{"report_id":"8c256c93-fbd0-4e51-b1ce-154267e8b293","version":6,"status":"done","tags":[],"date":"2025-12-24T15:48:44Z","url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"title":"Finances | Blank Canvas - Part 2","dom":{"size":133689,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3501)","md5":"fc08cfb7720773431e404411f16c4f25","sha1":"3b70658d1181a0f28ef00f879d719453eb91a020","sha256":"fe480401b162ca6b3eb639d41010b192f230986d69bb764a10184e744a5325fc","sha512":"339d04c718babbf19b4715fc0315b3d349b345ab977255c4e0bba74faaed0f61c1ea67a3bdaaffe2af8f55af7be060ba815dbc16327edc70940d81e5aa5fcaed","ssdeep":"1536:bpuxcOBpqmLsxFQmyGL2aFQmW4L26MFQm2vLjzFQmC7LBfFQmuCLxKFQmmVL1eFU:tuxciL1eiMM5mx+NH8cj6GGmcn4v","tlshash":"9cd3223c068c529e1545a9c17dd86bf85ca6828fc94ade8fd3816cd956c2ecad23c3cd","dom_hash":"domhashd8146e7e41dd1bad870a3111f025f211","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-28T15:48:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:24Z","timestamp":1766591304,"ip_dst":{"addr":"172.18.0.9","port":55596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:24.358072+0000\",\"flow_id\":498708169278154,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55596,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/3/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://journal.cyberpartygal.com/index.php/category/finances/page/2/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":11195},\"files\":[{\"filename\":\"/index.php/category/finances/page/3/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":49152,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":35,\"pkts_toclient\":39,\"bytes_toserver\":3576,\"bytes_toclient\":55085,\"start\":\"2025-12-24T15:48:22.901834+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-21T22:17:07.06462Z","alert_count":0,"request_count":1,"received_data":6159,"sent_data":532,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-21T22:14:03.270461Z","alert_count":0,"request_count":5,"received_data":102144,"sent_data":2699,"comment":"","tags":null,"fingerprints":null},{"fqdn":"journal.cyberpartygal.com","ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2006-07-18","domain_rank":0,"first_seen":"2017-02-17T04:11:30Z","last_seen":"2025-12-07T12:57:53.450133Z","alert_count":19,"request_count":16,"received_data":575642,"sent_data":7152,"comment":"","tags":null,"fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"All in One SEO:2.2.7.1","description":"All in One SEO optimizes a WordPress website and its content for search engines.","website":"https://aioseo.com","common_platform_enumeration":"cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*","icon":"AIOSEO.svg","categories":["SEO","WordPress plugins"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"All in One SEO Pack:2.2.7.1","description":"All in One SEO plugin optimizes WordPress website and its content for search engines.","website":"https://aioseo.com","common_platform_enumeration":"cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*","icon":"AIOSEO.svg","categories":["SEO","WordPress plugins"]},{"name":"WordPress:4.3.34","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Twenty Fourteen","description":"Twenty Fourteen is the default WordPress theme for 2014.","website":"https://wordpress.org/themes/twentyfourteen","common_platform_enumeration":"","icon":"WordPress.svg","categories":["WordPress themes"]}]},{"fqdn":"apis.google.com","ip":{"addr":"142.250.74.142","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":1075,"first_seen":"2013-05-06T20:20:21Z","last_seen":"2025-12-21T22:54:50.767159Z","alert_count":0,"request_count":3,"received_data":289924,"sent_data":1323,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/plugins/sociable/js/vuible.js?ver=4.3.34","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"db6bb4f5e4fadd6bb006b54a5e18d76e","sha1":"7e173542a5893a4c3415953338f9134662bd8821","sha256":"ca270209378b6d58aea93564085a89234f062eba1a479eb4bbb038d65d48ce89","sha512":"a414643c322c56abfe19de27e95b1f0b1895a9bbf60658d64bec52f76952a22c7865e30a349ac96fdf925d3df7c97c0634ebda05e80830bf1e4bd2572237d940","ssdeep":"","tlshash":"7fe092e85cb7f41d801469446a7b940beda422a1f641e05c849c8c9a7590c426b73eb9","size":370,"data":"","first_seen":"2023-03-07T21:40:09Z","last_seen":"2026-02-22T08:26:18.867064Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/themes/twentyfourteen/js/functions.js?ver=20150315","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"efecceba5097cb8bdfa5e2f119b8fd90","sha1":"f9b083a8344a31d30848c0e46b6d13fcdd08aedd","sha256":"8fb65adc0a35b1683f0923e6ba15432924cfb6a530b9286228990432d6bcbde0","sha512":"78ba18323fbee67d0779d43a82a9857029ddef0dfac9ac4920daec7a68fa3cf9567612a5d55ccc75a39ab5d9ded4e1c5a638c2e83ab227eb91a6597c759574c0","ssdeep":"96:vL+HhPapwKVZPGV03m/kU0MOt3wqh8tQk5LhQ7abAO8IgXvcB4z+q2vVdf+G:vCEFVZ0DdA3VxYdQ7agEBY8","tlshash":"9a917688ff8e323341b630995a0f92dc727dc513f90029afbc85926825d496911bafad","size":4529,"data":"","first_seen":"2023-03-08T08:10:09Z","last_seen":"2026-04-04T14:03:40.647112Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-includes/js/jquery/jquery.js?ver=1.11.3","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"207abeb83412721d556faeba36e00822","sha1":"c06b7f0b1526037bcdc6639244c9692e2ef3ebdd","sha256":"ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20","sha512":"e7778309428f8adf7e6d5a6c8deb907b457052d0d2d653bf31595a61ec57bc92cfa1c0eab6170d32fa65859ca851171aaf3490431b3ffdcd0cae50ee18a36522","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmx:R+41ZqLTW8xRrqSb8qGH77da98Hri","tlshash":"5793d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","size":95977,"data":"","first_seen":"2023-03-07T01:16:41Z","last_seen":"2026-04-06T01:56:57.2902Z","times_seen":1228,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2107101573bdeceab7bc37258e605c11","sha1":"971ce7d9081ece672ac3ec486b6ab176566338e8","sha256":"7dc97ed0db692979204ed8ee2da9e744aa434525e6281786a68d65c5116ed488","sha512":"92f81679695ad3f79c320f0ff335117e51a1a11fa4680a5bb425bbc795599f963b58943ee00bb82e67acaafcfec16eff14dfc5dd80bbe262d2d4929451ab7b4e","ssdeep":"","tlshash":"c221216e3f4e24611b7649926eef5f12776aa00310888d76c941f8c018f9dd680ffa4e","size":1248,"data":"","first_seen":"2025-02-11T05:29:13.547993Z","last_seen":"2026-01-14T17:22:38.13127Z","times_seen":11,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.OE6tiwO4KJo.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_Itz6IAL6GO-n8kgAepm47TBsg1Q/cb=gapi.loaded_0?le=scs","fqdn":"apis.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6fe3c7a640810acc4d97b517db5b9d6c","sha1":"560eee2bc79d110765abaf0f669222a8f9f05a4c","sha256":"8a3e123cd1f1f1044f6d024e09f7226426b305dd73c47a195864cae6cd9c72f2","sha512":"0c6399c6a47e31119257a94d7303db67d93d18a8a62e18b0e5fef14cb653f102cd042b23e457aa401e5b05f323c31c894118319356a201f6249b564a19ab69d3","ssdeep":"3072:Dbyv1krVYg2CVKCIx0arm3aDEsnKTy37ONQgfwCVyrHSA:DbyuYg2CRKFxO3oEyb","tlshash":"d0f3d5ddb2a2b0669373b0a4503f010ab2bf58a9f4484d98f298c4e17ef954a4177f7d","size":159127,"data":"","first_seen":"2025-12-16T02:11:45.823405Z","last_seen":"2026-01-20T20:37:32.539459Z","times_seen":527,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a0fcf513647296fc595021e4c653b7e0","sha1":"6603cf44b57cfe5ec51f598d1e4550aee6baa2d3","sha256":"f8126712efe9074d7e491b958956ebcb895349fc06a0812e9d77b5175088fd1d","sha512":"cd8679ca60d61a0e9f2b5e7d21a16bb183fd0fa564fb00619e6db3360cdc544b625af7ca2f0720d5acceabee52ad929f61b68f166e706ac12b981c0264f5dc55","ssdeep":"","tlshash":"dcf024353826737c7ff09407ef122ff72f418365e2116d26c6a1288c328a147e4441aa","size":519,"data":"","first_seen":"2025-12-24T15:48:47.033883Z","last_seen":"2025-12-24T15:48:47.033883Z","times_seen":1,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"512b871a2830e44259bc3ce3343afcd0","sha1":"875bce76a77590c3c438bbc6e014b39c23c8c88d","sha256":"c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c","sha512":"7c31817254b71d4cac10120aa2829614311658e468036d27eb43b063b392620c4611ec3db3b3600da3e48fb82a41c5579c048fbd9022156f038b2b6cb5d946b5","ssdeep":"96:tBnSz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:znSzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"27e186dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","size":7200,"data":"","first_seen":"2023-03-07T01:10:34Z","last_seen":"2026-04-06T08:11:35.068104Z","times_seen":5412,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/plugins/sociable/js/addtofavorites.js?ver=4.3.34","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f74ee2f61bb32127302f6dace3c64ff8","sha1":"b562c8fa1a784bfa2f0243ad62cfea64a9cadf0b","sha256":"6ac5a5b932cc033b45802fad39421c2e74a97aa74f1397c517495b0c546a6a51","sha512":"666e21cbdd681fbdd9cfe6fca274b0400943b498d8d2eb6d3cc8364f96b96842adbfeb1bd41d3d918759ab68dce826074f55e00199b6a61f872095cc546d8ecb","ssdeep":"","tlshash":"4df0243900482236cd72e7fa5a93a250f696202b04c3a425364cc541bf75b03daee7d8","size":602,"data":"","first_seen":"2023-03-07T01:41:35Z","last_seen":"2026-03-01T15:08:26.707443Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e3ed4e22587d3dadc359b3db8fe23fda","sha1":"7e4845f8d4fd6b4359d0a4d2e8a27ba44533c0bd","sha256":"6855ccf9f0bf8666fa26f384ab9cb51e2b7e05561a3e1fcb5aba8a6d5a23fa12","sha512":"c02beb38f76d3134f89f8ed09df61de12c37c6d22e1f546d028bfda5ad1c8ec32456b60699655c60b2aa414046fb722dbacdc8e790ed5a3fbeb4e718ad1ae8c3","ssdeep":"","tlshash":"ddb01228470c20424811c34964d40bd0444d007a580dc57ca515088e18c0253a111501","size":87,"data":"","first_seen":"2023-03-12T22:32:09Z","last_seen":"2026-01-14T17:22:38.134161Z","times_seen":18,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"apis.google.com/js/plusone.js","fqdn":"apis.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.142","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"103a6dd1daaa0e9934111f00eb2b5ef9","sha1":"c79091963eb5a9c729133a438b27936033e8366f","sha256":"868428d047eae81852b278b6c04f4f66ed3a0fa69413189340d4561826e1a3a2","sha512":"505aabfa17e48e1323341b31b8ab3b92dd268e03fb4524bda989eb5499b384ec76036e6e1bffac8972a12341bd1767df17fef88a43c7b208e252c59413d4c178","ssdeep":"1536:wDGLvrNc+qGjGRadpYqelGVl6r82GeflL:rNc4nYqgr7GG","tlshash":"db53ead976a6703283a3b1a5103f010ef17b6da9fc4c98a8b199d4e42d74e89017bf7d","size":64107,"data":"","first_seen":"2025-12-15T23:07:22.188484Z","last_seen":"2026-01-20T20:37:32.542972Z","times_seen":583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"404465b8e8b597f31e1af474c4abe1d0","sha1":"e7f395a5b15e53ac973e372a885c04f98854f90f","sha256":"b3141fd18d054204b723a6481c2cd3bcd502ec4b76e5245f3322ff66dcd9fe77","sha512":"be8df7c193a99187300cde60c16bc8183eeb1475ea4e9e2f71fe7078e78f29678e8533dcb08a4a3899380785409d5fdd51be3e11284f32aa73c4dd53f6c03d23","ssdeep":"","tlshash":"205161ec23d5c98b27de6c87ce5ab89a65f20134abc1b1c3834d358d0bee853d2154a6","size":3018,"data":"","first_seen":"2023-03-07T12:27:32Z","last_seen":"2026-02-02T18:35:18.046674Z","times_seen":30,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"404465b8e8b597f31e1af474c4abe1d0","sha1":"e7f395a5b15e53ac973e372a885c04f98854f90f","sha256":"b3141fd18d054204b723a6481c2cd3bcd502ec4b76e5245f3322ff66dcd9fe77","sha512":"be8df7c193a99187300cde60c16bc8183eeb1475ea4e9e2f71fe7078e78f29678e8533dcb08a4a3899380785409d5fdd51be3e11284f32aa73c4dd53f6c03d23","ssdeep":"","tlshash":"205161ec23d5c98b27de6c87ce5ab89a65f20134abc1b1c3834d358d0bee853d2154a6","size":3018,"data":"","first_seen":"2023-03-07T12:27:32Z","last_seen":"2026-02-02T18:35:18.046674Z","times_seen":30,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.google.com/js/plusone.js","fqdn":"apis.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.142","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"103a6dd1daaa0e9934111f00eb2b5ef9","sha1":"c79091963eb5a9c729133a438b27936033e8366f","sha256":"868428d047eae81852b278b6c04f4f66ed3a0fa69413189340d4561826e1a3a2","sha512":"505aabfa17e48e1323341b31b8ab3b92dd268e03fb4524bda989eb5499b384ec76036e6e1bffac8972a12341bd1767df17fef88a43c7b208e252c59413d4c178","ssdeep":"1536:wDGLvrNc+qGjGRadpYqelGVl6r82GeflL:rNc4nYqgr7GG","tlshash":"db53ead976a6703283a3b1a5103f010ef17b6da9fc4c98a8b199d4e42d74e89017bf7d","size":64107,"data":"","first_seen":"2025-12-15T23:07:22.188484Z","last_seen":"2026-01-20T20:37:32.542972Z","times_seen":583,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/plugins/sociable/js/sociable.js?ver=4.3.34","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dcebfab6d25b5215a468d3434ed490b2","sha1":"3223ae7e0e4e79004c5f993131ccd38dd482525e","sha256":"06c8aab79dadc61c551b03c53b88170c2b3ad9aec51a4beae86991557b100069","sha512":"9d347a72448fb5409ad72f9438bd274056bbaf63082b0aeada56e4029f5b3aee3c06de9c2a1ab4e9ccd29b17a883fa4b21caf619d8066159d82d4c4b14c1651b","ssdeep":"","tlshash":"3641f45a31115176979ba72d1035838cbc3900592809e1b9bc9d8c9e7f38e9674cbee9","size":1959,"data":"","first_seen":"2023-03-07T01:41:35Z","last_seen":"2026-03-01T15:08:26.638807Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"404465b8e8b597f31e1af474c4abe1d0","sha1":"e7f395a5b15e53ac973e372a885c04f98854f90f","sha256":"b3141fd18d054204b723a6481c2cd3bcd502ec4b76e5245f3322ff66dcd9fe77","sha512":"be8df7c193a99187300cde60c16bc8183eeb1475ea4e9e2f71fe7078e78f29678e8533dcb08a4a3899380785409d5fdd51be3e11284f32aa73c4dd53f6c03d23","ssdeep":"","tlshash":"205161ec23d5c98b27de6c87ce5ab89a65f20134abc1b1c3834d358d0bee853d2154a6","size":3018,"data":"","first_seen":"2023-03-07T12:27:32Z","last_seen":"2026-02-02T18:35:18.046674Z","times_seen":30,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"404465b8e8b597f31e1af474c4abe1d0","sha1":"e7f395a5b15e53ac973e372a885c04f98854f90f","sha256":"b3141fd18d054204b723a6481c2cd3bcd502ec4b76e5245f3322ff66dcd9fe77","sha512":"be8df7c193a99187300cde60c16bc8183eeb1475ea4e9e2f71fe7078e78f29678e8533dcb08a4a3899380785409d5fdd51be3e11284f32aa73c4dd53f6c03d23","ssdeep":"","tlshash":"205161ec23d5c98b27de6c87ce5ab89a65f20134abc1b1c3834d358d0bee853d2154a6","size":3018,"data":"","first_seen":"2023-03-07T12:27:32Z","last_seen":"2026-02-02T18:35:18.046674Z","times_seen":30,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"404465b8e8b597f31e1af474c4abe1d0","sha1":"e7f395a5b15e53ac973e372a885c04f98854f90f","sha256":"b3141fd18d054204b723a6481c2cd3bcd502ec4b76e5245f3322ff66dcd9fe77","sha512":"be8df7c193a99187300cde60c16bc8183eeb1475ea4e9e2f71fe7078e78f29678e8533dcb08a4a3899380785409d5fdd51be3e11284f32aa73c4dd53f6c03d23","ssdeep":"","tlshash":"205161ec23d5c98b27de6c87ce5ab89a65f20134abc1b1c3834d358d0bee853d2154a6","size":3018,"data":"","first_seen":"2023-03-07T12:27:32Z","last_seen":"2026-02-02T18:35:18.046674Z","times_seen":30,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"404465b8e8b597f31e1af474c4abe1d0","sha1":"e7f395a5b15e53ac973e372a885c04f98854f90f","sha256":"b3141fd18d054204b723a6481c2cd3bcd502ec4b76e5245f3322ff66dcd9fe77","sha512":"be8df7c193a99187300cde60c16bc8183eeb1475ea4e9e2f71fe7078e78f29678e8533dcb08a4a3899380785409d5fdd51be3e11284f32aa73c4dd53f6c03d23","ssdeep":"","tlshash":"205161ec23d5c98b27de6c87ce5ab89a65f20134abc1b1c3834d358d0bee853d2154a6","size":3018,"data":"","first_seen":"2023-03-07T12:27:32Z","last_seen":"2026-02-02T18:35:18.046674Z","times_seen":30,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"404465b8e8b597f31e1af474c4abe1d0","sha1":"e7f395a5b15e53ac973e372a885c04f98854f90f","sha256":"b3141fd18d054204b723a6481c2cd3bcd502ec4b76e5245f3322ff66dcd9fe77","sha512":"be8df7c193a99187300cde60c16bc8183eeb1475ea4e9e2f71fe7078e78f29678e8533dcb08a4a3899380785409d5fdd51be3e11284f32aa73c4dd53f6c03d23","ssdeep":"","tlshash":"205161ec23d5c98b27de6c87ce5ab89a65f20134abc1b1c3834d358d0bee853d2154a6","size":3018,"data":"","first_seen":"2023-03-07T12:27:32Z","last_seen":"2026-02-02T18:35:18.046674Z","times_seen":30,"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T15:48:21.946Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /index.php/category/finances/page/2 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nkeep-alive: timeout=5, max=100\r\nx-powered-by: PHP/7.4.33\r\nx-pingback: http://journal.cyberpartygal.com/xmlrpc.php\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nx-litespeed-cache: hit\r\ncontent-length: 0\r\ndate: Wed, 24 Dec 2025 15:48:22 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":472,"timings":{"blocked":155,"dns":1,"connect":157,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/themes/twentyfourteen/style.css?ver=4.3.34","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.916Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/twentyfourteen/style.css?ver=4.3.34 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 31 Dec 2025 15:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 25 Aug 2015 13:33:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 17746\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":77408,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (417)","md5":"04e60c12a98210d9b6a8dc0726f70ede","sha1":"f77732b00a56192c78b7018ab05ff9fb572352a5","sha256":"89d5421464321e9a79fde0fda4ca654bfcd6ad1661e8f44c7c7e28c88eda838f","sha512":"18125988b749b000857b98c494635ce0375f41c98295ac4db4b5cc591843464bf9a11030575ba684446ecd92329c25c140aa5589e43d9251fcfa06a117431a0a","ssdeep":"1536:d6ALTisG8iDTvmu1G62jmN/thHejeSHD2Jn5cbOh75fgHa/wS/dil4r:rTniDbGm9thH","tlshash":"517374b1ae502d01633ec259ab84fa61d71d8296dd0e4feee899a51d83c47d001fff4a","first_seen":"2023-04-07T00:31:53Z","last_seen":"2026-01-14T17:22:38.113095Z","times_seen":20,"resource_available":false,"data":null}},"time_used":614,"timings":{"blocked":142,"dns":1,"connect":156,"send":0,"wait":157,"receive":157,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/plugins/sociable/js/sociable.js?ver=4.3.34","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.920Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/plugins/sociable/js/sociable.js?ver=4.3.34 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 17 Jun 2014 09:15:17 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 796\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1959,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"dcebfab6d25b5215a468d3434ed490b2","sha1":"3223ae7e0e4e79004c5f993131ccd38dd482525e","sha256":"06c8aab79dadc61c551b03c53b88170c2b3ad9aec51a4beae86991557b100069","sha512":"9d347a72448fb5409ad72f9438bd274056bbaf63082b0aeada56e4029f5b3aee3c06de9c2a1ab4e9ccd29b17a883fa4b21caf619d8066159d82d4c4b14c1651b","ssdeep":"","tlshash":"3641f45a31115176979ba72d1035838cbc3900592809e1b9bc9d8c9e7f38e9674cbee9","first_seen":"2023-03-07T01:41:35Z","last_seen":"2026-03-01T15:08:26.638807Z","times_seen":32,"resource_available":true,"data":null}},"time_used":512,"timings":{"blocked":156,"dns":1,"connect":177,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/plugins/sociable/js/addtofavorites.js?ver=4.3.34","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.922Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/plugins/sociable/js/addtofavorites.js?ver=4.3.34 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 17 Jun 2014 09:15:17 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 307\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":602,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF, CR line terminators","md5":"f74ee2f61bb32127302f6dace3c64ff8","sha1":"b562c8fa1a784bfa2f0243ad62cfea64a9cadf0b","sha256":"6ac5a5b932cc033b45802fad39421c2e74a97aa74f1397c517495b0c546a6a51","sha512":"666e21cbdd681fbdd9cfe6fca274b0400943b498d8d2eb6d3cc8364f96b96842adbfeb1bd41d3d918759ab68dce826074f55e00199b6a61f872095cc546d8ecb","ssdeep":"","tlshash":"4df0243900482236cd72e7fa5a93a250f696202b04c3a425364cc541bf75b03daee7d8","first_seen":"2023-03-07T01:41:35Z","last_seen":"2026-03-01T15:08:26.707443Z","times_seen":32,"resource_available":true,"data":null}},"time_used":485,"timings":{"blocked":317,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"apis.google.com/js/plusone.js","fqdn":"apis.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.142","port":80,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.923Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /js/plusone.js HTTP/1.1\r\nHost: apis.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\nContent-Type: text/javascript\r\nAccess-Control-Allow-Origin: *\r\nContent-Security-Policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team\r\nCross-Origin-Resource-Policy: cross-origin\r\nCross-Origin-Opener-Policy: same-origin; report-to=\"gapi-team\"\r\nReport-To: {\"group\":\"gapi-team\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gapi-team\"}]}\r\nTiming-Allow-Origin: *\r\nContent-Length: 24135\r\nDate: Wed, 24 Dec 2025 15:48:22 GMT\r\nExpires: Wed, 24 Dec 2025 15:48:22 GMT\r\nCache-Control: private, max-age=1800, stale-while-revalidate=1800\r\nETag: \"e26bacc2f86f9868\"\r\nX-Content-Type-Options: nosniff\r\nServer: sffe\r\nX-XSS-Protection: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64107,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1863)","md5":"103a6dd1daaa0e9934111f00eb2b5ef9","sha1":"c79091963eb5a9c729133a438b27936033e8366f","sha256":"868428d047eae81852b278b6c04f4f66ed3a0fa69413189340d4561826e1a3a2","sha512":"505aabfa17e48e1323341b31b8ab3b92dd268e03fb4524bda989eb5499b384ec76036e6e1bffac8972a12341bd1767df17fef88a43c7b208e252c59413d4c178","ssdeep":"1536:wDGLvrNc+qGjGRadpYqelGVl6r82GeflL:rNc4nYqgr7GG","tlshash":"db53ead976a6703283a3b1a5103f010ef17b6da9fc4c98a8b199d4e42d74e89017bf7d","first_seen":"2025-12-15T23:07:22.188484Z","last_seen":"2026-01-20T20:37:32.542972Z","times_seen":583,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":12,"dns":0,"connect":21,"send":0,"wait":31,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.google.com/js/plusone.js","fqdn":"apis.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:23.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.apis.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:27 GMT","end":"Wed, 25 Feb 2026 15:57:26 GMT"},"fingerprint":{"sha1":"9D:87:A6:34:80:A6:6D:D2:FD:7F:96:8E:A7:75:88:C7:2E:76:91:00","sha256":"0C:7D:32:2B:56:B7:17:3C:20:8C:C2:19:8C:8F:EE:E6:10:1A:78:96:9D:30:69:1F:AD:89:F4:53:3D:12:55:68"}}},"request":{"raw":"GET /js/plusone.js HTTP/1.1\r\nHost: apis.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\ncontent-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"gapi-team\"\r\nreport-to: {\"group\":\"gapi-team\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gapi-team\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24135\r\ndate: Wed, 24 Dec 2025 15:48:24 GMT\r\nexpires: Wed, 24 Dec 2025 15:48:24 GMT\r\ncache-control: private, max-age=1800, stale-while-revalidate=1800\r\netag: \"e26bacc2f86f9868\"\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64107,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1863)","md5":"103a6dd1daaa0e9934111f00eb2b5ef9","sha1":"c79091963eb5a9c729133a438b27936033e8366f","sha256":"868428d047eae81852b278b6c04f4f66ed3a0fa69413189340d4561826e1a3a2","sha512":"505aabfa17e48e1323341b31b8ab3b92dd268e03fb4524bda989eb5499b384ec76036e6e1bffac8972a12341bd1767df17fef88a43c7b208e252c59413d4c178","ssdeep":"1536:wDGLvrNc+qGjGRadpYqelGVl6r82GeflL:rNc4nYqgr7GG","tlshash":"db53ead976a6703283a3b1a5103f010ef17b6da9fc4c98a8b199d4e42d74e89017bf7d","first_seen":"2025-12-15T23:07:22.188484Z","last_seen":"2026-01-20T20:37:32.542972Z","times_seen":583,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":68,"dns":1,"connect":8,"send":0,"wait":18,"receive":8,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.OE6tiwO4KJo.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_Itz6IAL6GO-n8kgAepm47TBsg1Q/cb=gapi.loaded_0?le=scs","fqdn":"apis.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.142","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:23.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.apis.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:27 GMT","end":"Wed, 25 Feb 2026 15:57:26 GMT"},"fingerprint":{"sha1":"9D:87:A6:34:80:A6:6D:D2:FD:7F:96:8E:A7:75:88:C7:2E:76:91:00","sha256":"0C:7D:32:2B:56:B7:17:3C:20:8C:C2:19:8C:8F:EE:E6:10:1A:78:96:9D:30:69:1F:AD:89:F4:53:3D:12:55:68"}}},"request":{"raw":"GET /_/scs/abc-static/_/js/k=gapi.lb.en.OE6tiwO4KJo.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_Itz6IAL6GO-n8kgAepm47TBsg1Q/cb=gapi.loaded_0?le=scs HTTP/1.1\r\nHost: apis.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"social-frontend-mpm-access\"\r\nreport-to: {\"group\":\"social-frontend-mpm-access\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access\"}]}\r\ncontent-length: 54575\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 22 Dec 2025 21:46:27 GMT\r\nexpires: Tue, 22 Dec 2026 21:46:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 151317\r\nlast-modified: Sat, 06 Dec 2025 15:19:45 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":159127,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (1574)","md5":"6fe3c7a640810acc4d97b517db5b9d6c","sha1":"560eee2bc79d110765abaf0f669222a8f9f05a4c","sha256":"8a3e123cd1f1f1044f6d024e09f7226426b305dd73c47a195864cae6cd9c72f2","sha512":"0c6399c6a47e31119257a94d7303db67d93d18a8a62e18b0e5fef14cb653f102cd042b23e457aa401e5b05f323c31c894118319356a201f6249b564a19ab69d3","ssdeep":"3072:Dbyv1krVYg2CVKCIx0arm3aDEsnKTy37ONQgfwCVyrHSA:DbyuYg2CRKFxO3oEyb","tlshash":"d0f3d5ddb2a2b0669373b0a4503f010ab2bf58a9f4484d98f298c4e17ef954a4177f7d","first_seen":"2025-12-16T02:11:45.823405Z","last_seen":"2026-01-20T20:37:32.539459Z","times_seen":527,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":86,"dns":1,"connect":21,"send":0,"wait":9,"receive":9,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T15:48:22.608Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /index.php/category/finances/page/2/ HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\nx-powered-by: PHP/7.4.33\r\nx-pingback: http://journal.cyberpartygal.com/xmlrpc.php\r\ncontent-type: text/html; charset=UTF-8\r\netag: \"34039-1766428504;gz\"\r\nx-litespeed-cache: hit\r\ntransfer-encoding: chunked\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ndate: Wed, 24 Dec 2025 15:48:22 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"All in One SEO:2.2.7.1","description":"All in One SEO optimizes a WordPress website and its content for search engines.","website":"https://aioseo.com","common_platform_enumeration":"cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*","icon":"AIOSEO.svg","categories":["SEO","WordPress plugins"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"All in One SEO Pack:2.2.7.1","description":"All in One SEO plugin optimizes WordPress website and its content for search engines.","website":"https://aioseo.com","common_platform_enumeration":"cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*","icon":"AIOSEO.svg","categories":["SEO","WordPress plugins"]},{"name":"WordPress:4.3.34","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Twenty Fourteen","description":"Twenty Fourteen is the default WordPress theme for 2014.","website":"https://wordpress.org/themes/twentyfourteen","common_platform_enumeration":"","icon":"WordPress.svg","categories":["WordPress themes"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":134075,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3525)","md5":"7fc046920ba336d7e11decbf90f76e07","sha1":"dbed6ba63f32925979afd1fa730085c338669a0e","sha256":"fe555983c93a1ebf67d32e718ac71519eeebb9a14f6760d7fab9b4c58f6f1d62","sha512":"dc3b68da0f7320d7379db2edc5c99733c554bd16bbcdbb32637aeb52eb1c438806e8205d6481561f957d2cf440df6d0b219e9daf830e039424301e52ba2e4715","ssdeep":"1536:Ad43CZBRqmLs6FQmyGL2UFQmW4L2+MFQm2vLjpFQmC7LBaFQmuCLxgFQmmVL1HFk:k43C3K3yYfWmF7CRtmAtTQcA02","tlshash":"72d3523c064c529e1546a9c17ed86bf85ca2818fc949ee8fd3856cd956c2acad33c3cd","first_seen":"2025-12-24T15:48:47.022907Z","last_seen":"2025-12-24T15:48:47.022907Z","times_seen":1,"resource_available":false,"data":null}},"time_used":317,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":159,"receive":158,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic\u0026subset=latin%2Clatin-ext","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic\u0026subset=latin%2Clatin-ext HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 24 Dec 2025 15:48:22 GMT\r\ndate: Wed, 24 Dec 2025 15:48:22 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5473,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e66768eda810920697a1a019093a55e5","sha1":"001c5b34d05bf9f6d6cd44380c447299752a566e","sha256":"d2fbbb3b75e99d3934df22a8171aefab4059651105bfa8df0bd89e7594da8fef","sha512":"8cf16f4aefd56c6a3fb83a4c537be43e7769509c6d1a97ff5174efe1c8006d80676275de5aa4af9c2a57b0103e6a7aff23d316c45a4acbbce351ee5cfaf6f50c","ssdeep":"96:HYgW/pJc+u7YgW/jNKYgLUJc+u7YgLeNKYgC/KJc+u7YgC/gNKOWhJc+u7OWSNKi:4l/J3l/lkw3kip/i3p/jR6E7nx5u77QD","tlshash":"feb1c092096fb508db930dc212da7d32ef0fa25064459835eeff14d8bc93d6a9362b0d","first_seen":"2025-09-19T03:03:16.886645Z","last_seen":"2026-04-05T11:00:42.984741Z","times_seen":769,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":73,"dns":1,"connect":7,"send":0,"wait":18,"receive":0,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-includes/js/jquery/jquery.js?ver=1.11.3","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.917Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-includes/js/jquery/jquery.js?ver=1.11.3 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 25 Aug 2015 13:32:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 37631\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":95977,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32038)","md5":"207abeb83412721d556faeba36e00822","sha1":"c06b7f0b1526037bcdc6639244c9692e2ef3ebdd","sha256":"ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20","sha512":"e7778309428f8adf7e6d5a6c8deb907b457052d0d2d653bf31595a61ec57bc92cfa1c0eab6170d32fa65859ca851171aaf3490431b3ffdcd0cae50ee18a36522","ssdeep":"1536:OP10iSi65U/dXXeyhzeBuG+HYE0WEeLDFoNqLTW8+S5VRZIVI6xSb8xh2ZbQnRmx:R+41ZqLTW8xRrqSb8qGH77da98Hri","tlshash":"5793d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T01:16:41Z","last_seen":"2026-04-06T01:56:57.2902Z","times_seen":1228,"resource_available":true,"data":null}},"time_used":659,"timings":{"blocked":153,"dns":1,"connect":168,"send":0,"wait":168,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/themes/twentyfourteen/js/functions.js?ver=20150315","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.934Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/twentyfourteen/js/functions.js?ver=20150315 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 25 Aug 2015 13:33:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 1848\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4529,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text","md5":"efecceba5097cb8bdfa5e2f119b8fd90","sha1":"f9b083a8344a31d30848c0e46b6d13fcdd08aedd","sha256":"8fb65adc0a35b1683f0923e6ba15432924cfb6a530b9286228990432d6bcbde0","sha512":"78ba18323fbee67d0779d43a82a9857029ddef0dfac9ac4920daec7a68fa3cf9567612a5d55ccc75a39ab5d9ded4e1c5a638c2e83ab227eb91a6597c759574c0","ssdeep":"96:vL+HhPapwKVZPGV03m/kU0MOt3wqh8tQk5LhQ7abAO8IgXvcB4z+q2vVdf+G:vCEFVZ0DdA3VxYdQ7agEBY8","tlshash":"9a917688ff8e323341b630995a0f92dc727dc513f90029afbc85926825d496911bafad","first_seen":"2023-03-08T08:10:09Z","last_seen":"2026-04-04T14:03:40.647112Z","times_seen":50,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh50XSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:23.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://journal.cyberpartygal.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 22504\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 24 Dec 2025 12:10:27 GMT\r\nexpires: Thu, 24 Dec 2026 12:10:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 13076\r\nlast-modified: Mon, 15 Sep 2025 17:09:19 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":22504,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22504, version 1.0","md5":"1c6c65523675abc6fcd78e804325bd77","sha1":"898d9808304dc157f5dcb18ca169ec6e2b96b3d7","sha256":"08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92","sha512":"1505e8496c9bee214c5f8815f8d88a31ffe2baeb6fba81a8228bd52220b9b2bb10464c1e1dba11d6881583dfa478cdfb30a79cfa6f069c362fb65443feb06918","ssdeep":"384:ZbL6k1TUlBxUp5VLlLJGv2VulERzgWuXlY9zehEsapJznPEUAAnUgf0n6iXatBbF:pLfTuYfVVJGv2VuIzgWAlYteh6nPEzAF","tlshash":"8aa2f18a13d7a414878983f12c5ed63d7fac7cc7994282d2a606bc494e3dcb6b430bc4","first_seen":"2023-04-17T13:30:58Z","last_seen":"2026-04-06T10:22:33.629433Z","times_seen":28571,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":144,"dns":0,"connect":0,"send":0,"wait":13,"receive":4,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh7USSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:23.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://journal.cyberpartygal.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23236\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 20 Dec 2025 10:38:34 GMT\r\nexpires: Sun, 20 Dec 2026 10:38:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 364189\r\nlast-modified: Mon, 15 Sep 2025 17:09:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23236,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23236, version 1.0","md5":"716309aab2bca045f9627f63ad79d0bf","sha1":"38804233a29aaf975d557fe14e762c627bef76e0","sha256":"115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429","sha512":"adb0bc6cb9b230eda5dac7396a94a9a4dba9c8ba0b2eb73f5f21a20c3ca3d14651420bc6a17e67a71b5bba624f5a4e92d55cbbb898985dcca838184f6dfb2b15","ssdeep":"384:AHLaTYDpoR9l+9cJHxkGk3kbFpW88POLvFd9EDtwntxiFyLs86d975a2sfbAh:AHLKSSD49c0SFQ1wFnCajiws86dJ59WK","tlshash":"8aa2e10a0b99e00ff53655ba7504daa0b1c554b9c3ed69a2a12115c7b4eeecbf83138e","first_seen":"2023-04-05T15:38:53Z","last_seen":"2026-04-06T10:22:33.651179Z","times_seen":37461,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":140,"dns":0,"connect":0,"send":0,"wait":8,"receive":4,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/plugins/sociable/css/sociable.css?ver=4.3.34","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.910Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/plugins/sociable/css/sociable.css?ver=4.3.34 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 31 Dec 2025 15:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 17 Jun 2014 09:15:17 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 1285\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5949,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"70911bee61f47e712d56a0ec39bc54c5","sha1":"a9b2dbd0171e7ea7c0097020b9ffa7c21cf7cca0","sha256":"e1f099ccb057f5be534eed6f132d6bc4a0784a6ad598c948bd017b3e8ed947f0","sha512":"792d53ad747b49fed04cf6a2edb5ddfcc46ec1d45e3c2c3484343571b304703ddc4776ed906d4aa75ca56135fafaadb14ec7c8bb64a84cb954639354db5e159a","ssdeep":"48:NwVZqZJMZFZyZfZUZJZmZwnXR61Hrx08XfHNHIJyHK5vH7HK4FH1HOClLBNCrVtz:2jOSTWxsX6w6V6F6CX7qbdyvC","tlshash":"49c1ec6c86a5598fe67f80d5eb23638d4e6c8143af051a78f0ecb2b9772d72808725d1","first_seen":"2023-04-07T00:31:53Z","last_seen":"2026-03-22T13:08:11.636991Z","times_seen":29,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":344,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.918Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 17 Jun 2014 09:13:09 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 3201\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":7200,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (7085), with CRLF line terminators","md5":"512b871a2830e44259bc3ce3343afcd0","sha1":"875bce76a77590c3c438bbc6e014b39c23c8c88d","sha256":"c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c","sha512":"7c31817254b71d4cac10120aa2829614311658e468036d27eb43b063b392620c4611ec3db3b3600da3e48fb82a41c5579c048fbd9022156f038b2b6cb5d946b5","ssdeep":"96:tBnSz91Gwyk35YrfBewIt9jKLKDs2SFNK7wIDBRANyCfVJ45NI:znSzvGw/35YbMx9jKLKD3UIDBR8VVUq","tlshash":"27e186dc72aab5611ffa30a8503bd21b72b25aec140d95a4f08ccde5392cc5d413ab7e","first_seen":"2023-03-07T01:10:34Z","last_seen":"2026-04-06T08:11:35.068104Z","times_seen":5412,"resource_available":true,"data":null}},"time_used":488,"timings":{"blocked":152,"dns":1,"connect":167,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:23.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://journal.cyberpartygal.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23040\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 18 Dec 2025 09:54:26 GMT\r\nexpires: Fri, 18 Dec 2026 09:54:26 GMT\r\ncache-control: public, max-age=31536000\r\nage: 539637\r\nlast-modified: Mon, 15 Sep 2025 17:11:31 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23040,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23040, version 1.0","md5":"de69cf9e514df447d1b0bb16f49d2457","sha1":"2ac78601179c3a63ba3f3f3081556b12ddcaf655","sha256":"c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49","sha512":"4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1","ssdeep":"384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD","tlshash":"fca2e1c05cc1e2d4ae02daf7fda5a4eab4e2f01123a8f65f8f114b75d505993640fe01","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-06T10:04:21.701042Z","times_seen":135932,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":103,"dns":2,"connect":7,"send":0,"wait":8,"receive":3,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:23.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://journal.cyberpartygal.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 24 Dec 2025 12:31:08 GMT\r\nexpires: Thu, 24 Dec 2026 12:31:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 11835\r\nlast-modified: Mon, 15 Sep 2025 17:09:41 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23580, version 1.0","md5":"e1b3b5908c9cf23dfb2b9c52b9a023ab","sha1":"fcd4136085f2a03481d9958cc6793a5ed98e714c","sha256":"918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537","sha512":"b2da7ef768385707afed62ca1f178efc6aa14519762e3f270129b3afee4d3782cb991e6fa66b3b08a2f81ff7caba0b4c34c726d952198b2ac4a784b36eb2a828","ssdeep":"384:dRkIAJ8pVwWTW5VVjdVn8+2yvAMdriCEOY0kfW9GkAPqpPHi2vUuUSzB8:dKIAJ8pVHTZ+riY9oCpPHiodUeK","tlshash":"91b2e1ce5d546e3a8028213785c17b488273572e9edf42c6dd83a6263a7092cfd3d96e","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-06T10:04:21.525548Z","times_seen":185157,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":146,"dns":1,"connect":20,"send":0,"wait":11,"receive":2,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/index.php/category/finances/page/3/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"other","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:24.188Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /index.php/category/finances/page/3/ HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\nx-powered-by: PHP/7.4.33\r\nx-pingback: http://journal.cyberpartygal.com/xmlrpc.php\r\ncontent-type: text/html; charset=UTF-8\r\netag: \"27515-1766095950;gz\"\r\nx-litespeed-cache: hit\r\ntransfer-encoding: chunked\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ndate: Wed, 24 Dec 2025 15:48:24 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery Migrate:1.2.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"PHP:7.4.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"All in One SEO Pack:2.2.7.1","description":"All in One SEO plugin optimizes WordPress website and its content for search engines.","website":"https://aioseo.com","common_platform_enumeration":"cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*","icon":"AIOSEO.svg","categories":["SEO","WordPress plugins"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:4.3.34","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"All in One SEO:2.2.7.1","description":"All in One SEO optimizes a WordPress website and its content for search engines.","website":"https://aioseo.com","common_platform_enumeration":"cpe:2.3:a:aioseo:all_in_one_seo:*:*:*:*:*:wordpress:*:*","icon":"AIOSEO.svg","categories":["SEO","WordPress plugins"]},{"name":"Twenty Fourteen","description":"Twenty Fourteen is the default WordPress theme for 2014.","website":"https://wordpress.org/themes/twentyfourteen","common_platform_enumeration":"","icon":"WordPress.svg","categories":["WordPress themes"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":133061,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3417)","md5":"d1198a2ecf165b3b4f56784dfb91b2c1","sha1":"045cca1f0e00dc7dc932457dcd5aa57bb6bb6a55","sha256":"cc203e615f4671155de4f2e22f42c06e66ef806ca080771fa6b4f4a8eae3391d","sha512":"b8d5eb7380d21fcf416ad609b0b94a7aa1928c0d4f6881c4b43a1c708648b9bdc55078b5db14f9e5ca873178714179083271c6fb8d73217fe14f5d0c1755a709","ssdeep":"1536:Ed43CZWpDaxLwlFQm+OLOrFQmG0LRDFQme2LVlFQmCmLe0FQm2rLGtFQmiZLd9Fb:o43CUp6cDVzbgP7CRtmAtTQcA09","tlshash":"9cd3433c068c529e1545a9c17ed86bf81da6818fc949ee8fd3856cd856c2acad33c3cd","first_seen":"2025-12-24T15:48:47.029035Z","last_seen":"2025-12-24T15:48:47.029035Z","times_seen":1,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:24Z","timestamp":1766591304,"ip_dst":{"addr":"172.18.0.9","port":55596,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:24.358072+0000\",\"flow_id\":498708169278154,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55596,\"proto\":\"TCP\",\"tx_id\":2,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/3/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_refer\":\"http://journal.cyberpartygal.com/index.php/category/finances/page/2/\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":11195},\"files\":[{\"filename\":\"/index.php/category/finances/page/3/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":49152,\"tx_id\":2}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":35,\"pkts_toclient\":39,\"bytes_toserver\":3576,\"bytes_toclient\":55085,\"start\":\"2025-12-24T15:48:22.901834+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T15:48:21.142Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /index.php/category/finances/page/2 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":414,"timings":{"blocked":414,"dns":0,"connect":169,"send":0,"wait":0,"receive":0,"ssl":179},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"journal.cyberpartygal.com/index.php/category/finances/page/2/","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-24T15:48:22.279Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /index.php/category/finances/page/2/ HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-06T10:11:42.852405Z","times_seen":13418069,"resource_available":true,"data":null}},"time_used":322,"timings":{"blocked":0,"dns":1,"connect":156,"send":0,"wait":0,"receive":0,"ssl":161},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-24T15:48:22Z","timestamp":1766591302,"ip_dst":{"addr":"172.18.0.9","port":55562,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1","source":"{\"timestamp\":\"2025-12-24T15:48:22.924492+0000\",\"flow_id\":470990597743753,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"198.187.31.93\",\"src_port\":80,\"dest_ip\":\"172.18.0.9\",\"dest_port\":55562,\"proto\":\"TCP\",\"tx_id\":1,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2036300,\"rev\":3,\"signature\":\"ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2022_04_21\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Significant\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_04_27\"]}},\"http\":{\"hostname\":\"journal.cyberpartygal.com\",\"url\":\"/index.php/category/finances/page/2/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":200,\"length\":14091},\"files\":[{\"filename\":\"/index.php/category/finances/page/2/\",\"sid\":[],\"gaps\":false,\"state\":\"TRUNCATED\",\"stored\":false,\"size\":65536,\"tx_id\":1}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":15,\"pkts_toclient\":13,\"bytes_toserver\":1887,\"bytes_toclient\":17193,\"start\":\"2025-12-24T15:48:21.943241+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/themes/twentyfourteen/style.css","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.905Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/twentyfourteen/style.css HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 31 Dec 2025 15:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 25 Aug 2015 13:33:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 17746\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":77408,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (417)","md5":"04e60c12a98210d9b6a8dc0726f70ede","sha1":"f77732b00a56192c78b7018ab05ff9fb572352a5","sha256":"89d5421464321e9a79fde0fda4ca654bfcd6ad1661e8f44c7c7e28c88eda838f","sha512":"18125988b749b000857b98c494635ce0375f41c98295ac4db4b5cc591843464bf9a11030575ba684446ecd92329c25c140aa5589e43d9251fcfa06a117431a0a","ssdeep":"1536:d6ALTisG8iDTvmu1G62jmN/thHejeSHD2Jn5cbOh75fgHa/wS/dil4r:rTniDbGm9thH","tlshash":"517374b1ae502d01633ec259ab84fa61d71d8296dd0e4feee899a51d83c47d001fff4a","first_seen":"2023-04-07T00:31:53Z","last_seen":"2026-01-14T17:22:38.113095Z","times_seen":20,"resource_available":false,"data":null}},"time_used":508,"timings":{"blocked":346,"dns":0,"connect":0,"send":0,"wait":161,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/themes/twentyfourteen/genericons/genericons.css?ver=3.0.3","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.914Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/themes/twentyfourteen/genericons/genericons.css?ver=3.0.3 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 31 Dec 2025 15:48:23 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 25 Aug 2015 13:33:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 19365\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":31045,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (23046)","md5":"8604c201ca1b346289d82daf2b6c91f6","sha1":"a2f313157b00dc601ce25da4fe43f14b9e7e5974","sha256":"4d5679eb4ffe764c49e2fb1386bf3ef04139e7a5a9e867da46aa1045374d6925","sha512":"2daade885f5476394269b3e411cbc461d4beea498e5e6b40cb9d1663fb88af85d29febd2a3d6248f565cfe20ea543e83194a0bd02e222eb96fa60cc189c64993","ssdeep":"384:p40WSp7xjYEzpIB/VOIp1d2a7147STWoDh4DUI7qZJ1c0ZdW0k9r5HKkhqwse3yk:qgjYASN1dZVu7Q1c0vW0kPhj1yD9EihY","tlshash":"d7d2fcf145a82090130ada543307f1746f84713998a4aea9f18eee8dc7e9f39d6d63dc","first_seen":"2023-04-05T07:30:22Z","last_seen":"2026-04-06T00:07:01.337479Z","times_seen":1103,"resource_available":false,"data":null}},"time_used":618,"timings":{"blocked":141,"dns":1,"connect":158,"send":0,"wait":160,"receive":158,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/wp-content/plugins/sociable/js/vuible.js?ver=4.3.34","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:22.921Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /wp-content/plugins/sociable/js/vuible.js?ver=4.3.34 HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/javascript\r\nlast-modified: Tue, 17 Jun 2014 09:15:17 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ncontent-length: 214\r\ndate: Wed, 24 Dec 2025 15:48:23 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":370,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"db6bb4f5e4fadd6bb006b54a5e18d76e","sha1":"7e173542a5893a4c3415953338f9134662bd8821","sha256":"ca270209378b6d58aea93564085a89234f062eba1a479eb4bbb038d65d48ce89","sha512":"a414643c322c56abfe19de27e95b1f0b1895a9bbf60658d64bec52f76952a22c7865e30a349ac96fdf925d3df7c97c0634ebda05e80830bf1e4bd2572237d940","ssdeep":"","tlshash":"7fe092e85cb7f41d801469446a7b940beda422a1f641e05c849c8c9a7590c426b73eb9","first_seen":"2023-03-07T21:40:09Z","last_seen":"2026-02-22T08:26:18.867064Z","times_seen":34,"resource_available":true,"data":null}},"time_used":330,"timings":{"blocked":172,"dns":0,"connect":0,"send":0,"wait":158,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6uyw4BMUTPHjxAwXjeu.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:23.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/lato/v25/S6uyw4BMUTPHjxAwXjeu.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: http://journal.cyberpartygal.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 5612\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Dec 2025 22:43:40 GMT\r\nexpires: Thu, 17 Dec 2026 22:43:40 GMT\r\ncache-control: public, max-age=31536000\r\nage: 579883\r\nlast-modified: Mon, 15 Sep 2025 17:09:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5612,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 5612, version 1.0","md5":"633f8feda2188d767d2396652da17377","sha1":"d35cc70037f82ab61d86f2c4d80685a474821d45","sha256":"8b9fc9737043f88c1a9a7195c27a239bd329cc33d928ffb67736c61ae7a1dbbd","sha512":"edadc35473adc7d3d2b6c0bc04789dc78c7f38c0eccac6f08625738d5c8cfa9203c1d9ef2ee6ce721fabc5a4eba41cd19f47e56dc85ff3bc1f7f0ede2ec5ba0b","ssdeep":"96:iD0G8mpQLE+J8uftoCUdUZ/OGjfSg7uov39XTr9a8dBmhPk7jJ5lpqaAjiv/8qBA:7xXLZ8uVoCUdUFOGjJ7Pv39Pw0MiZ5cB","tlshash":"23c1af36b54e1d4bf74201b8137b823e41c70c621637356dbb16aa9418dcf4161371e7","first_seen":"2025-09-17T03:45:02.002945Z","last_seen":"2026-04-06T09:34:47.55398Z","times_seen":3202,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":60,"dns":3,"connect":20,"send":0,"wait":8,"receive":1,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"journal.cyberpartygal.com/favicon.ico","fqdn":"journal.cyberpartygal.com","domain":"cyberpartygal.com","tld":"com"},"ip":{"addr":"198.187.31.93","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://journal.cyberpartygal.com/index.php/category/finances/page/2/","date":"2025-12-24T15:48:23.980Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: journal.cyberpartygal.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://journal.cyberpartygal.com/index.php/category/finances/page/2/\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nkeep-alive: timeout=5, max=100\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Wed, 24 Dec 2025 15:48:24 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1251,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-04-06T10:15:03.362162Z","times_seen":116124,"resource_available":true,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-24","alert":"Sinkholed","trigger":"journal.cyberpartygal.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}