{"report_id":"857e0390-0caf-461d-a470-c86a1a8c491e","version":6,"status":"done","tags":[],"date":"2024-06-17T10:15:39Z","url":{"schema":"http","addr":"qegyhig.com/login.php11","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"qegyhig.com/login.php11","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"title":"Page not found -"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-25T13:03:48Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"r10.o.lencr.org","ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2020-06-29","domain_rank":0,"first_seen":"2024-06-06 21:45:11","last_seen":"2024-06-15 18:30:36","alert_count":0,"request_count":3,"received_data":2664,"sent_data":981,"comment":"","tags":null,"fingerprints":null},{"fqdn":"qegyhig.com","ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"domain_registered":"2011-08-12","domain_rank":0,"first_seen":"2012-10-12 07:11:39","last_seen":"2024-04-18 09:16:06","alert_count":8,"request_count":8,"received_data":264614,"sent_data":3661,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}]},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"qegyhig.com/login.php11","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"f11d85311cfc17fd75e2398854960559","sha1":"6ab51f57581e85c26cffa9826e6eff7b5de442ec","sha256":"9ed620ec738812b2830903914efcfb5c2f06356ee65b1789d6e9c0db6455eb12","sha512":"41ea90a8fecc43c74ed0088c76b79d2916aa7462c0cf10b71f33f6f7aeed88c6ba6c68badcfa5c1f3c6e4e44c3a31570464c424d1a3278a1ae0099add8ef2e19","ssdeep":"","tlshash":"e561b7aa37793887317715d2aa2f0e07eb7698361688d034c9f9b7541cb1863c33ae49","size":3223,"data":"","first_seen":"2024-06-07T10:43:09Z","last_seen":"2024-08-19T20:33:51.189358Z","times_seen":98,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-03T19:30:20.096582Z","times_seen":683705,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-03T19:30:20.082588Z","times_seen":637330,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/login.php11","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"36bb41434655cf561f77987b521868e4","sha1":"859b75d2e2e6eb0ff665e4ce3c3aa4d0f26d45ba","sha256":"7853623597c83d5420b041e662614eddbe69a1f978214d7f4f90fcf27f8248b4","sha512":"4f95febe9a65c1caecd9b30041b781e753081e25605d6677a365ba17ca55eeec1284524276f75d287ce4a44dcf98414a2598cec0c49aca599ab7f4f6fe2565e4","ssdeep":"96:lLezOOC7cuT/alOCqUfGIRc0QtFUieZjzWqeqKGxKDB:ACLyXfGh0QtFULVzuvB","tlshash":"75c165f1a241f475436eb05b038bb607f7a54862004c9864bcccb6fc6f9862bc5b6f55","size":6014,"data":"","first_seen":"2023-03-07T01:10:27Z","last_seen":"2026-04-03T17:22:13.705977Z","times_seen":6315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/login.php11","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d370053752bcccfea3a05ed1f958f00","sha1":"dc27a1f8c079d10b6bcb12d934690d5ac13b8245","sha256":"712b83e1fb7bba23edc0cad83735386653ae53ac4751130d8a1a32340eced84b","sha512":"c8a9f114095b241eeaaf40ab9c1e651349858861af44e8e9b291e8f4afbe1378e9e655b5de3ecb9619ed9fd6e407cd7b46f7455cf2bf2abab7a345929da66535","ssdeep":"","tlshash":"28c08cb46081a038638022200a6787dc77b080036208641a800c102530f04bc90c1d48","size":135,"data":"","first_seen":"2023-03-07T01:10:28Z","last_seen":"2026-04-03T17:22:13.706481Z","times_seen":7127,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/login.php11","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"7fa1ae65f342c116b15cb8e4af3f0db8","sha1":"eef8afe088ef947cdf027cc5e95619e91e025ce1","sha256":"d71dbeef81cdfc763b21dbcb6060476a2ae8b4582d84f9742add5dd68f6c3f8f","sha512":"7b2087076ea1bf53caf746cc3dbfa8b44851692dc79e53c66e7b86e20a05d8174e17762a55f8e15c20fdfa95e3e46680119926ffcef6277001abe778ab2c0ecd","ssdeep":"","tlshash":"02b0127b3d4015326cea580909c0906c3856153409414032b00cc4178954d957d74fd4","size":99,"data":"","first_seen":"2023-03-07T01:41:55Z","last_seen":"2026-04-03T17:22:13.708015Z","times_seen":6830,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b976b651932bfd25b9ddb5b7693d88a7","sha1":"7fcb7cb5c11227f9213b1e08a07d0212209e1432","sha256":"4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3","sha512":"a241ebdcfaf153d5c2a86761145b2575cbe734b4f416acbfac082ae5c6eb7c706bd6ca3bc286b7e1a0f9e326729252dcb95b776750c4a3a0d81f2aa6258ea39f","ssdeep":"384:WTbvzWuPTb9Uh3o//bEPjXgA2k1efAJmpr:WX6U9Uh3o//YrXgAGfACr","tlshash":"7182f99bb33a4e9f343e3bd78e968f4dc5da555321c0f078dbeeb68169a00568274c90","size":18726,"data":"","first_seen":"2024-03-13T16:02:37Z","last_seen":"2026-04-03T19:33:18.447842Z","times_seen":89595,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.77.32","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-17T10:15:13.117270311Z","timestamp":1718619313117,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"146FE131CF8436E3DE4832A23B351400B4819DBD9B9716302248D3AB447F000C\"\r\nLast-Modified: Sat, 15 Jun 2024 13:53:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=17497\r\nExpires: Mon, 17 Jun 2024 15:06:50 GMT\r\nDate: Mon, 17 Jun 2024 10:15:13 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"5c35a3180482afadf4e89f4cc249fa7b","sha1":"8a088c184606fe3e4e0da8cd90b6eb5e6d30fb97","sha256":"146fe131cf8436e3de4832a23b351400b4819dbd9b9716302248d3ab447f000c","sha512":"69ceef04fe4f86da5a1c84e5d5ba164db85d4817e66cd8dabecf0df8ac7d47749f2d6cbed7ac33345f6fb6c984fe97caecec446f5a0914841ca524b9f435c8d9","ssdeep":"","tlshash":"1cf00e1210a6b8f06af101205ff9ed182c64ac9d3c1234e03ce8bdf2a4657e40f8c098","first_seen":"2024-06-15T15:57:10Z","last_seen":"2024-08-19T19:55:02.755491Z","times_seen":41629,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"qegyhig.com/login.php11","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2024-06-17T10:15:14.388Z","timestamp":1718619314388,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /login.php11 HTTP/1.1\r\nHost: qegyhig.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Mon, 17 Jun 2024 10:15:14 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLocation: https://qegyhig.com/login.php11\r\nCF-Cache-Status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wxSCyBIm0tm%2F52wmHuqS9qJsHtPDSA%2FN5apmXyMsf0DDIkS%2Bq0sfCfSuEDgIHrQqlmXo3I1gSKMiacn28H92Fh711kuIyMr4sMjeq%2BBKmGT9DWO5JQ37NK9XIdKbfg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 895246fad9ee712e-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":162,"size_decoded":162,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"4f8e702cc244ec5d4de32740c0ecbd97","sha1":"3adb1f02d5b6054de0046e367c1d687b6cdf7aff","sha256":"9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a","sha512":"21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f","ssdeep":"","tlshash":"0bc08cadab022cc8b8a73b3861c36160e2ec80701699451101b04a07f1cf1979ec23d1","first_seen":"2023-04-05T03:07:27Z","last_seen":"2025-10-21T23:58:19.216342Z","times_seen":131101,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":241,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qegyhig.com/login.php11","date":"2024-06-17T10:15:15.127Z","timestamp":1718619315127,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qegyhig.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 09:00:11 GMT","end":"Wed, 14 Aug 2024 09:00:10 GMT"},"fingerprint":{"sha1":"2C:95:C4:90:6E:FC:C6:08:CE:C1:B5:14:AA:70:9F:49:20:C9:CD:EF","sha256":"3A:E0:F4:61:1D:76:30:2E:D5:A9:D5:1B:9C:05:A9:19:A6:03:20:14:1D:C3:ED:3B:63:BE:60:C2:D5:4A:D8:7F"}}},"request":{"raw":"GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.4 HTTP/1.1\r\nHost: qegyhig.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qegyhig.com/login.php11\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 17 Jun 2024 10:15:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 03 Apr 2024 00:39:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"660ca536-1bae5\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nage: 327820\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rlwmJvlgZjZ3%2FqgiehcuKtkJy2x5pmSz7AjIBooAD8M1Y8cazY%2BWhtJXgktNFSr9VzJ9E6icVpC69UiNCD2ujY%2FRIJWjV7ItSUSSj4Au6O0UT3A2LVpXibFY%2BRj%2Bkg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 895246ff7dfcb4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":54913,"size_decoded":54913,"mime_type":"text/css","magic":"gzip compressed data, from Unix","md5":"877f21d41ee7c7b3f18757333ab26f79","sha1":"cd04bd7e8e6325bda088de4fab64fd788342b55e","sha256":"d6807a70246cb0ce380e1d3b64130ea08a4ad3bd4f4e5eb3fb841c38e685ea7a","sha512":"8b3ba14dd5741b889522fc60f6c0fc53419c2029fc928005a9879886e4b886f2737d2498f51c45a98f21eafe3b9e7bc2149c282c204c313ebb6879cc8f3f35ef","ssdeep":"1536:+9hPdwCr5sO1noa3qfc3N21QbHbFzd40o372ti:DCr5sOL3qfiN21QThy2ti","tlshash":"a733025aaf70a5ec2d23a3b2a67f1dd4904891ca0c50952defefeb97078f5721cc41a1","first_seen":"2024-05-31T04:03:12Z","last_seen":"2024-08-19T21:12:48.028116Z","times_seen":25,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-32x32.png","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qegyhig.com/login.php11","date":"2024-06-17T10:15:15.266Z","timestamp":1718619315266,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qegyhig.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 09:00:11 GMT","end":"Wed, 14 Aug 2024 09:00:10 GMT"},"fingerprint":{"sha1":"2C:95:C4:90:6E:FC:C6:08:CE:C1:B5:14:AA:70:9F:49:20:C9:CD:EF","sha256":"3A:E0:F4:61:1D:76:30:2E:D5:A9:D5:1B:9C:05:A9:19:A6:03:20:14:1D:C3:ED:3B:63:BE:60:C2:D5:4A:D8:7F"}}},"request":{"raw":"GET /wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-32x32.png HTTP/1.1\r\nHost: qegyhig.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qegyhig.com/login.php11\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 17 Jun 2024 10:15:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 2514\r\nlast-modified: Wed, 27 Sep 2023 18:12:55 GMT\r\netag: \"651470a7-9d2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncf-cache-status: HIT\r\nage: 327819\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=AOOa%2Ft1eey8ugpFa9CegZhaRxxKf8Gl9nar4biLWwqAXNJgZRfBG90XqYly%2FbyRm%2Fbh%2F58r2ZsNn1hyKrxKcv3vf20U9GMLMmshBIhoNqkT9HYTC7S3G511uw8iCgw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 895247006f94b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2514,"size_decoded":2514,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"24d6169e292ca283dff013bbe28770d7","sha1":"d214ee03d00a84249d579b0edef9e4ac28d44ef5","sha256":"b9ae8237792e06c013ccab1fd3ba00a41f4e93ce708e1b55a2a47bdf7a4d7422","sha512":"ee8458efb7274b0cb0f4fbe578e57d63a4e877daf8f2a92ac7fa0f36ebbb8b1bdae294caa23833c2b91920f967770a985366dfc494d970f48938770b13e66ac4","ssdeep":"","tlshash":"","first_seen":"2023-10-27T20:40:14Z","last_seen":"2026-03-29T09:14:33.797608Z","times_seen":4336,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-17T10:15:15.736884233Z","timestamp":1718619315736,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2\"\r\nLast-Modified: Sat, 15 Jun 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=11132\r\nExpires: Mon, 17 Jun 2024 13:20:47 GMT\r\nDate: Mon, 17 Jun 2024 10:15:15 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ede0b27def700f18bb6d4eb4c1d97352","sha1":"c802c366cb2eee6b9339349aa21677fdb1bd5fa5","sha256":"18ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2","sha512":"b1261e87645eb6cd74edb193283924e437ec388df9d45bad1eb6840a7de3584ca9e0e7ddd04a78b542d85733e76b02f839339e75691cecaf7b1894a7cd0bd35b","ssdeep":"","tlshash":"c8f054021098f99565a306121dfbe3053fb47cf8791c9ac014e488d128a0feca7c4009","first_seen":"2024-06-15T19:33:51Z","last_seen":"2024-08-19T19:54:20.816757Z","times_seen":41892,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"r10.o.lencr.org/","fqdn":"r10.o.lencr.org","domain":"lencr.org","tld":"org"},"ip":{"addr":"23.36.76.226","port":0,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2024-06-17T10:15:15.739142039Z","timestamp":1718619315739,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: r10.o.lencr.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 85\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nContent-Type: application/ocsp-response\r\nContent-Length: 504\r\nETag: \"18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2\"\r\nLast-Modified: Sat, 15 Jun 2024 17:32:00 UTC\r\nCache-Control: public, no-transform, must-revalidate, max-age=11132\r\nExpires: Mon, 17 Jun 2024 13:20:47 GMT\r\nDate: Mon, 17 Jun 2024 10:15:15 GMT\r\nConnection: keep-alive\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":504,"size_decoded":504,"mime_type":"application/octet-stream","magic":"data","md5":"ede0b27def700f18bb6d4eb4c1d97352","sha1":"c802c366cb2eee6b9339349aa21677fdb1bd5fa5","sha256":"18ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2","sha512":"b1261e87645eb6cd74edb193283924e437ec388df9d45bad1eb6840a7de3584ca9e0e7ddd04a78b542d85733e76b02f839339e75691cecaf7b1894a7cd0bd35b","ssdeep":"","tlshash":"c8f054021098f99565a306121dfbe3053fb47cf8791c9ac014e488d128a0feca7c4009","first_seen":"2024-06-15T19:33:51Z","last_seen":"2024-08-19T19:54:20.816757Z","times_seen":41892,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qegyhig.com/login.php11","date":"2024-06-17T10:15:15.129Z","timestamp":1718619315129,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qegyhig.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 09:00:11 GMT","end":"Wed, 14 Aug 2024 09:00:10 GMT"},"fingerprint":{"sha1":"2C:95:C4:90:6E:FC:C6:08:CE:C1:B5:14:AA:70:9F:49:20:C9:CD:EF","sha256":"3A:E0:F4:61:1D:76:30:2E:D5:A9:D5:1B:9C:05:A9:19:A6:03:20:14:1D:C3:ED:3B:63:BE:60:C2:D5:4A:D8:7F"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: qegyhig.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qegyhig.com/login.php11\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 17 Jun 2024 10:15:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Wed, 08 Nov 2023 00:39:49 GMT\r\nvary: Accept-Encoding\r\netag: W/\"654ad8d5-15601\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nage: 327819\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=wtCcp9ltMMX9ilLC%2FsR9jhoTnq%2BIfcQ54L8bL7QC%2F3pCdvGI0vT703NP0FXoLpDotIAIoqpK9S9ETrTUBloG8zpGp5SLaq0%2BhplKkACNrTZzg3bk4FZO5YxawLfn1g%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 895246ff7e02b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":87553,"size_decoded":87553,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-04-03T19:30:20.096582Z","times_seen":683705,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.4","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qegyhig.com/login.php11","date":"2024-06-17T10:15:15.247Z","timestamp":1718619315247,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qegyhig.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 09:00:11 GMT","end":"Wed, 14 Aug 2024 09:00:10 GMT"},"fingerprint":{"sha1":"2C:95:C4:90:6E:FC:C6:08:CE:C1:B5:14:AA:70:9F:49:20:C9:CD:EF","sha256":"3A:E0:F4:61:1D:76:30:2E:D5:A9:D5:1B:9C:05:A9:19:A6:03:20:14:1D:C3:ED:3B:63:BE:60:C2:D5:4A:D8:7F"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.5.4 HTTP/1.1\r\nHost: qegyhig.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qegyhig.com/login.php11\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 17 Jun 2024 10:15:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Wed, 03 Apr 2024 00:39:18 GMT\r\nvary: Accept-Encoding\r\netag: W/\"660ca536-4926\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nage: 327819\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=r1drt%2FnuD7XCmbag0ljcjaBrF%2FECeF769Mcd7UjCLKp%2Fh8q1cfdKshR%2BEF8z6jX30OoPVTpNUdjairdR69Jau0k9GdjhiFv6itkegQJ%2F%2B5g6Ur013Sim8FovgRurBA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 895247004f62b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18726,"size_decoded":18726,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (15752)","md5":"b976b651932bfd25b9ddb5b7693d88a7","sha1":"7fcb7cb5c11227f9213b1e08a07d0212209e1432","sha256":"4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3","sha512":"a241ebdcfaf153d5c2a86761145b2575cbe734b4f416acbfac082ae5c6eb7c706bd6ca3bc286b7e1a0f9e326729252dcb95b776750c4a3a0d81f2aa6258ea39f","ssdeep":"384:WTbvzWuPTb9Uh3o//bEPjXgA2k1efAJmpr:WX6U9Uh3o//YrXgAGfACr","tlshash":"7182f99bb33a4e9f343e3bd78e968f4dc5da555321c0f078dbeeb68169a00568274c90","first_seen":"2024-03-13T16:02:37Z","last_seen":"2026-04-03T19:33:18.447842Z","times_seen":89595,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.3.1","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://qegyhig.com/login.php11","date":"2024-06-17T10:15:15.125Z","timestamp":1718619315125,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qegyhig.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 09:00:11 GMT","end":"Wed, 14 Aug 2024 09:00:10 GMT"},"fingerprint":{"sha1":"2C:95:C4:90:6E:FC:C6:08:CE:C1:B5:14:AA:70:9F:49:20:C9:CD:EF","sha256":"3A:E0:F4:61:1D:76:30:2E:D5:A9:D5:1B:9C:05:A9:19:A6:03:20:14:1D:C3:ED:3B:63:BE:60:C2:D5:4A:D8:7F"}}},"request":{"raw":"GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=4.3.1 HTTP/1.1\r\nHost: qegyhig.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qegyhig.com/login.php11\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 17 Jun 2024 10:15:15 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 27 Sep 2023 17:55:09 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65146c7d-a235\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nage: 327819\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=qdIGotRKoj%2BpLCuxie7nM3B5ZcyhBqjXtQuRnaywZ8LlSFtOJTgFoFsjG4QPgY6VB3IR9hWDJhwv4oqArtUvm6e%2FLQ2nJvqBQswzJVAN%2FujeZvNO%2F0dIVDHj11%2FgfQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 895246ff7df9b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41525,"size_decoded":41525,"mime_type":"text/css","magic":"ASCII text, with very long lines (39343)","md5":"a0b3a11fd4ebcad236cff2bc51e9b434","sha1":"32450d8097e971f4b59044e979289903beffc85d","sha256":"4c0561c2c4810cbb09911bc45252c68724f181aa5bd16455493e31d2bfeba8b3","sha512":"723a972bb0bc0fd388fcc78e899750f9d4eccc8fea18c8bb488b79c378c8f037b6b0f7e181990f9bca20d39b65b871d56ea3ad705fb75938305129bfb0cf169c","ssdeep":"768:mzCOS1rhiYolOlFnkHk8FHk3dtzxdvNPR2/WLmihCFS7VHQtBkMTqen9h7fAR7jD:M74dHnHQtBkMTzIuaP","tlshash":"6d13d8a157d031296233833efad6b9082a654313e70f26e6f8abd764cdc57d71972a0c","first_seen":"2023-09-07T12:59:47Z","last_seen":"2026-04-03T12:12:29.64387Z","times_seen":4679,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://qegyhig.com/login.php11","date":"2024-06-17T10:15:15.131Z","timestamp":1718619315131,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qegyhig.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 09:00:11 GMT","end":"Wed, 14 Aug 2024 09:00:10 GMT"},"fingerprint":{"sha1":"2C:95:C4:90:6E:FC:C6:08:CE:C1:B5:14:AA:70:9F:49:20:C9:CD:EF","sha256":"3A:E0:F4:61:1D:76:30:2E:D5:A9:D5:1B:9C:05:A9:19:A6:03:20:14:1D:C3:ED:3B:63:BE:60:C2:D5:4A:D8:7F"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: qegyhig.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qegyhig.com/login.php11\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 17 Jun 2024 10:15:15 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 24 Sep 2023 12:38:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65102dde-3509\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\nage: 327820\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=cXpFgh2etxGUYTlCOVAzclwRYC0TmImRa%2B75Z%2FjOceyBMRbgMlf%2FZD%2B1IjHFwZLUtDOcZorvhSzB01ThLaNpCDgqCMfsc3eDHf9pgXd6%2FWjhcNuetxkjDUCsJBKt4Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 895246ff7e06b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13577,"size_decoded":13577,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-04-03T19:30:20.082588Z","times_seen":637330,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"qegyhig.com/wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-192x192.png","fqdn":"qegyhig.com","domain":"qegyhig.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://qegyhig.com/login.php11","date":"2024-06-17T10:15:15.244Z","timestamp":1718619315244,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"qegyhig.com","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 16 May 2024 09:00:11 GMT","end":"Wed, 14 Aug 2024 09:00:10 GMT"},"fingerprint":{"sha1":"2C:95:C4:90:6E:FC:C6:08:CE:C1:B5:14:AA:70:9F:49:20:C9:CD:EF","sha256":"3A:E0:F4:61:1D:76:30:2E:D5:A9:D5:1B:9C:05:A9:19:A6:03:20:14:1D:C3:ED:3B:63:BE:60:C2:D5:4A:D8:7F"}}},"request":{"raw":"GET /wp-content/uploads/2023/09/cropped-02.-Idola-logo-alt-1-192x192.png HTTP/1.1\r\nHost: qegyhig.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://qegyhig.com/login.php11\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 17 Jun 2024 10:15:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 39922\r\nlast-modified: Wed, 27 Sep 2023 18:12:55 GMT\r\netag: \"651470a7-9bf2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\ncf-cache-status: HIT\r\nage: 327819\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=SKqOWdOAd4cJG3k2yMT%2FCDx5TdWPS7OPz%2BDIddIrMAaxfyxzLjd3Nx0yPSkd6v5Cbp4iOXqlpUFEgtFKUtJnSG%2F5YUMFVpjkdAxVE%2B3Xgd2mNXWnjM6%2FPiTrMxvefQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 895247003f57b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39922,"size_decoded":39922,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"d1f1811ac2c5b3160ce819832a1fe628","sha1":"fee51fc1b3cef119ba46580eac6229332c79d767","sha256":"c920945e4501a9a4ac5a7001abb17d84114ec9b6515a1afd16977d58518c1627","sha512":"cae746fcde2d793c5ebde6e782855ef035b19e64f4a639471b0d04a26f7d3259c35ce5656e2738b55b7012b9663103fc040f89172bc93ff3f29687ea68d21ecb","ssdeep":"","tlshash":"","first_seen":"2023-10-27T20:40:14Z","last_seen":"2026-03-29T09:14:33.798172Z","times_seen":4350,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"domain","title":"","description":"Quad9 DNS","scan_date":"2024-06-17","alert":"Sinkholed","trigger":"qegyhig.com","verdict":"malicious","severity":"medium","comment":"Sinkholed","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}