15837d0b6c70d1a20e20bc31cf40e8b98c8164b26a3ebe943d50","first_seen":"2023-05-07T18:03:13Z","last_seen":"2026-04-03T16:30:58.680306Z","times_seen":6479,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":230,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/gr.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/gr.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2497\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2497,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced","md5":"cf260dad711263d6c68ab72aa9981d8e","sha1":"4d2b6f9445e772bbf4e19a0b2e572dd7bf6adcc3","sha256":"11185bdeb35fbb6e2f79d985eb534b6d727688dc9248a5258db365bfd10184ce","sha512":"b9cee6cf514ae0a92da85539c0cebcb3d02419bb6816a2929e8e253a384ea3e6ca4b8e3386ed4e3d6a33b7fba6a73273ea8cae78f5971e7d41cbd0be7eedbc03","ssdeep":"","tlshash":"1c51c759fa126d40229afe06a5fde26b0b3b43c1da91bc96bcc99c0308611bcc83d583","first_seen":"2025-04-08T10:05:49.326915Z","last_seen":"2026-03-08T19:49:45.604336Z","times_seen":2837,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":227,"dns":0,"connect":0,"send":0,"wait":62,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/ro.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/ro.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 352\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":352,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b3459066e38308492a7ac98271d7b034","sha1":"bdc08d8b6b3a4ab7eef55fb2b73028001f045581","sha256":"3244688e345eb37de4069b23d32d91b59ecb2c28a14e38aaa4e02678f5d0bb7c","sha512":"5e68e1f9adf42375f8432dfc1a5b8a5f91849b2e3fdaa7ac1de0fb111cce8d61daf0330cca3137ae1ee66e20ba12c7e135114bb565b5f711cc730f8db4e20f81","ssdeep":"","tlshash":"00e0d88595a9c9094a1603795abc70d65123708e158905fc74c42514bd4e79b3c51aac","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-03T03:06:53.150663Z","times_seen":4095,"resource_available":false,"data":null}},"time_used":509,"timings":{"blocked":447,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/js/uikit.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/js/uikit.min.js HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 10 Nov 2025 23:25:20 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 48442\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":146716,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"749a2dd79038dfbb16587c3067fb9291","sha1":"d1ab89b4fdace3c084baa45bc031ee29ca84a788","sha256":"9523eead7091f1929fd1c309a8df06cf02821bc7ca282f5d086d5ca2cdc164e5","sha512":"72b90e5809fba9e10b4cbfcf29656ed41a37ebcc674cd7b96748d84814a589ff1d64021a52d2928f8bf5a7c6a41041044606a1729a4b50b33e8170a93dc66d1d","ssdeep":"3072:NFR0qgTMS7E2qsR+0HWH83vagarqnlXN8O:NT0t4So2q4+MLabrW","tlshash":"0ae30a9733a5b02543e742f510ab4606f3395984b80b84dcf67caada3869849727ff7c","first_seen":"2025-04-08T10:05:49.344419Z","last_seen":"2026-03-19T10:32:07.745292Z","times_seen":2871,"resource_available":true,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":1,"connect":8,"send":0,"wait":113,"receive":107,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/js/jquery-3.1.1.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/js/jquery-3.1.1.min.js HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 10 Nov 2025 23:25:20 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 29238\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":86709,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32030)","md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-03T19:35:04.092003Z","times_seen":138340,"resource_available":true,"data":null}},"time_used":233,"timings":{"blocked":-1,"dns":1,"connect":22,"send":0,"wait":113,"receive":53,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/en/dist/js/script1.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/en/dist/js/script1.js HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 10 Nov 2025 23:25:20 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 5435\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16817,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3636), with CRLF line terminators","md5":"3d0892d336959ffc3116f3c85ac1f1ca","sha1":"ba9dafbc2165b509325094c33f1ebe7458fe68be","sha256":"a82f48e366c855affe0c103158ae6b6d02923e633e95103bd196f2195790788e","sha512":"e88ed3b2a9ba03f7cc54f8c6cf3315156024974eba16e9f3e229dd99acff29c467f5555a6bc2a7ee55e12e835703b7d87f8aac29aa0b0ba6c20cc53ee45d9c1c","ssdeep":"384:uKWwubC7r3oQIrc6ZhTnJ4NjEgcMwPTa39F54Z/+w2fSLaBASB7V2bd4328DYSlS:uKWwubC7rYQIrcenJojEgePaX4Zr2fS/","tlshash":"ec72c5da328174a20baf20dd407e5547f2281899f44a90acf62d9dfd3d2988631b3f7c","first_seen":"2024-12-15T07:55:37.941654Z","last_seen":"2026-03-08T19:49:45.589996Z","times_seen":3034,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":69,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/images/background-2.jpeg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.854Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/images/background-2.jpeg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/frontend/assets/fi/dist/css/main.css\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 78592\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":78592,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82\", baseline, precision 8, 1280x675, components 3","md5":"2a4552b1347988124cc84773c1c4d366","sha1":"8f07060e12843f32dd3aa2b5f2039a44dc3a8d7e","sha256":"3ccb544dc9333afd9463709c4b1bd20ff1d6873a98bf791e20bfe86a5a4d73c9","sha512":"d94f5c0e1756eb9f707c42fb34b1b1b8d18386073aa62b24324f15513a1d40b7d4cb6fd8a398cad405938e951b1d08fc467b066d7dca0b5ee33b368967992bb5","ssdeep":"1536:F+lJyh2rIOwBR2A5qdDwfS6alb/wclZTYo/icgll0w+w/ysSqBNXAvPr:iJhkOy22quaoo6nl0w+ls/ij","tlshash":"ac731219974160fb5c128d29b55a8b86aa4d04c1346d300df870e3af8bb66f8b796f73","first_seen":"2025-03-03T22:55:46.451962Z","last_seen":"2026-03-19T10:32:07.737693Z","times_seen":2872,"resource_available":false,"data":null}},"time_used":522,"timings":{"blocked":350,"dns":0,"connect":0,"send":0,"wait":64,"receive":108,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-11T23:25:20.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\nset-cookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; expires=Sun, 12 Oct 2025 01:25:20 GMT; Max-Age=7200; path=/; samesite=lax\nlaravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D; expires=Sun, 12 Oct 2025 01:25:20 GMT; Max-Age=7200; path=/; httponly; samesite=lax\r\ncontent-length: 10800\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ndate: Sat, 11 Oct 2025 23:25:19 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"UIKit","description":"UIKit is the framework used for developing iOS applications.","website":"https://getuikit.com","common_platform_enumeration":"","icon":"UIKit.svg","categories":["UI frameworks"]},{"name":"jQuery:3.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":67881,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (752), with CRLF, LF line terminators","md5":"e393cd7232fd81789509c6ac8392244b","sha1":"e03fb092649a6e97df950e9bd047e5c078989a84","sha256":"a94b7c48b0e420ba5a506577d1513f23a66a1381dfdbc6dea3bc8c74569b216e","sha512":"bcf33581a0bf62f267d72ab603a69330c58a1239097e4c72c444de1c3749675ae6ea0c1a7d94e46facc13ec0ea3a781b3793296ad73cfb89714ac16d0db8e0d8","ssdeep":"768:lMJAGOKIByw/XTJaPyBRVBuPJJdMPh0vM:aOKIMEXg0kJdMr","tlshash":"f563843212c2221b133381959e55326def4690ab8b81808576ad03d77ff5cea8d779fe","first_seen":"2025-10-11T23:25:48.303627Z","last_seen":"2025-10-11T23:25:48.303627Z","times_seen":1,"resource_available":false,"data":null}},"time_used":551,"timings":{"blocked":49,"dns":18,"connect":8,"send":0,"wait":453,"receive":1,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/ar.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/ar.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1480\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1480,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"7fec8a94e0af73b8647803e1ff9887be","sha1":"aca14e7523e0bff0a9399a0998b49387d636da9e","sha256":"f093a618390e4ef10ee984262dd3334074536f565eb0ecf6cbd0939597073b3d","sha512":"61d5698ab4bcbf9589338c045a1a214edb887746e9e9a67d434dbc1ee81b3682a7cca8560c79a285dff0fd2d8550305e1d7b8f17fde68c1b9543e788a78379a0","ssdeep":"","tlshash":"fc3119e713000b75a02b96385a3b08b8244a4c4c0b6ad99b52cfbdae97563c58191e38","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-03T02:42:57.921377Z","times_seen":3562,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/th.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/th.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 367\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":367,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"756f64249f1f943e61bff54780b49cd8","sha1":"e4beba68e98c966f57a6cca0e40915ba60500e23","sha256":"cf1c5911962ac51db0ff4e36a6a91f5ff42c1ba40246ada4067b3b5a846f21b4","sha512":"d8d34a3b82cba3a38c9f4025440e7177ca7ad6347bdff81f1691e88ff0f7e8a58fe3491e2d53e9d433cf685af00af37193c07afd2799fa12aefb54d53ff30498","ssdeep":"","tlshash":"c2e0d8c6a869890e1e140f754dbc75ed5136b0cf214d41fcb1c12629aa4a39f2541a68","first_seen":"2023-05-07T18:03:13Z","last_seen":"2026-03-29T11:55:49.033734Z","times_seen":3324,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":343,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/pl.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/pl.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 310\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":310,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"73699780fe17013ad360d5441cba044d","sha1":"3e37c78fdc79aada415a05c2275c0fdf9664f062","sha256":"e03d57c0f7db7d4dc8eb6a2bc359f3a40591b490130bcfa06fba08d514fbdb07","sha512":"94ef034160ec61a32cd5ce34621c993aa3a14f0fd5d60adb807f7c3c116060d45956297c0213950824c0886292669cfb2aec40c110e32e43049ba733490f6e4b","ssdeep":"","tlshash":"c2e0c2d5a4a9ce4e4e1407758ebcb1e9917270df218d04fc71c52a29fd1e38b2811e99","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-03T08:56:35.006135Z","times_seen":4356,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":397,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/flags/4x3/ph.svg","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/flag-icon-css/3.4.6/flags/4x3/ph.svg HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.6/css/flag-icon.min.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 11 Oct 2025 23:25:21 GMT\r\ncontent-type: image/svg+xml; charset=utf-8\r\ncontent-length: 687\r\ncf-ray: 98d21dc468fb56c5-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e5d-61d\"\r\nlast-modified: Mon, 04 May 2020 16:10:05 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 2613973\r\nexpires: Thu, 01 Oct 2026 23:25:21 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wCAtQGG8KErhKD2rrKbLbE9vxtnK03HEVBHjFi0zRm3dbCjXlFcF2TcD9ceVhhwxFzZL4XtfCC5ZY27AOZAD1GkzndHDUIDWd5MavqmD845zbM3vBdMdnwzTEiH5UeqZCt%2B8b2Vn\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1565,"size_decoded":0,"mime_type":"image/svg+xml; charset=utf-8","magic":"SVG Scalable Vector Graphics image","md5":"12f36eed83fdf6fa33bccb7eae18286a","sha1":"e898abd7d7b6747bc41675dccefa17f0584f8593","sha256":"fd167a43304972aa43f76a0ec3f03dc89dde4f96adc654a7e0e2e1257aa9a7e5","sha512":"6ce567a22ebe9c1319837fea25bc99eeb9f6ce7aaf02bb921aab17e7ba7090d8071c9561e5b2a205ab335ac6a397cf7491a8cd13a267277379781308b903f588","ssdeep":"","tlshash":"1e3100adc3a48378e492cb640f3ee0a456a995ef31f1d1c1907ac4716854ce512fb6df","first_seen":"2025-01-19T19:37:33.520989Z","last_seen":"2026-03-31T15:51:42.438833Z","times_seen":2318,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:22.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 11767\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"7989-8La+4xfFSqQhYm6sgD9oLLGwb+g\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 11 Oct 2025 23:25:22 GMT\r\nage: 1601566\r\nx-served-by: cache-fra-etou8220024-FRA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31113,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30745)","md5":"8d7c34c441a0c73f54b225cc51f30de1","sha1":"f0b6bee317c54aa421626eac803f682cb1b06fe8","sha256":"5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7","sha512":"ae4eea7dfe62cd0ac55c3ea87ddd3f1da2a0e8514657b3a7bd608d64d95d6776522f2ecef700dc0a8eb83bded5602b5b0bd22103e2b71948d00525eea77c93c5","ssdeep":"768:3Pn03Xlqn/kiICXpwJx3ycC/nFjjB7dH24y4Js:3+iIfycCxB7dG","tlshash":"4bd2e6aeb3652b37a7fd82a260a50543af7f79444604042d7cac8ede1298ed171f5b38","first_seen":"2024-11-14T19:07:22.945119Z","last_seen":"2026-03-28T07:52:11.702391Z","times_seen":4315,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/utils.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:22.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/js/utils.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://intesaqp.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 62310\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"40944-yY9wBenb0A7BGMPMI3C/O/5s+KY\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 11 Oct 2025 23:25:22 GMT\r\nage: 385496\r\nx-served-by: cache-fra-eddf8230034-FRA, cache-hel1410022-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":264516,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1903)","md5":"be8412b24dc2374a8eb8c446774e2765","sha1":"c98f7005e9dbd00ec118c3cc2370bf3bfe6cf8a6","sha256":"8d6246375bc856c30649b3e800b02a22d913a7f03f08d92a7b2440824ff2ce9c","sha512":"070efefcd7228793e742ac76bbbae58d49ad8de94cd56863838f97955bfd86dbbd53eb41b1ff2aa59eaa3e6aeeabd5334e622824a48234d8997b6db397c79004","ssdeep":"3072:9E030DWujFs3OwPss3MwPaPjq09Q2xFM8M0TrpEBW6cC56kmLxTg/QKWVSpDUkzy:9E03+WqHjvxFM8M0T7IUT","tlshash":"0044f0ebd63c9737a1e87b35968eb3cd5a8cbca3c858567826c3b54f52784e0706c205","first_seen":"2024-11-14T19:07:22.956908Z","last_seen":"2026-03-23T15:52:20.858655Z","times_seen":4244,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/css/main.css","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/css/main.css HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 10 Nov 2025 23:25:20 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 3324\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":17575,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"445345b06c57adc6bebba237ea3a1987","sha1":"f41c545e36936b041b4070f78aaa3035c375b7d9","sha256":"b0799bf121afe10ac0f92f4263a15154d278313cb5dfbf6aea0bb8f44e75b970","sha512":"f68a2edcf3bc13a1eadbbe1e574f346740b4e89a72970a766c04032258ab06eaf634f85852bf91f05de49b9769ca8775516107559a6c938ceece25eb53769fb5","ssdeep":"192:inuWeeNmef3zN92Wz97QY09Zqm1wK3lt46smQ9uqmq9A9a2ElLWB:ZWlaWZ7+vGmxG2ElLG","tlshash":"bb823023e7016146b0379778e3a39725fb744023d30b437d7beea250aba94d48661f9e","first_seen":"2025-04-08T10:05:49.350254Z","last_seen":"2026-03-08T19:49:45.606091Z","times_seen":2839,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":10,"dns":1,"connect":8,"send":0,"wait":114,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/da.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/da.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 362\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":362,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c4d7abcf4c21c729ea9aab45faa1912a","sha1":"6ecbf40cb392204b8c7af284352108b500111969","sha256":"33815e73a3d07b3ae77cec1fdc77a285646e4e730136632f0ff5de6f8697c98c","sha512":"6d928963ac9562306e34f006030ddb4430cf81f3e37d8a5d805f90d5cc89659457e9f98257a2ec971205cf044387b7c3e87847c85bf7760ecfa2b667bdab3230","ssdeep":"","tlshash":"f6e0c09260ae8a0d4e1543205a3c70e2526770cf218e04fcf0c13e28fd667ab3800f5c","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-03T08:56:34.835821Z","times_seen":4159,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":229,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/it.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/it.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 352\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":352,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"34ec214f5547e19d4e1fe9d0d638f9c7","sha1":"7ef49fd31ffa7a0ea47e8ad0a2fa2121621baae5","sha256":"ebdeb69d61fd3e3b429eafd9b45b51422b87348d932a7fbcd668975437650fdd","sha512":"95f427b45f9af6fbc409cba7617a3a653ea21bb15bc722a442edc8f9a492914e0eb0e25d113403eff378c7ab9078d3bcd38e9e7cd7bc9c987e8b0da621e2b477","ssdeep":"","tlshash":"96e02084a5a9c9098b16437959bc71da512370cf15cc05fd75c43518bd4d3df3c51a6c","first_seen":"2023-05-10T09:01:08Z","last_seen":"2026-04-03T16:30:58.662572Z","times_seen":5859,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":344,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/jp.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/jp.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2097\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2097,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced","md5":"87dbfa08b89e9df85053cef757bf0048","sha1":"ae50d0d97740ad830542f3428fcb2f930340d6f6","sha256":"4c5852bdf732560a0a7139e8c2e2c23bcca17dab055abf62c7eb25eb04dde6c6","sha512":"7e129030426fe4cbf7f1281cfbf4dd5285db57d05fadb1576e7dcd65ff4fea02afc2387a3b87198f3fe5e8fa7b1e47dc68e04d6857fd9e95d495241692c65db3","ssdeep":"","tlshash":"3f41851af862ad106a4efe4629e9d2935b3b07c19bc1e590fce9d82318340bdcc2d5c2","first_seen":"2025-04-08T10:05:49.328585Z","last_seen":"2026-03-08T19:49:45.601053Z","times_seen":2838,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":278,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/da/dist/js/uikit.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/da/dist/js/uikit.min.js HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 10 Nov 2025 23:25:20 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 48442\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":146716,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"749a2dd79038dfbb16587c3067fb9291","sha1":"d1ab89b4fdace3c084baa45bc031ee29ca84a788","sha256":"9523eead7091f1929fd1c309a8df06cf02821bc7ca282f5d086d5ca2cdc164e5","sha512":"72b90e5809fba9e10b4cbfcf29656ed41a37ebcc674cd7b96748d84814a589ff1d64021a52d2928f8bf5a7c6a41041044606a1729a4b50b33e8170a93dc66d1d","ssdeep":"3072:NFR0qgTMS7E2qsR+0HWH83vagarqnlXN8O:NT0t4So2q4+MLabrW","tlshash":"0ae30a9733a5b02543e742f510ab4606f3395984b80b84dcf67caada3869849727ff7c","first_seen":"2025-04-08T10:05:49.344419Z","last_seen":"2026-03-19T10:32:07.745292Z","times_seen":2871,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":1,"connect":11,"send":0,"wait":114,"receive":107,"ssl":47},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/pt.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/pt.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 724\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1912,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b0f66bd6beaac99c6e2f26c24305a1a2","sha1":"afea1f64055e95d095cb738e07e7751036d3bfe6","sha256":"a97c198d9404f1f1db3616ee0b26980087346fff121db3bb7f13540b90b56c96","sha512":"9bf4d9b22cd6cf9f0fb08b52cd1a93eb9886be4abbd1374bc05e1f3a6b822f127e03c1a5b0256bf0450393ae89406db6ffbfeaf4918ce2a30fd6accf8a212a7f","ssdeep":"","tlshash":"83410de82f2c50dc84a33aad2d25f544d34d50b572a54ec0af8db769d063895f0c7e80","first_seen":"2024-08-19T18:26:58.073415Z","last_seen":"2026-03-23T06:40:05.870436Z","times_seen":3575,"resource_available":false,"data":null}},"time_used":459,"timings":{"blocked":398,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/dist/flags/fi.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /dist/flags/fi.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nkeep-alive: timeout=5, max=100\r\ncache-control: no-cache, private\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 1831\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ndate: Sat, 11 Oct 2025 23:25:21 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":6603,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5391)","md5":"543ac81966d87ac815e08eb0e436d719","sha1":"e35bb4e32ccf08c11a3935084b50660feb835350","sha256":"8cbc10ee9755ef972000f666711a5c4d0e025d3cedf53079ba3bfd8f2b19a968","sha512":"0c6a8f7948f93d4d00b5fbb98f487d7e2ee15d104acd83dfbc884ef9b77826dc7daa27b906640572977750a00cb7ef590ed5cd93e2f40ef4def88b9ff92f1dc3","ssdeep":"96:/J/SNi/FLQVTLKCGWz5NN5PXy0jRdoMCX4SZTdI5:/pV2RKCxnNByTMCX4SZT0","tlshash":"aed1871eeac5101e60d785b7e8d4e64c8916aac3de238bdfb54f7915cf8038719a321c","first_seen":"2023-04-06T17:05:03Z","last_seen":"2026-04-03T19:15:50.724175Z","times_seen":6811,"resource_available":true,"data":null}},"time_used":944,"timings":{"blocked":514,"dns":0,"connect":0,"send":0,"wait":429,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/da/dist/js/jquery-3.1.1.min.js","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/da/dist/js/jquery-3.1.1.min.js HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Mon, 10 Nov 2025 23:25:20 GMT\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 29238\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":86709,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32030)","md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-03T19:35:04.092003Z","times_seen":138340,"resource_available":true,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":1,"connect":10,"send":0,"wait":114,"receive":53,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/fr.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/fr.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 352\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":352,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e9efcfc75d8fdee9370032dc72e78bcf","sha1":"77d974568d91216054eee046c19c99f71cccb9be","sha256":"a7d195ab974d9555702eede5af18287b5767efcea5fc6dadf529e114dc6fb568","sha512":"12e0fd3eafb13d648d46f86cb8eeeea05e4acccceb2510abb4c888e07284de90503ddd8b3c02513d6fe84b6b66d6600039d56749f316d012cddd0d3d89cff8ea","ssdeep":"","tlshash":"1ae0d885a1a9c9094a16037959bc71d65123708f158905fc74842518bd4e39b3c51aac","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-03T17:49:16.890465Z","times_seen":6182,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":229,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/ko.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/ko.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1361\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1361,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ed87e4c8a4dd16c9c3f8499a0aaa28bd","sha1":"f818a0782047c159ed8e5cd041ad7f09e8fe52fb","sha256":"eb59eb7dcf155a7b38c8f4c9db869ed942bf55a4457e3f4ff0791be4f2c736d5","sha512":"bcf1992bfb1d0ed92e4393e0b85fe5c768ed29285d38a259d0cfb60827537b74d39a925cfc4df58ed8b478d5015fad047a211ec2ddffa5a69b0d08f5abcdab6e","ssdeep":"","tlshash":"05210bad1b7c302cd6f9c5799909fb01ddfb04040c9fa1c59129d6cc28c588b70d5436","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-03T02:42:57.910877Z","times_seen":4212,"resource_available":false,"data":null}},"time_used":341,"timings":{"blocked":278,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/ru.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/ru.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 355\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":355,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"42103243a1d4c3f2e823e99f3c00aaa4","sha1":"1d95a227efb867c8b3dfa2902ea8a803f3fd3519","sha256":"0a720bc83f72d17849bd213570ed808ae6b430fa5f3d50dc7fdb32413f7ade01","sha512":"752fcf59700e20bed16831a684eef542a1fd525d73078c97894a6e7b3e2009296af1f4b31f2da100aa8403b3aebf3fff464cd8c1c6330a3b6da36796e2b70cd7","ssdeep":"","tlshash":"39e0d886a4e989095a1947694eec71d6406270ce218d01fd70853529fe4d3db2451aa8","first_seen":"2023-05-24T00:34:39Z","last_seen":"2026-04-03T04:39:39.353479Z","times_seen":4326,"resource_available":false,"data":null}},"time_used":512,"timings":{"blocked":450,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/sv.svg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/sv.svg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 376\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":376,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6d7b2e74f61e873c0fb690155956025e","sha1":"b515a34c1884d45ef9a2b7f3ebdf731a0613e1c8","sha256":"4a271da0e5fbcda6d2d15092d8a564e8ef3d36ad507215563ac2faa0e8833001","sha512":"e2ccfb1f70a37129ea1a51b5e143e103904df03d6dfd5966f169d13222bd87a2d54b1ec21ac28ef3ce09c1d853f07c16eae7190c263c0e250506ecb8abdff54b","ssdeep":"","tlshash":"97e068d0902ec60a9e1507b95fbc70ca4232b08e298e00fc70c12528f49e7cf2810bb9","first_seen":"2023-05-07T18:03:13Z","last_seen":"2026-04-03T08:56:34.836553Z","times_seen":4260,"resource_available":false,"data":null}},"time_used":514,"timings":{"blocked":453,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/flags/zh-TW.png","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/flags/zh-TW.png HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 870\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":870,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"2a2b643bc15c7363c9e58e6b47d7de30","sha1":"506ab44f76022397b3aa9682e8972d7944703d54","sha256":"c63293f5412adc096b8e492e88b8d8edfca5367a491acdd9071ef8d31b4ba9a1","sha512":"a742115cc74831e58f2607fda3ecdf88d8a01d1f9f19d784e1c46a24f9dc23f3a8b5f11251b1c6c911a53a18ee3a01d841e82952f7ab97fcc44b2a0673238e43","ssdeep":"","tlshash":"1f1196ca2450d5d7c2ea12e389ee4b452b4f4afc28560d886c151ab511df1d740e4710","first_seen":"2023-06-10T08:53:38Z","last_seen":"2026-04-03T02:42:57.904734Z","times_seen":4082,"resource_available":false,"data":null}},"time_used":330,"timings":{"blocked":267,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/images/004-e1718021172658.jpeg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/images/004-e1718021172658.jpeg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 63121\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":63121,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 755x666, components 3","md5":"d454c0dec7452f792b2398f48e5781e0","sha1":"5ff0a516e3b79df6ce5c19176166dc3a736ff544","sha256":"c380eb5e629c2f4f26e85db6adbe560ef3a940109e30fefc06437f68822bf536","sha512":"2bcc62da38e93e0b583f4377d3abe07224ecedcfcf356011a6be6d554c5ddc939c7362c5f3dcfe535d176d89cc6ebf32c936f7a6673437363edb7a68b27b4fa7","ssdeep":"1536:thhdONA4AGsmVkCjco07j4xku1tctVLTk0CrT:thHv45/Hch4Wu1tcttTk/rT","tlshash":"b05302b0b5e3335d07df79547ebb6976b45231a099262edc83069a0e0ce24f71393856","first_seen":"2025-03-03T22:55:46.43923Z","last_seen":"2026-03-19T10:32:07.755306Z","times_seen":2867,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":503,"dns":0,"connect":0,"send":0,"wait":70,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"intesaqp.com/frontend/assets/fi/dist/images/background-4.jpeg","fqdn":"intesaqp.com","domain":"intesaqp.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://intesaqp.com/","date":"2025-10-11T23:25:21.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"intesaqp.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 10 Oct 2025 11:12:50 GMT","end":"Thu, 08 Jan 2026 11:12:49 GMT"},"fingerprint":{"sha1":"24:44:CC:EB:4E:E4:29:CA:EB:E8:4A:E7:89:D2:4B:5D:3E:B1:D3:25","sha256":"7E:C7:84:F9:54:EB:B6:3E:F0:75:0A:E1:69:64:78:5A:BF:C0:A8:BE:29:4A:DC:90:E5:F9:55:09:74:DB:8C:D1"}}},"request":{"raw":"GET /frontend/assets/fi/dist/images/background-4.jpeg HTTP/1.1\r\nHost: intesaqp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://intesaqp.com/frontend/assets/fi/dist/css/main.css\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik1YRHNQV3AzN3pGMWJkMDIxdElWTnc9PSIsInZhbHVlIjoiTVl0TTRWa2N1Mk1BQ2c3dzBnZW5lVEdtQlNEbkpLVXlmUkFnZFFLbWNkd0VpYm8xNktKMkdEaXdLdG1CN0hoUlNrWGxneDUwRWJpd0k5Z2RuQzE0MVR2Wkg0ZjBTQUREclpSMkpXdHpJRnpMMVpkaEZPV2UwdGdmSGVDbHo0TksiLCJtYWMiOiIxOTM0OTFkYWYxYTY2ZTBhYzc4NmZlOTY1Y2I1OGRlOTJlOWY4M2IzN2JlZTY1ODhjOTJmMGIxZGZlMzY4MDJhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9LY0xISVh4bldUaFRKWC9FdVViTmc9PSIsInZhbHVlIjoiNy9LMVlFNU5mWnhWQndOUm5qWWFXOHNRNnlKek5OS2RYWnJPY3BOSXA1Q09ieDBuZmVTWWQwTTNxM3J2SklUT21iRGs1c1N4Nmd5SzZOSmFSRHFoajRuNnR4N1dOQWdPTi9ZMnExR3NTRGpqbm42Yk1yYnArdlowbTlIV3llMWwiLCJtYWMiOiI5NDM3MzU4YjQ0MmFkMmQxYjlkZGZjZDU4YzhkNDAzZmMyZDEyZDUxYWVkMjA0NWM0NTE0MWZkOGYwMjcyMTg4IiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sun, 11 Oct 2026 23:25:20 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 01 Apr 2025 23:19:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 146733\r\ndate: Sat, 11 Oct 2025 23:25:20 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":146733,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x830, components 3","md5":"637bb53e0883a7b9b3899420c445d0bb","sha1":"d22c5faa6bb194d94252ae458f6a4345071fe591","sha256":"388e2455e32207c5a800a9e99e5aebabdd0a3e6148e201b9b642ea0735b5b3cd","sha512":"2dfbca0de7fc95513bdc4342212bd79c9b1fc75a06f1cdaae1ee51f674dd096e3a24c37866e90604ebbb7d122208213d8861f9631dff59f6ee4c3299eb9ef3ce","ssdeep":"3072:npURYKw7UAEGqNeS/iYRJpuK+Q+5j4Qteq9cu/4fSAI2h:nOi7UAlSxR7uKNEsJqv/a6u","tlshash":"88e313d76d4661a6d5c28f3d6cb016c4967358e8c76727e49ca42b03b06838bdc21dfa","first_seen":"2025-03-03T22:55:46.440402Z","last_seen":"2026-03-19T10:32:07.757177Z","times_seen":2866,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":122,"dns":0,"connect":0,"send":0,"wait":63,"receive":160,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-11","alert":"Phishing Block","trigger":"intesaqp.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-11","alert":"Sinkholed","trigger":"intesaqp.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}