{"report_id":"5bfc53a6-7af3-48c0-b8c1-992cd2a2f133","version":0,"status":"done","tags":[],"date":"2026-06-09T04:16:13Z","url":{"schema":"http","addr":"ap-ethanafl.site","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"title":"App | Ethena","dom":{"size":2414775,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (61846)","md5":"4db7d8c33b4f9e33ecb939ec0f4b3827","sha1":"2e7ec767e4ee9a4864068ad10f7859ac7432ba76","sha256":"4dcba7c435ecebd60aecbd18f6e1abb2641f7b57a48f4a12d79a444318131dcf","sha512":"5528cfe66499f4f9eb305c3fa27db6bb8b973ce9c8973e25e63421c771cca90fc9ece0c7ae864b30740286782b663832c062de6cf496abeda80a1d968d372e76","ssdeep":"49152:9W0tE2s6M6VsTvwcs8eSrsFx0is2AyxsJ:u","tlshash":"e5b5016669b384696c13a1bcb3ee661d3a31f017cc19dd587ecc6110cf8eeb499a3748","dom_hash":"domhash179d660c6aa504923406724cd9c2c1a8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ap-ethanafl.site","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-14T04:16:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ap-ethanafl.site","ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2026-05-30","domain_rank":0,"first_seen":"2026-06-09T04:16:03.721607Z","last_seen":"2026-06-09T04:16:03.721607Z","alert_count":38,"request_count":38,"received_data":12579710,"sent_data":19572,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3d421702715062420fd5f7c543d43c08","sha1":"8c2a0629baea8aed0c7f530d0f9e7d00a1e464cd","sha256":"b4d4609e210d09e4b07a2839ba321380ca825e26ed35130790cf986a89e313a7","sha512":"2416e50c4ff86d7b1a330122ac32b73c1fb519910f13870cb28f94b4e63b535900548784c8ec5af5debddad2e58d64a6a006ae007302836d8efb3dfd42fee1b2","ssdeep":"","tlshash":"9b21571252b322a63d4bb0bd5fbae84d763a400b98096454788ea1886f74b2509f37cc","size":1375,"data":"","first_seen":"2026-06-09T04:16:08.86434Z","last_seen":"2026-06-09T04:16:18.122979Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"767c62a40a95fe5db314d9af5cc1c0fe","sha1":"e370e055c8b7a5bd7e2af2866dca3fffd9193d4f","sha256":"19c1abba66ab200fb7ede934b05502ea517049473e3e2b903f4d88d60faeefac","sha512":"33b086618ae9ed396b7459ccdc373d60eb77fc2134836246f94a9dcabc51911ac1861ec8d1bdb05f9549eec0692b2709ef1a16986d539c9d9cf05995550c983d","ssdeep":"","tlshash":"8b016f6ae229277840fb532733cb936c7671c043544449453b6dcbc10f6f9b0a8d29da","size":840,"data":"","first_seen":"2026-06-09T04:16:08.865562Z","last_seen":"2026-06-09T04:16:18.123763Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"72dda4a1db0b023f41f1c788aa147fb6","sha1":"64ec4ec683cd6f4f940db65e60a19b84c38a9a8f","sha256":"f26daa02efba33df1f03670ca14f2ba9c195aac93d77930ee1e6740e542b9604","sha512":"72d481fc7a7a14d1b94bf4445a9cf716f582f2634f1a2f51851ef05ad9b4ab61f9649cb9829be3bd091881613070943463ce1d23782884316b6046ce1e38db3e","ssdeep":"","tlshash":"0ef0ec1fd3772331026776554aea52f4a070000b34048d2d3fdc85916f65c561ef76ad","size":475,"data":"","first_seen":"2026-06-09T04:16:08.866737Z","last_seen":"2026-06-09T04:16:18.124992Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3d421702715062420fd5f7c543d43c08","sha1":"8c2a0629baea8aed0c7f530d0f9e7d00a1e464cd","sha256":"b4d4609e210d09e4b07a2839ba321380ca825e26ed35130790cf986a89e313a7","sha512":"2416e50c4ff86d7b1a330122ac32b73c1fb519910f13870cb28f94b4e63b535900548784c8ec5af5debddad2e58d64a6a006ae007302836d8efb3dfd42fee1b2","ssdeep":"","tlshash":"9b21571252b322a63d4bb0bd5fbae84d763a400b98096454788ea1886f74b2509f37cc","size":1375,"data":"","first_seen":"2026-06-09T04:16:08.86434Z","last_seen":"2026-06-09T04:16:18.122979Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"767c62a40a95fe5db314d9af5cc1c0fe","sha1":"e370e055c8b7a5bd7e2af2866dca3fffd9193d4f","sha256":"19c1abba66ab200fb7ede934b05502ea517049473e3e2b903f4d88d60faeefac","sha512":"33b086618ae9ed396b7459ccdc373d60eb77fc2134836246f94a9dcabc51911ac1861ec8d1bdb05f9549eec0692b2709ef1a16986d539c9d9cf05995550c983d","ssdeep":"","tlshash":"8b016f6ae229277840fb532733cb936c7671c043544449453b6dcbc10f6f9b0a8d29da","size":840,"data":"","first_seen":"2026-06-09T04:16:08.865562Z","last_seen":"2026-06-09T04:16:18.123763Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"72dda4a1db0b023f41f1c788aa147fb6","sha1":"64ec4ec683cd6f4f940db65e60a19b84c38a9a8f","sha256":"f26daa02efba33df1f03670ca14f2ba9c195aac93d77930ee1e6740e542b9604","sha512":"72d481fc7a7a14d1b94bf4445a9cf716f582f2634f1a2f51851ef05ad9b4ab61f9649cb9829be3bd091881613070943463ce1d23782884316b6046ce1e38db3e","ssdeep":"","tlshash":"0ef0ec1fd3772331026776554aea52f4a070000b34048d2d3fdc85916f65c561ef76ad","size":475,"data":"","first_seen":"2026-06-09T04:16:08.866737Z","last_seen":"2026-06-09T04:16:18.124992Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3d421702715062420fd5f7c543d43c08","sha1":"8c2a0629baea8aed0c7f530d0f9e7d00a1e464cd","sha256":"b4d4609e210d09e4b07a2839ba321380ca825e26ed35130790cf986a89e313a7","sha512":"2416e50c4ff86d7b1a330122ac32b73c1fb519910f13870cb28f94b4e63b535900548784c8ec5af5debddad2e58d64a6a006ae007302836d8efb3dfd42fee1b2","ssdeep":"","tlshash":"9b21571252b322a63d4bb0bd5fbae84d763a400b98096454788ea1886f74b2509f37cc","size":1375,"data":"","first_seen":"2026-06-09T04:16:08.86434Z","last_seen":"2026-06-09T04:16:18.122979Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"767c62a40a95fe5db314d9af5cc1c0fe","sha1":"e370e055c8b7a5bd7e2af2866dca3fffd9193d4f","sha256":"19c1abba66ab200fb7ede934b05502ea517049473e3e2b903f4d88d60faeefac","sha512":"33b086618ae9ed396b7459ccdc373d60eb77fc2134836246f94a9dcabc51911ac1861ec8d1bdb05f9549eec0692b2709ef1a16986d539c9d9cf05995550c983d","ssdeep":"","tlshash":"8b016f6ae229277840fb532733cb936c7671c043544449453b6dcbc10f6f9b0a8d29da","size":840,"data":"","first_seen":"2026-06-09T04:16:08.865562Z","last_seen":"2026-06-09T04:16:18.123763Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"72dda4a1db0b023f41f1c788aa147fb6","sha1":"64ec4ec683cd6f4f940db65e60a19b84c38a9a8f","sha256":"f26daa02efba33df1f03670ca14f2ba9c195aac93d77930ee1e6740e542b9604","sha512":"72d481fc7a7a14d1b94bf4445a9cf716f582f2634f1a2f51851ef05ad9b4ab61f9649cb9829be3bd091881613070943463ce1d23782884316b6046ce1e38db3e","ssdeep":"","tlshash":"0ef0ec1fd3772331026776554aea52f4a070000b34048d2d3fdc85916f65c561ef76ad","size":475,"data":"","first_seen":"2026-06-09T04:16:08.866737Z","last_seen":"2026-06-09T04:16:18.124992Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ap-ethanafl.site/images/purple_cat.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.180Z","timestamp":1780978543180,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/purple_cat.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:30:15 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 452\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1055,"size_decoded":816,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8ed373fbab4b1f2e950c154c214a1872","sha1":"9d0164ca17d4556bd7137ec7b96f05e9c2d47e68","sha256":"67d7f746f9d525c0f7b2221e5d445632877e7535cc20ca997ee869a76f1eb5e2","sha512":"d386ab199b4d65585e6da57c14f30b124e4e3b974e9d2673b091795b462ca107ae1cf5e477275fb50143fd7221d91f7cf6c05b58d963846d8f81b6405c8232af","ssdeep":"","tlshash":"3411e2eae96d0f129940c2ebfb17a1277177a2d64b514ba2c348be1770829fb88425d4","first_seen":"2025-11-20T09:13:12.703869Z","last_seen":"2026-06-09T04:16:18.080197Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.198Z","timestamp":1780978543198,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://ap-ethanafl.site/\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\nlast-modified: Sun, 31 May 2026 11:33:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2499931,"size_decoded":1581699,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (61795)","md5":"30c91857a89aa8aa31c4aaa10b1aef1a","sha1":"4d80e1afb30332971c06406c1e63f418b7b4257e","sha256":"798eab51230adfd39e2e89b53aa01dcc4526637d6d66b10249dacd78a1d0c0fd","sha512":"2b1159d21f0289fb923a9a4cbf3e0294a842e815b521901ec1bb05db5bf8cb8f0b5bc0eeeb4cc36bd4e4860268ecd8227b2f01a7a565f2487db1e44f2e6118b2","ssdeep":"12288:dmLmrt9uuUpcb5z8gKoDS5zkVmkOYHcEXEvOpQs9K6uPW1mkXYtc6XEvOpvs9KU:34pW5/fmzY8E2s9KNgm6YW6Vs9KU","tlshash":"6d25d0aa99b394b57c23b0bca7ed610d3635e05bcc19dd587ecc6110cf892b88de2b54","first_seen":"2026-05-21T08:51:52.278717Z","last_seen":"2026-06-09T04:16:18.080947Z","times_seen":3,"resource_available":true,"data":null}},"time_used":3420,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3420,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/text.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.208Z","timestamp":1780978543208,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/text.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:30:27 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1667\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3935,"size_decoded":2032,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"723d30a3e7806eeedac831d0b0ba34b1","sha1":"9fc3df860fbe761de08727b1dea2cf5c64d89f9f","sha256":"edf2430c5a5b5e7250b4964e3529faa0f3863f85bb1628947fb2dc17bc0c3774","sha512":"f3c40fedc06df48106bc71dc8ee14341d0d8c4c84d8e5cd1a36ccb2652d0780f09c38776514136aff09f443a8754587c463c67fb9802c411effc020da5f6389e","ssdeep":"","tlshash":"a881d7f636dc97d8f007bfa19d2894ba2a5724f2aeec818cc6a1de51b64111d4e46cc2","first_seen":"2025-05-01T12:38:59.341731Z","last_seen":"2026-06-09T04:16:18.081754Z","times_seen":194,"resource_available":false,"data":null}},"time_used":3251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3251,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/walletconnect.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.213Z","timestamp":1780978543213,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/walletconnect.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:30:37 GMT\r\naccept-ranges: bytes\r\ncontent-length: 309\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":309,"size_decoded":624,"mime_type":"image/png","magic":"PNG image data, 28 x 28, 8-bit colormap, non-interlaced","md5":"f85686a6d05692f805f5544238a99b9f","sha1":"23a9f058ea8324e8086f35fd74186e215c4959a9","sha256":"80fde5c4eb4e0574d82d33b98ef2be73f3f9125cdf13cb775ee1155737887368","sha512":"e531910fe2611bf13551ca54ef4d081b6cc5d730af6cba5789c24b82589dccba3522583cd7205b00dd0b40a09d48da1dbb1ad1b91eb91d4c326d074e14a35108","ssdeep":"","tlshash":"cee0e77489d1ecbfcc8f07413f024fc1d6380212d3002b5ac8dd4855051163c5d814d7","first_seen":"2026-04-28T13:23:59.816847Z","last_seen":"2026-06-09T04:16:18.082377Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3401,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3401,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/binance.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.223Z","timestamp":1780978543223,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/binance.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:27:53 GMT\r\naccept-ranges: bytes\r\ncontent-length: 255\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":255,"size_decoded":570,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"7a420c30d4e0041f8b342b8373048841","sha1":"5d5e9ce64d0ea47ea212a49ce298b54f179bebf4","sha256":"2e1c3fdb7b4fc0ad5c603ef80ee6a7041da5a9d86769b4bf506faed6b51c4cc1","sha512":"368b1a5c13abfab6032f9ef0c0a0ce98ec43769f0c2d8764bd2f2a60cdee0cc2bfe8c789f1dbf95ee43d173c1d35545013cd42f2cc31d143bbad02837815d37c","ssdeep":"","tlshash":"0bd095d557414f2df4c1a1a72841172055ff9d515a58450c1449de772716114774534f","first_seen":"2026-04-28T13:23:59.801199Z","last_seen":"2026-06-09T04:16:18.083001Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3394,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/bitcoin.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.226Z","timestamp":1780978543226,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/bitcoin.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:27:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 427\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":427,"size_decoded":742,"mime_type":"image/png","magic":"PNG image data, 28 x 28, 8-bit colormap, non-interlaced","md5":"ced7f256440ed1b12cd0211432828443","sha1":"b4dc68cb50b2086c261d4cdf829bcf4db1ca71ca","sha256":"188509fad2927bdeef81825b6871369d85c578593720f80a5ce2b48cea324684","sha512":"a1109e8ced79b1def5eea4671a97c5f0ec25a51df89a3586662a322f84dc9031d643d54a8ed21fd9c147d4a49fe5043fe460ad741546ecc4ee12cb972857a0b5","ssdeep":"","tlshash":"c4e0abc6a2e24e3c80a332253192e5f4f0b9ee064de0a21f0f1279a1c676680847855d","first_seen":"2026-04-28T13:23:59.819509Z","last_seen":"2026-06-09T04:16:18.083557Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3391,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3391,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-09T04:15:41.640Z","timestamp":1780978541640,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\nlast-modified: Sun, 31 May 2026 11:33:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 09 Jun 2026 04:15:42 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":2499931,"size_decoded":1581699,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (61795)","md5":"30c91857a89aa8aa31c4aaa10b1aef1a","sha1":"4d80e1afb30332971c06406c1e63f418b7b4257e","sha256":"798eab51230adfd39e2e89b53aa01dcc4526637d6d66b10249dacd78a1d0c0fd","sha512":"2b1159d21f0289fb923a9a4cbf3e0294a842e815b521901ec1bb05db5bf8cb8f0b5bc0eeeb4cc36bd4e4860268ecd8227b2f01a7a565f2487db1e44f2e6118b2","ssdeep":"12288:dmLmrt9uuUpcb5z8gKoDS5zkVmkOYHcEXEvOpQs9K6uPW1mkXYtc6XEvOpvs9KU:34pW5/fmzY8E2s9KNgm6YW6Vs9KU","tlshash":"6d25d0aa99b394b57c23b0bca7ed610d3635e05bcc19dd587ecc6110cf892b88de2b54","first_seen":"2026-05-21T08:51:52.278717Z","last_seen":"2026-06-09T04:16:18.080947Z","times_seen":3,"resource_available":true,"data":null}},"time_used":668,"timings":{"blocked":-1,"dns":3,"connect":163,"send":0,"wait":328,"receive":0,"ssl":174},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.161Z","timestamp":1780978543161,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\nlast-modified: Sun, 31 May 2026 11:33:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2499931,"size_decoded":1581699,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (61795)","md5":"30c91857a89aa8aa31c4aaa10b1aef1a","sha1":"4d80e1afb30332971c06406c1e63f418b7b4257e","sha256":"798eab51230adfd39e2e89b53aa01dcc4526637d6d66b10249dacd78a1d0c0fd","sha512":"2b1159d21f0289fb923a9a4cbf3e0294a842e815b521901ec1bb05db5bf8cb8f0b5bc0eeeb4cc36bd4e4860268ecd8227b2f01a7a565f2487db1e44f2e6118b2","ssdeep":"12288:dmLmrt9uuUpcb5z8gKoDS5zkVmkOYHcEXEvOpQs9K6uPW1mkXYtc6XEvOpvs9KU:34pW5/fmzY8E2s9KNgm6YW6Vs9KU","tlshash":"6d25d0aa99b394b57c23b0bca7ed610d3635e05bcc19dd587ecc6110cf892b88de2b54","first_seen":"2026-05-21T08:51:52.278717Z","last_seen":"2026-06-09T04:16:18.080947Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1337,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/diamond_black.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.200Z","timestamp":1780978543200,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/diamond_black.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:28:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 221923\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":360804,"size_decoded":222290,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"72a8a4b0a7d41208fc79a4f552d2cd03","sha1":"40bb1b73f668a83c8fe258f9ee28d23b885691d2","sha256":"8c4bc87d6f5db9c8404ac0522b539ac47076f6197c457e3ae757e39a554981ad","sha512":"ea8d60cf25674f854616cb73f238eefe7e10a84b0a521a18ff15f3089c4177139fa1a89eb6cb988d59d41ac7d23ca5061dbf68ffa4693605ebf59ee4fc4a6f00","ssdeep":"6144:5VPczPagQtsOHCVjQRX7bbb/KdBH55ZlZR7SXudv4K:geNmFVjsvbCjZ5ZlZR284K","tlshash":"0374086a4c5cab9e33321c6ecf03247e6e8565ed7219c1cf289fb5edd3664509a24ce0","first_seen":"2025-11-20T09:13:12.720134Z","last_seen":"2026-06-09T04:16:18.084113Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3259,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3256,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/solfare.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.220Z","timestamp":1780978543220,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/solfare.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:30:20 GMT\r\naccept-ranges: bytes\r\ncontent-length: 236717\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":236717,"size_decoded":237035,"mime_type":"image/png","magic":"PNG image data, 1080 x 1097, 8-bit/color RGBA, non-interlaced","md5":"5219471e13d6493cf1f23149076f311f","sha1":"e564cdec3ea399f5682406b1c361d9849b275bb3","sha256":"df3da816004cb3034497eb3864b1404101d5471dcc5815b7bf8735ae2fde547d","sha512":"7a53ef8935fd3e09b161df3e1c1f2e8e32a135b9e00fa1721f900eb445779f1ca8216944b91121247fe84c3d36368163d2170c2a6f4ef0e99fc51f23899982b4","ssdeep":"6144:I9zjBGdzjciTT0TRn5TFgrAVLVhtqb5yBcI7woF:IdU9TT0xgmVq+soF","tlshash":"1634231539bb4bdfde3b8f75e4639367de29118a877427b2d33232e4a216f749084026","first_seen":"2026-01-03T08:51:44.005658Z","last_seen":"2026-06-09T04:16:18.084641Z","times_seen":6,"resource_available":false,"data":null}},"time_used":3397,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3395,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.229Z","timestamp":1780978543229,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/html\r\nlast-modified: Sun, 31 May 2026 11:33:02 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":23867,"size_decoded":16644,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (20123)","md5":"3a806ce306a2df7bed5761a16bc2701f","sha1":"0ed796728eae9b1a42b3f9a5e20e6d3665c403e3","sha256":"caebad204202108bbf12c5f8558d8cd7af40d714f200a1c65c23237e6a140d45","sha512":"063e28c72e03e4361919aad8b8a00ebbda5264a910114aa1ef02deda1783809c5c453e8aeefdd45dd3d0e8cab8501a64afef496dee1d022156ba4324014f4c1d","ssdeep":"384:HfUgOpVDbDDo77C/tUEvRKwBdVaEtBWWje5YhsTa4YGysGs9c9o1FJQqw7aa0yiu:HfUgOpd/Do77eUo/M44Yh2afGB9H1YQe","tlshash":"44b2bf519dbf018abe8fbace7b671d081938e05b3148c90d3b9c628d8f5816452aa7cd","first_seen":"2026-06-09T04:16:18.085325Z","last_seen":"2026-06-09T04:16:18.085325Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3717,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3709,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/wave.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.187Z","timestamp":1780978543187,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/wave.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:30:40 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1116\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2359,"size_decoded":1481,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"088cf58e15ee7ca6a6faa18e35b823ea","sha1":"c21edd0e85296644c03dbbcf567703a63eb4e2fd","sha256":"32dade1128d05242866c9b7f53ebdb258c09f6d7efedbb24c1d20b7d4362a342","sha512":"ae1ed37c7e757574b71bc5ca37afadb0132189439a6dfa4d374e3c613cd56140bed96b6b2eb97b436c2256ebea7562a0904e4699f466233191c7f6e2e991e7ee","ssdeep":"","tlshash":"fe41a3e275e8d6acf005e770e7a458a5374f74bb7602c0449f9e0d128423acdd5abae3","first_seen":"2026-05-21T08:51:52.295591Z","last_seen":"2026-06-09T04:16:18.086345Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/diamond_big.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.202Z","timestamp":1780978543202,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/diamond_big.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:28:46 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 421\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2609,"size_decoded":785,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"265f3775ed5efc539a70db67b53ec6b3","sha1":"7f38a8f4b8ccedf83cdeafa2b885b0f98ca5cdbc","sha256":"29db91e694a6d699dc18f32dc7ba6908d56aa8e71e678f222aeb0ad43f3cde8a","sha512":"d8f6b6c625e0455082f977b6aea4453c81b89e9f4585cc40f344d806df531ee359ccac7d3ed4b9a97cf238a932ac910211f746280a8b80248fdaf020d27f1a2c","ssdeep":"","tlshash":"5751583ab366ad37f564c988d949a4355068cae3a8c4c39194a2eb3f15248cb683f7c4","first_seen":"2025-07-02T10:16:30.698139Z","last_seen":"2026-06-09T04:16:18.087068Z","times_seen":181,"resource_available":false,"data":null}},"time_used":3256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3256,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/trustwallet.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.215Z","timestamp":1780978543215,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/trustwallet.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:30:30 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1181\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1181,"size_decoded":1497,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"a185d5aa19c6c9061227253a37080609","sha1":"d6579075b76a90828bbb6463c6fd626a587be2d9","sha256":"cf2d440f28d9828dd95b05c7e306c086852957fc7a708d16e2e659253f16f959","sha512":"843f992e24028181a2aed630404ed488ed3cc5c534d7e7ced2e80aa2405fc94407649205f85488cf966b6db6af9c3351cdbaa67718166811b85e100e5378b702","ssdeep":"","tlshash":"8b21da69fa6f2064412bf7be183047817fe4091c71c166f91b235dad57b11880eeee01","first_seen":"2025-12-17T12:55:11.652407Z","last_seen":"2026-06-09T04:16:18.08839Z","times_seen":10,"resource_available":false,"data":null}},"time_used":3399,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/ehtena_curvv.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.203Z","timestamp":1780978543203,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/ehtena_curvv.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:29:01 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 370\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":735,"size_decoded":734,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8e24e146b9e8a5652b2fcdeb828afafa","sha1":"93306aee6ac9b2d07c320f9ab672a7b92abcc096","sha256":"7b11a006ec2c14b542cc5d1f992190dd2823713c3ce8353ceb54c297efd2290a","sha512":"381b11822360e602c00a69b32739541d31028d84b66f34bda4cc040f9b86fde497a9fd74b9323739e24ff523b1015e62aae7eaad809d5c6d2c1b940ac8466a2d","ssdeep":"","tlshash":"ba0168e86248e5e9fd12cf3a9b06a6b4107c20fe77496188c6a02251259a8569e2fdc1","first_seen":"2025-11-20T09:13:12.705217Z","last_seen":"2026-06-09T04:16:18.090137Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/ethena_stack.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.205Z","timestamp":1780978543205,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/ethena_stack.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:29:25 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 370\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":734,"size_decoded":734,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"422e91fdaf3565b5c32a1daf0a220978","sha1":"dd57c2fb4643c9ab2c493e9b8d2fe22aa93118b7","sha256":"24426a80c130f86c5f716580de7f9900b73a48462faae504a575ce357ebd749c","sha512":"4454399ba3d72ce684450096ca15f335e13a0024a286d8518ff588a11bf804c3dcec4b978a293c393a3afdb92ee1de88654b2ddd61678bd99df1f9a64aa4e968","ssdeep":"","tlshash":"ae01d0f8979c0978ba0e8b63b209e0b2552f75b12198056481b4cce0731cfc84b47c50","first_seen":"2025-11-20T09:13:12.74954Z","last_seen":"2026-06-09T04:16:18.09113Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3253,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/phantom.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.221Z","timestamp":1780978543221,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/phantom.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:30:25 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2488643\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":2488643,"size_decoded":2488962,"mime_type":"image/png","magic":"PNG image data, 2184 x 2172, 8-bit/color RGBA, non-interlaced","md5":"fa1215fe7ebbc09bb8815b81afa11f0a","sha1":"8c38630e46c234dda67d7fb52344f2a8a9545121","sha256":"86bcfc73a96ea8b9c705f03181c6d5930f56f133da9d608944fb4f747a44fbbd","sha512":"10dd9797a78bb68406cb917328f37c9a44be9c6c278f44ea8c9e227e8b07590d6857cec8a364ca11ad3e04636437b6f71316c45064d7a4e1184d0b13e4444f1c","ssdeep":"24576:hPElpnHNa8Jp3TxJ0HfLJxIPwQVoLwUMLCr:C/08rjD0/VxIPrxUMOr","tlshash":"182533bdd8caa8f14323669c14f2cce786407d8f1fbb518b942ab14b9455b6c0e4973b","first_seen":"2025-07-28T19:48:25.623574Z","last_seen":"2026-06-09T04:16:18.092015Z","times_seen":8,"resource_available":false,"data":null}},"time_used":4064,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3403,"receive":661,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/bottom_lolipop.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.178Z","timestamp":1780978543178,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/bottom_lolipop.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:28:17 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 10682\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":14329,"size_decoded":11048,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2f8ba8c26e5c39bbae5aa59c54035090","sha1":"4e7aee859e0451b4958f25e2416effc1a2ef45be","sha256":"1600774ce202880bc2d834eb52d9823d0fd0c3f99d6b709e4e742fb0f68b092e","sha512":"7b6c7443f4b9706de9df12878fa5d8a197671a167f13818659f75336d17b3b780aac2c81f019a10039cca6db90e75f10723f1f0121ea988eac0175060f512a88","ssdeep":"384:6hdBj7wdzRQtEZv0OQ+x+jXMNloDmFkf8kZLFxv:6hH8QmSOQ+xW8wDmaf8kZnv","tlshash":"cc52cf1c9607d4ba14bd351307e25adced622193f6bfc0f821953f0a58836b22366b8a","first_seen":"2025-11-20T09:13:12.725629Z","last_seen":"2026-06-09T04:16:18.092649Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/blue_dollar.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.191Z","timestamp":1780978543191,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/blue_dollar.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:28:13 GMT\r\naccept-ranges: bytes\r\ncontent-length: 949\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":949,"size_decoded":1264,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"1aed469d12282309e05c78a0aba56f30","sha1":"d11a19092641ec7bdc71c177ce643f7cce318835","sha256":"4ea97a2227cd5ee1e195cf892593e94ba7cb573a4fb93d5e40897540ba6bf8ab","sha512":"c3bd087fffb5b27bf9460ca8492080bb082de210e4836d1a8d303dfd712670087353ae4814063d281cb70e274782731a1284f7b672ecf35fee8457f2c273704c","ssdeep":"","tlshash":"db11c8bd305015b71618476888b46e7a2eaec164d71a1723418938549ca00065b44fc3","first_seen":"2026-05-21T08:51:52.301602Z","last_seen":"2026-06-09T04:16:18.099203Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3263,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/ethena_modulus.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.204Z","timestamp":1780978543204,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/ethena_modulus.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:29:21 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 292\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":619,"size_decoded":656,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"96cc26034db5490f270d6f68d16d9339","sha1":"617a8a0df55915f49de25b984e6e3c9720e1f3d2","sha256":"123b6f3acb58c7c381ea944a9e406bb7f31b5cb51a171f20d1efb14be0b445f9","sha512":"328a09b057f52bc271d6ea7f64b405b52f564e60171f660a29f169acaa3a90a5271fa54633cdb7413b60b8102391a7305c0f2c28ded8112dd5b15a23b2329f71","ssdeep":"","tlshash":"fcf0f95cd2cd17b86483fba0c60ae734923d34353908151693b846fa3695c6955bbdd0","first_seen":"2025-11-20T09:13:12.721527Z","last_seen":"2026-06-09T04:16:18.099988Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/ethena_x.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.209Z","timestamp":1780978543209,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/ethena_x.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:29:29 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 229\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":374,"size_decoded":593,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2fc5fb9008787678d39cf770a51da9de","sha1":"ec12450cf3c10df342851060a748a918ac2d1a42","sha256":"f7be8fc9be9ca571cbe5a5a79f20aabfe20e4ec99bdbc3eca7eda7c9298b3b28","sha512":"03d08a634f3bc6e313fa30e6e394360352cc83b1dc731c71560f2406bb6d72253f4250bb19c9d411ef8c0f5e66dc0e3cb4e3a452390fed981f661b12d23ec6bc","ssdeep":"","tlshash":"6ae0c07661ca6704598a8f106a3eb8e8513720b0b35c40dcef813114f20c0c12a0cee8","first_seen":"2025-09-26T11:19:08.58112Z","last_seen":"2026-06-17T15:17:29.92646Z","times_seen":173,"resource_available":false,"data":null}},"time_used":3250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/telegram.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.211Z","timestamp":1780978543211,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/telegram.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:30:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 754\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1533,"size_decoded":1118,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8af65383733aef8f905e20116b888260","sha1":"1cc80fbc827bd47178a6996d59ecb67c6fb3d37f","sha256":"5f9738e8b020599cc8d680a4be45863e53989459862872c07e96a1cf7100a1ef","sha512":"1f02d7d3cf52dec59856037f05c83bc325abd1012fe0d2797ab14f4b612e8feafabe18ebe15a7a8cfbd9292ab65ca7449313684a38fc2d1b99b88f60d413c9f8","ssdeep":"","tlshash":"f63145f3a28877d89406e7a88518d5f5733a3cf6732e0a062344e760b70f266948d944","first_seen":"2025-09-05T11:45:16.114409Z","last_seen":"2026-06-17T15:17:29.917407Z","times_seen":176,"resource_available":false,"data":null}},"time_used":3402,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3402,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/curvv_big.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.207Z","timestamp":1780978543207,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/curvv_big.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:28:30 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 799\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1968,"size_decoded":1163,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5c7238e13ed8eb7df4550561f6eea711","sha1":"9163e01c0b8085690b16f8e71e20e79a4a7c9552","sha256":"660e509fc65d74690c2f1de8e894edc9959e1f16104b18df18ed658e51e56b44","sha512":"6e193b5c491ad4b32564b3330f45eb070bec054660a132782c7c109d7dd42b7825735557382ed6f463ff301ea9be8be694e707c02c39734fee71aaf59f8a8cff","ssdeep":"","tlshash":"e24101f4621494abe1a8c6ffd65b404d24b590a7dac5c38883d06f7e68587891d0d6f1","first_seen":"2024-05-10T01:23:28Z","last_seen":"2026-06-09T04:16:18.102997Z","times_seen":227,"resource_available":false,"data":null}},"time_used":3252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3252,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/backpack.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.219Z","timestamp":1780978543219,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/backpack.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:27:57 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1783245\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1783245,"size_decoded":1783564,"mime_type":"image/png","magic":"PNG image data, 2520 x 2516, 8-bit/color RGBA, non-interlaced","md5":"8376f648697044d7aea73f79427c6414","sha1":"d097dd251e43fc13c49b424419ead1ede49664c7","sha256":"07e8d6c6e628917e9f44d16884d5eb5f9abf36d8ce5235e8d71c2184c292456c","sha512":"d108ae49c4edcac586ec5dd91c86ac8e584e0d914ae6be11a9bae576be16fa90d1e3e38ca64f44f890a1effa7bdbe7732b4d9ae05b3af4daa962949b142df573","ssdeep":"24576:ceg5V5VEI9+0cfqDLCsSLTqsU++f6KuOJ628i:dg53VE8+DsSnqFVf6KuOJ9x","tlshash":"532523fce9ffc61ec2d1a0b5c129f4c484af32122f1309a56d2ea79c78047b99594e97","first_seen":"2026-01-03T08:51:44.018802Z","last_seen":"2026-06-09T04:16:18.103762Z","times_seen":6,"resource_available":false,"data":null}},"time_used":4066,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3400,"receive":666,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/coinbase.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.222Z","timestamp":1780978543222,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/coinbase.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:28:25 GMT\r\naccept-ranges: bytes\r\ncontent-length: 402\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":402,"size_decoded":717,"mime_type":"image/png","magic":"PNG image data, 28 x 28, 8-bit colormap, non-interlaced","md5":"212d02417f3ed0a14b6155844afc9179","sha1":"b63a382a4d51118b23c9eb7d009a4e90d310a2c7","sha256":"e3fffcefa5bf7288ab97c91d4ab95e5fcb7a86bdbbb7c1ae8b8d97ecb18c2cf5","sha512":"2fb96c3bb800ed63ec54a22cd4a3d60c1c3d70429f35eb65c89248e855b6f2b92861a92e5c2a4c8c1d56b5ae5673742fccff55735c63d6b25a179be7bd00b3fb","ssdeep":"","tlshash":"55e06852afa5fc281f6643c94812acd8ca01ae20c9a8812ec128b51a7e7268489c5646","first_seen":"2025-07-03T10:21:17.26576Z","last_seen":"2026-06-09T04:16:18.104882Z","times_seen":9,"resource_available":false,"data":null}},"time_used":3395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3395,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/curvv_fav.ico","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:47.248Z","timestamp":1780978547248,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/curvv_fav.ico HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:47 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Sun, 31 May 2026 11:28:43 GMT\r\naccept-ranges: bytes\r\ncontent-length: 15406\r\ndate: Tue, 09 Jun 2026 04:15:47 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":15406,"size_decoded":15726,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"20bb6d7eb3504d88f598bc55f1d078e5","sha1":"e39a3fa7b90ac5287765986a0a59d4ef376c903d","sha256":"15791ab59e523dea39908cd59ef80c1a9f61e50ada5559e95e17fc4025341173","sha512":"4355e627520459b3eea3ce2ded6821cd1251641c78343b91ad0331cd0924382e97b7a013ff181ab7ee243e54ef89556d12cfa37a317c14922bace0b04f670766","ssdeep":"96:ROfgijprjdqfGl2DmVdta41erKOnNdY/Cy7zZsys6qDDc0Q31ESWz7Y/ZPKGilVe:RMjdNtjCvEHMSHrgc","tlshash":"46625b74afc9daaaf26fa4b4623d0a08c44acc5d01635025ff7f70b7a3b8e45754b602","first_seen":"2025-09-11T13:23:43.737864Z","last_seen":"2026-06-09T04:16:18.105661Z","times_seen":176,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/ethena_big.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.166Z","timestamp":1780978543166,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/ethena_big.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:29:15 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 799\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1968,"size_decoded":1163,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5c7238e13ed8eb7df4550561f6eea711","sha1":"9163e01c0b8085690b16f8e71e20e79a4a7c9552","sha256":"660e509fc65d74690c2f1de8e894edc9959e1f16104b18df18ed658e51e56b44","sha512":"6e193b5c491ad4b32564b3330f45eb070bec054660a132782c7c109d7dd42b7825735557382ed6f463ff301ea9be8be694e707c02c39734fee71aaf59f8a8cff","ssdeep":"","tlshash":"e24101f4621494abe1a8c6ffd65b404d24b590a7dac5c38883d06f7e68587891d0d6f1","first_seen":"2024-05-10T01:23:28Z","last_seen":"2026-06-09T04:16:18.102997Z","times_seen":227,"resource_available":false,"data":null}},"time_used":2797,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2797,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/ethena_dollar.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.174Z","timestamp":1780978543174,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/ethena_dollar.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:29:18 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1387\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3372,"size_decoded":1752,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"64d1e7adc676b048ef9f9770ab40dff8","sha1":"98e01535b15675bb3c24243fe22c73b9a5322b79","sha256":"42d65f9b6db6184cd18bf1bf6679dbc5f231d47dde82b4e15d3791138f54d1b5","sha512":"40ab13cc7847355e2d3b9b944b694c6e8cad8b26c83d52c8013626c9212d1228b2e2ffb9b96a6da9463548df8a2badeb04a7f96db5f23e69edf2dc438ac4f855","ssdeep":"","tlshash":"0a6152ed3f3448d0da4c82fbbf0080ad306b55b789d18954c2d4ef1e18149aabc1eae4","first_seen":"2025-01-03T11:21:37.331103Z","last_seen":"2026-06-17T15:17:29.899323Z","times_seen":204,"resource_available":false,"data":null}},"time_used":3116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/bitget.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.216Z","timestamp":1780978543216,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/bitget.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:28:02 GMT\r\naccept-ranges: bytes\r\ncontent-length: 369\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":369,"size_decoded":684,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"c02dcee80c84a92b69b1d42d9afafe5f","sha1":"411acd30539f7c54ba40a4af409e3116a02af663","sha256":"e4ad2a0af5e86bff0b1087c2753484ef8f6050265e47d10c127393d76f4289af","sha512":"190122f4df666e4d09106e65314e97d973009ce216645f02b256e4aa0a85fa5f1ee189edec83308105ac442b4ea9523498ecaf8e111a965388e94e91a9cbd6bd","ssdeep":"","tlshash":"ebe0c0e312929d1865e253d9c6c0a9394fbb821925f3531150d0833139a62d37a83392","first_seen":"2026-04-28T13:23:59.775266Z","last_seen":"2026-06-09T04:16:18.106986Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3398,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3398,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/dollad_white.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.176Z","timestamp":1780978543176,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/dollad_white.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:28:56 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1400\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3384,"size_decoded":1765,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4c890b3031b31bfdaac90bdda0ef37b5","sha1":"6a10f8b105dbca423b65975e101ae9b61205afec","sha256":"93a91b8f8f791169d7caa9c79f83f06a6f5b7f891ff55ad6584bffb457a47ec4","sha512":"a814900f82d73fb7465068e874ad1208a5fe19b3735627f9ac14a720d3acc45b4d6cd51855f6e8b4bd59e8518a14c2c3b0d6a86d8910849b9a93d23435c1e206","ssdeep":"","tlshash":"386154ed3f744ce4dd8c82e7ef15916d302b99b789c18504c2d4af4e08549aa7c1dae5","first_seen":"2025-05-01T12:38:59.312802Z","last_seen":"2026-06-17T15:17:29.939399Z","times_seen":198,"resource_available":false,"data":null}},"time_used":3115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/usdt.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.189Z","timestamp":1780978543189,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/usdt.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:30:33 GMT\r\naccept-ranges: bytes\r\ncontent-length: 589\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":589,"size_decoded":904,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit colormap, non-interlaced","md5":"f0edd5a0288c0a6a9bf81595149a9437","sha1":"212dbfb9e244884c373d7dba0d6dc61cecfe10a1","sha256":"b22f56007723c6561e386e883fc71a072eaa8103dfb05e20090eef9bad7949fe","sha512":"843ed5b593ab73d1b9318cccc2dcffa0b9b8d26f2aea03ebc7be651cd0f81d02fb27c48ea89c75e209ca2a9c7c19b1953d2fa6c9df815a5c49ef9a82e38ccc17","ssdeep":"","tlshash":"6ef047d3934854b59d1953963b97b8f8e50703f40457da01a0faf575583136e91d0171","first_seen":"2026-05-21T08:51:52.274555Z","last_seen":"2026-06-09T04:16:18.109965Z","times_seen":3,"resource_available":false,"data":null}},"time_used":3265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3265,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/yellow_s.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.193Z","timestamp":1780978543193,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/yellow_s.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:30:42 GMT\r\naccept-ranges: bytes\r\ncontent-length: 726\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":726,"size_decoded":1041,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit colormap, non-interlaced","md5":"415c15d804a2c14f5089edf7907f1c45","sha1":"3e4c4975a4fe096ea5474b0fc8d145f0b7a0c90b","sha256":"1987fa9a8c07fb1c97c91bb6f9a1ddf5dfcdc2e8cf0c9c8a4c115005d0e05b29","sha512":"f1162569e3c20d26d8bf26d2c088efc26e0f8e1d6731b7f294665078eb8830af57fc227bee660ec6b9b52425f653e6561646a00120a1fb958a86b6ed93bd3f27","ssdeep":"","tlshash":"b90165d59142d8b9d4c986c12df6a23134d20e78b915d226e170a5b627511e46c6850f","first_seen":"2025-11-20T09:13:12.673165Z","last_seen":"2026-06-09T04:16:18.11135Z","times_seen":4,"resource_available":false,"data":null}},"time_used":3262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3262,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/diamond.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.195Z","timestamp":1780978543195,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/diamond.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:28:53 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 238\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":467,"size_decoded":602,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f51440d67758d3cc1450e3fdc8eace9b","sha1":"6a123c6299d989432eb9fdc0a1e2f33e5662dce7","sha256":"6d6052478db318ced3059060683d909abbeb8574d3d36e262adf897df2a457dc","sha512":"12873f3af694ca85a13960c1677fc8a24c2eaedaacc95843fdfc7a194e3fd1afe6e6700835e57c4dd9d8e482382f5bb18dd03bb77b6323f7288a5a375002aa48","ssdeep":"","tlshash":"c4f027f701440878d512cf99a13a3b9152ebb87623a8271ccd303a75b04a24d22329c8","first_seen":"2025-09-26T11:19:08.579421Z","last_seen":"2026-06-09T04:16:18.117758Z","times_seen":171,"resource_available":false,"data":null}},"time_used":3260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3260,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/github.svg","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.210Z","timestamp":1780978543210,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/github.svg HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sun, 31 May 2026 11:29:33 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 691\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1480,"size_decoded":1055,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"842453fcab1d2a11fac9a1b298cdbd3f","sha1":"808c86419bd2bef16d57088743b9e4d09b47dfcd","sha256":"78d89e7fb4c120f8b84487778c3c0a98ccf0b07227cea603f859edd2a7c7b1be","sha512":"2c3e94ce1db1bfd2e2d743c714ccda0f30eb4f04de90fc72ce97f9c08e7a07adca10f2b2a09f8bc1f10e42c31e4a822e64a32b0ab186d1fd02bea210f0bcdb0c","ssdeep":"","tlshash":"5c3124f06ae5e2e0961fb764d53924613bd700f47f6a8b1842817ad499081bde84cd6c","first_seen":"2025-09-05T11:45:16.126995Z","last_seen":"2026-06-17T15:17:29.900093Z","times_seen":176,"resource_available":false,"data":null}},"time_used":3249,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3249,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/metamask.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.214Z","timestamp":1780978543214,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/metamask.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:29:49 GMT\r\naccept-ranges: bytes\r\ncontent-length: 650\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":650,"size_decoded":965,"mime_type":"image/png","magic":"PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced","md5":"b900b6b78daebca504154fd8e4cb8ee1","sha1":"ce3f77955f2df2603437e414d69d3b749858cd18","sha256":"f2db4861eb0eeb4d4d3a5cd68270bdc19252f797abb9a11d9daf716ca6791f24","sha512":"be194a17a6d75fea9acf3d828b8ba69707fab4daf5d42c4d7aa35fa9d81133276f69a25267d8be087fba3c45336b435cd5487ad99ac28f229333dbba1359b09d","ssdeep":"","tlshash":"47f02399a7d0c46ecf44352a4647a1e6d07356b99d304d5c4755d8fc09169d020f05c4","first_seen":"2026-02-21T20:27:58.12848Z","last_seen":"2026-06-09T04:16:18.119285Z","times_seen":7,"resource_available":false,"data":null}},"time_used":3400,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3400,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/okx.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.218Z","timestamp":1780978543218,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/okx.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:29:56 GMT\r\naccept-ranges: bytes\r\ncontent-length: 194\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":194,"size_decoded":509,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced","md5":"4a42a6c54cb5cf5c5def4516e7db80fc","sha1":"59d76d2d3cef14ef1106961cdf72b15953640b45","sha256":"12efcd5687bc3277d0cbd73c1380bf3368a30bf2e0039aa43196f3b697d19bfa","sha512":"cb011ba3af5f44f87f446b1a15dcb7401fce8b6e7e4a89d4bdebf230a7970d8d1e5dc8145ea9775008b85d2c52331190ddeafd1589d5a001721d290bae0fd9e6","ssdeep":"","tlshash":"8fc0224327899a08829f8213416428f19fa28227ce10840900859c4c5749b24c1c43d2","first_seen":"2026-04-28T13:23:59.820609Z","last_seen":"2026-06-09T04:16:18.120114Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3397,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3397,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/ledgerlive.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.225Z","timestamp":1780978543225,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/ledgerlive.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:29:37 GMT\r\naccept-ranges: bytes\r\ncontent-length: 150\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":150,"size_decoded":465,"mime_type":"image/png","magic":"PNG image data, 28 x 25, 8-bit grayscale, non-interlaced","md5":"81da2368c1aa799e059147d5334ac5df","sha1":"06fed39973810e7a4a6400fdc03891c783c20125","sha256":"640a03fd9dc4aaa06d0b9a98acd0eb6347ad1a617b323bfab2edb22f1796d604","sha512":"7b040109a8c3c1449958881a21de7171a956bd0b7c0663a407852a2d966f565d09fa615bbce542d3be1a4eec42d19781a4bb587bda8ecff3c6a6c74dcf6c6e2f","ssdeep":"","tlshash":"1fc08ccaa638ea2ed7520222895c00a0bc380a052f21001ad409de2ec04da39f28a222","first_seen":"2026-04-28T13:23:59.778815Z","last_seen":"2026-06-09T04:16:18.121309Z","times_seen":5,"resource_available":false,"data":null}},"time_used":3393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":3393,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ap-ethanafl.site/images/black.png","fqdn":"ap-ethanafl.site","domain":"ap-ethanafl.site","tld":"site"},"ip":{"addr":"198.54.119.205","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ap-ethanafl.site/","date":"2026-06-09T04:15:43.164Z","timestamp":1780978543164,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ap-ethanafl.site","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sat, 30 May 2026 00:00:00 GMT","end":"Mon, 14 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"4F:84:E3:AC:63:E2:2A:A8:3D:91:6E:E1:E5:BB:A5:88:80:D4:7E:F0","sha256":"FD:FF:AE:55:46:4A:3E:E6:1C:D3:10:97:AF:29:09:36:52:1F:18:58:50:7A:22:F4:61:E8:B9:DA:F6:7F:F1:9F"}}},"request":{"raw":"GET /images/black.png HTTP/1.1\r\nHost: ap-ethanafl.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://ap-ethanafl.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Tue, 16 Jun 2026 04:15:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Sun, 31 May 2026 11:28:11 GMT\r\naccept-ranges: bytes\r\ncontent-length: 111501\r\ndate: Tue, 09 Jun 2026 04:15:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":111501,"size_decoded":111819,"mime_type":"image/png","magic":"PNG image data, 3406 x 1970, 8-bit colormap, non-interlaced","md5":"ea6695e68c924d2e42ee5c8b68809fb2","sha1":"eb762ae7d2b002424c81a9c0acaa601ad2053709","sha256":"2ab02aea726a184110169f19917f9feded69f8532023bb8023cd46cc4b199f65","sha512":"6b81a126978284d464b0a55bf46ec3303bfa22ef9b826db565424323233b410017d126d15f5adb3e0d5d18bf7c898e0f9d2e9cd6f16883362061e6c94d449b2a","ssdeep":"1536:CDJjEefm3TZVfOzaaGd037j2tdPvGA8SB1Pl1jkiSjuzuwAryzOWZWdNaoQAqM:SJj/i0aaGdW2d2Q1cT3wTz/8dEoQG","tlshash":"cbb3023491b5d8f4cc8797b05e690fa2ac93b95c34fe6328ed4190ad121fce6bd2445b","first_seen":"2026-05-21T08:51:52.299223Z","last_seen":"2026-06-09T04:16:18.122163Z","times_seen":3,"resource_available":false,"data":null}},"time_used":2635,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":2474,"receive":161,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-09","alert":"Sinkholed","trigger":"ap-ethanafl.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}