{"report_id":"95adbcb8-1e67-4c98-9421-0dd8657b8b87","version":6,"status":"done","tags":["phishing","kratos","aitm"],"date":"2025-10-10T07:24:40Z","url":{"schema":"http","addr":"inf-systems.cfd/","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"104.21.35.87","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"inf-systems.cfd/hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/index","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"title":"Processing.."},"submit":{"url":{"schema":"http","addr":"inf-systems.cfd/","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"104.21.35.87","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-14T07:24:40Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":3,"analyzer":6}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"api.capchk.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]},"summary":[{"fqdn":"inf-systems.cfd","ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-29","domain_rank":0,"first_seen":"2025-10-10T07:24:40.922547Z","last_seen":"2025-10-10T07:24:40.922547Z","alert_count":91,"request_count":13,"received_data":433370,"sent_data":7142,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"api.capchk.org","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-10-03","domain_rank":0,"first_seen":"2025-10-06T12:44:17.37183Z","last_seen":"2025-10-06T12:44:17.37183Z","alert_count":2,"request_count":2,"received_data":1863,"sent_data":1077,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-10-05T22:15:40.094389Z","alert_count":0,"request_count":1,"received_data":3575,"sent_data":441,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"inf-systems.cfd/","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"146538ec79fabaaa6f241b4635e3b477","sha1":"62972c0c80eeb0abad3215449f0e27765ae4d480","sha256":"a7f5db3710f2405b313450d21af0269173740c2c84e73a2856a16fe640255bd9","sha512":"580658f17bbde2d36783cfbb524181ff4c5d7994a40b4ed99b21affde4aaa59913f756d40c5aaed496c10bf1d84c4e900f7a150c07b0e8cb7e5189541d5b12c0","ssdeep":"192:zGGv/bpgGIhkFT3s/+HkjhJ6d7esptLaeZRORbSKgwBaDqDaiZbd:zGGvFgGIhkFAM+eZRORbSKgw0DZobd","tlshash":"d5323dd6b586d9dac3237014573b4e045e1427eb0f44fa00ae0d268d26eadee7ad6cd8","size":11858,"data":"","first_seen":"2025-10-10T07:24:45.484674Z","last_seen":"2025-10-10T07:24:45.484674Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inf-systems.cfd/hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/js/clEoeJKcfGfanUL.js","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d73540e77a95afc0e175e6832632f80","sha1":"395b7f01612c818e42180d7bd6cc45dee889d931","sha256":"22b383bee9018beb60be59df9dc5693b710b4fbb460c4ee72249eb6bbb15340b","sha512":"845d3078a4f637aefc1cd555bc821a608ddf3f20254c2e3eae22746369f14c8b5fa3a3aae65ac47953c66d6293cda0014188649b13caa816f545fa4c074de58e","ssdeep":"192:XJOvc1ds4w/WeDKCOtsclRSQdZ1opYAGARKWmuykrLe0L8sYAqzLkK0hYS1:5O94EWIKCOlRS2o6AGAHx3HLEvqj","tlshash":"ce62409e26523da3d21fd6f606c7a2cba9b42540cb884002c6dc53c876786e573f9c7b","size":15856,"data":"","first_seen":"2025-07-27T12:49:35.332897Z","last_seen":"2026-03-27T16:48:21.866617Z","times_seen":787,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inf-systems.cfd/js/uhd7U5TWI0JdkQnDgum6.js","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"43437c1e98ae60aeff0ce50cf289704d","sha1":"fa876b2fca36f4005cff11590eec093700704965","sha256":"37cbeeaa7381b5816ab1130ad234a8fd00d79151ab6ca4798cf474949a00d85b","sha512":"d0ac62c2db69d1c3c4d27c555b532b0e23995e5799ccfe80438bd849f675a96772e85e6024917d31d6801d8b48db0db6cc9842b7666bedc0136e1cbf73540ac0","ssdeep":"1536:hA/lngyoRowAozxG1jvCVjxJ1RUUOvaPk:hcng3oeWGk","tlshash":"6673f6081ba2662287573161aeaf820b7424950f1d095e1cb90ce0dd6fed57ac2feff5","size":73441,"data":"","first_seen":"2025-10-09T21:49:49.768762Z","last_seen":"2025-10-24T12:32:19.702052Z","times_seen":182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inf-systems.cfd/","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b58f246301a6704d325ba50faaeecaac","sha1":"c1d59fcc6e4485a11cf506f22f6ff75ce0dd1545","sha256":"6e1e6891988872df9ba0c4fff1763802bc72898cd12f0fb3edd4935d09767a92","sha512":"a2ec32eec1fb8b1e1f867190ee7540271ad052d7f36d60f52da8daac42777d1e0f159f1a728d1c47cffe7ab76212662da7b8d511fac12cae8f8b4b390303b118","ssdeep":"192:bBXzA3yZILyv7C/sBC5y8wy/LQ1khUd22BTAF/C+o3v5t8XKHxQu100bKWehWCQ8:bBR+swiSF/C+A8oVGb7U2","tlshash":"d252605daaf730741473707e8befa205363a61232109de407e1c93045fa5e6a46e7fda","size":13717,"data":"","first_seen":"2025-10-10T07:24:45.489456Z","last_seen":"2025-10-10T07:24:45.489456Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inf-systems.cfd/","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d7a597157bdb4d9e747b70b405a12a44","sha1":"f4fb1c90c79f5dcd9248a09e93e1b51d5d79a491","sha256":"306b324bbbe42a8128a98d3a8309c17fee82c14434b7db7b33498252e3ba4615","sha512":"be615458663375e011e08d153781c3913d591eed3f5ad67abb6381d5f4166113ecbd08a823c60595d2503ca4c0415df495c3c744e3ec95a30fed36c965b76e56","ssdeep":"384:iu0wOcc3er4mY5alNv3rThaygDYQRscYQR06oicMvM+7PvM8PvM8hvMtVHIPGGvH:iKH0mY8L9jn6oizx7PbPzzZfeZq5KQ","tlshash":"f31330903f95f098c6c42762baad087efc7c349183d3650da73f854b27b05e691c9a6e","size":41567,"data":"","first_seen":"2025-10-10T07:24:45.492374Z","last_seen":"2025-10-10T07:24:45.492374Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inf-systems.cfd/js/uhd7U5TWI0JdkQnDgum6.js","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"43437c1e98ae60aeff0ce50cf289704d","sha1":"fa876b2fca36f4005cff11590eec093700704965","sha256":"37cbeeaa7381b5816ab1130ad234a8fd00d79151ab6ca4798cf474949a00d85b","sha512":"d0ac62c2db69d1c3c4d27c555b532b0e23995e5799ccfe80438bd849f675a96772e85e6024917d31d6801d8b48db0db6cc9842b7666bedc0136e1cbf73540ac0","ssdeep":"1536:hA/lngyoRowAozxG1jvCVjxJ1RUUOvaPk:hcng3oeWGk","tlshash":"6673f6081ba2662287573161aeaf820b7424950f1d095e1cb90ce0dd6fed57ac2feff5","size":73441,"data":"","first_seen":"2025-10-09T21:49:49.768762Z","last_seen":"2025-10-24T12:32:19.702052Z","times_seen":182,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inf-systems.cfd/","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f25488775151e2a259cde0619a3404b7","sha1":"b53a30741ffb63bcf70db874346be181f03698d3","sha256":"557feb8cf8e8500acf0f9ba4863f19f609c8e0eb5952213ef847d89ff53e94ab","sha512":"31bf7e6f6279cabc5f69d56462618f94bceef448a8f301ced296834a0eaf332a347a5ca5766e365324a447efb813f6dc3bfc09658998f3db3a48b10532711f60","ssdeep":"192:7BXzA3yZILyv7C/sBC5y8wy/LQ1khUd22BTAF/C+o3v5t8XKHxQu100bKWehWCQ8:7BR+swiSF/C+A8oVGb7U2","tlshash":"ef525f5deaf720741473707a8befa205363a6123e109de007e1c93045fa5e6a46e7fda","size":13889,"data":"","first_seen":"2025-10-10T07:24:45.495973Z","last_seen":"2025-10-10T07:24:45.495973Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"inf-systems.cfd/hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/js/o9Y9TIPiymVgDzI9.js","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ace8b683fe731b9b4d7c5c606ede7104","sha1":"f5822cd4dc170809befb9144f77fab9657436c8d","sha256":"5e8a39a157dfd13b51b0df79db2c846a9fbe59a31ec7cfd93fcfa66999150b9f","sha512":"8b493208a4b3b782284435eb248c7a55fc9a4e3212a5ef64f74a73f7c93fe716408f622279c37094e5e6a7a833ef260cbc71d7e800ab50a2850cf050afbf37db","ssdeep":"1536:yu3bXdpuFJgR9YxSgPaZewnn1Dnvspfcj0:13b6FSR9VgC91DnqUj0","tlshash":"47c3fda34901bcbfe3aac1b1d39e3956d8aaea11e7d714d37042ace1346f26558df1c0","size":122703,"data":"","first_seen":"2025-08-01T21:22:09.653175Z","last_seen":"2026-03-27T16:48:21.880455Z","times_seen":779,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"1c6413e0cadd89d5feec7c654884c32f","sha1":"52e1558eae317da6d5c57443b145d4db51ceb666","sha256":"344a4056fab4a3b6b4486bd612a678b7aa9e069aac8d54dfdacd3f6f9604e416","sha512":"0f9bed3a4269e1fb5685426834f8d89077b067d07ffcff7464981a906b729f025a4815b6e29752413c2bf5776ba16fdaf3de900d9b32da653af9f735044bca4c","ssdeep":"192:FU9UDiZeE93wxBIRRV7oUqJXZPxBEB6zGOKxd1xxSY0HCBdtAn/jg8pFghHMFhmB:u8WRNuNzaB2cf9Wn/jg4g1EEkM2c","tlshash":"a1b27295d1a101221433e3fa8bfba325f9b60527920246147eeca3295ffec81b553fd9","size":24777,"data":"","first_seen":"2025-10-10T07:24:45.498442Z","last_seen":"2025-10-10T07:24:45.498442Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"inf-systems.cfd/favicon.ico","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:29.522Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 07:24:29 GMT\r\ncontent-type: text/html\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\nx-turbo-charged-by: LiteSpeed\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nsyrsqtL%2BfRRk9NnOd4KPl3USAfGYFvWAfERZyrZ21mG1KOuITm95hF95OkOhsYKPHy0pZAybkhUR02pnF6AUHkDyzoii4E%3D\"}]}\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\npriority: u=6,i=?0\r\ncf-ray: 98c460dc8985569a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-04-04T16:53:42.39904Z","times_seen":20460,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":410,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/index","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T07:24:30.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/index HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 07:24:30 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X%2F%2BOfB8NhFwxWEJe8F2D9cSLDFFt20Qe2ddJvD9QI8LdTth9rlFbTyNFENZGlipPxFxkC1bQK6afrvHhZYD8DC43XiCHemw%3D\"}]}\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=1,i=?0\r\ncf-ray: 98c460dfa99a569a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":6414,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (3217), with CRLF line terminators","md5":"3298e439d48eca3bf90c714695312eb6","sha1":"5508004835a657b2e11fff1566d7205a59ba8868","sha256":"6a5faa8914d43241061c82dc68ca18e580117099375914916bc8ec36afc06dd4","sha512":"a03b6729db22771383b798c142ad5682fc37bf8b5a51f127a942283defe8913eb3d5421261b4c9e4b47ef99b87bbf650a2eb57ed031c6329c177d1c33c7e3ab5","ssdeep":"192:LjiwaIh1Vgy3L7mlFYpmZhAZSHdccaQPvsQoClKrFIYU+4Z:baIhXbCFYpm/AZMccYQoCkFEZ","tlshash":"f4d1f3d994c0603643535a96b2173ba8f69a692bdb53042cd37890f09b70f75cfd22be","first_seen":"2025-10-10T07:24:45.418145Z","last_seen":"2025-10-10T07:24:45.418145Z","times_seen":1,"resource_available":false,"data":null}},"time_used":649,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":649,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/js/uhd7U5TWI0JdkQnDgum6.js","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:19.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /js/uhd7U5TWI0JdkQnDgum6.js HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 07:24:20 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 18610\r\npriority: u=3,i=?0\r\netag: \"11ee1-68e81f96-2a0bfa;br\"\r\nlast-modified: Thu, 09 Oct 2025 20:48:22 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r4mFn2wxPhgr1G8IGeS9uKr8mDXfa%2BJsFZDCWy1rlPvm%2FqYrZT9paiwHzeoPGffBWgwAhY8zmO9Y6K1vC4VVELADtNsngJU%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 98c4609e5fee569a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":73441,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (34280)","md5":"43437c1e98ae60aeff0ce50cf289704d","sha1":"fa876b2fca36f4005cff11590eec093700704965","sha256":"37cbeeaa7381b5816ab1130ad234a8fd00d79151ab6ca4798cf474949a00d85b","sha512":"d0ac62c2db69d1c3c4d27c555b532b0e23995e5799ccfe80438bd849f675a96772e85e6024917d31d6801d8b48db0db6cc9842b7666bedc0136e1cbf73540ac0","ssdeep":"1536:hA/lngyoRowAozxG1jvCVjxJ1RUUOvaPk:hcng3oeWGk","tlshash":"6673f6081ba2662287573161aeaf820b7424950f1d095e1cb90ce0dd6fed57ac2feff5","first_seen":"2025-10-09T21:49:49.768762Z","last_seen":"2025-10-24T12:32:19.702052Z","times_seen":182,"resource_available":true,"data":null}},"time_used":714,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":699,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/js/uhd7U5TWI0JdkQnDgum6.js","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:19.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /js/uhd7U5TWI0JdkQnDgum6.js HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 07:24:20 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 18610\r\npriority: u=3,i=?0\r\netag: \"11ee1-68e81f96-2a0bfa;br\"\r\nlast-modified: Thu, 09 Oct 2025 20:48:22 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r4mFn2wxPhgr1G8IGeS9uKr8mDXfa%2BJsFZDCWy1rlPvm%2FqYrZT9paiwHzeoPGffBWgwAhY8zmO9Y6K1vC4VVELADtNsngJU%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 0\r\ncf-ray: 98c4609f0ff4569a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":73441,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (34280)","md5":"43437c1e98ae60aeff0ce50cf289704d","sha1":"fa876b2fca36f4005cff11590eec093700704965","sha256":"37cbeeaa7381b5816ab1130ad234a8fd00d79151ab6ca4798cf474949a00d85b","sha512":"d0ac62c2db69d1c3c4d27c555b532b0e23995e5799ccfe80438bd849f675a96772e85e6024917d31d6801d8b48db0db6cc9842b7666bedc0136e1cbf73540ac0","ssdeep":"1536:hA/lngyoRowAozxG1jvCVjxJ1RUUOvaPk:hcng3oeWGk","tlshash":"6673f6081ba2662287573161aeaf820b7424950f1d095e1cb90ce0dd6fed57ac2feff5","first_seen":"2025-10-09T21:49:49.768762Z","last_seen":"2025-10-24T12:32:19.702052Z","times_seen":182,"resource_available":true,"data":null}},"time_used":609,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":597,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T07:24:17.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 07:24:18 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QoaJatT%2Flhot73JdQLN2bamqq5mSNP7fJj%2F7xg2GK655qeIfRzsl1hO4zo01A52lRxa%2BhNJeJ9amutslLLvnzZh%2F%2FSxvzRs%3D\"}]}\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nset-cookie: PHPSESSID=ibilirr5hjelau729hq0roleed; Path=/\r\ncf-ray: 98c4609288477129-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3743,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (460), with CRLF line terminators","md5":"d3db58da679052ebe47a94c1bbf84989","sha1":"0394ea8e73615e8a32462bacc0f5bc1c372757af","sha256":"3d226e1941b35f57d81fb4b7c5bfc5f061fef98481578d5e6aa0b0c75ea7a863","sha512":"11023a9b399b70dc9f562a3e644c8de1a09f44b893df948e56a5cc358d0b2c06c74c996e2a4e00ff8f71377c793b8ccb71c1432badf089ff5fdb6e9bfcd88b2f","ssdeep":"","tlshash":"82719529a8d4160c2477c3f796421b50ffe280578b4245767e9ef7479fb3d01e593548","first_seen":"2025-10-10T07:24:45.465927Z","last_seen":"2025-10-10T07:24:45.465927Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1171,"timings":{"blocked":290,"dns":72,"connect":1,"send":0,"wait":592,"receive":0,"ssl":212},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/favicon.ico","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:18.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T17:46:17.157563Z","times_seen":13340936,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"api.capchk.org/puzzle?sitekey=712294c7cb9841348791888e9f36661a","fqdn":"api.capchk.org","domain":"capchk.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:20.950Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capchk.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Oct 2025 14:10:16 GMT","end":"Thu, 01 Jan 2026 15:07:58 GMT"},"fingerprint":{"sha1":"E5:60:95:5A:BF:56:AA:BD:E4:07:2A:87:58:5B:1C:06:D2:47:7D:6D","sha256":"9A:6F:7A:43:AF:56:F6:03:54:F0:72:13:5F:C6:63:D6:4D:F1:1F:B8:B4:F7:3E:44:77:79:2A:A2:D9:54:FC:70"}}},"request":{"raw":"GET /puzzle?sitekey=712294c7cb9841348791888e9f36661a HTTP/1.1\r\nHost: api.capchk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://inf-systems.cfd/\r\nx-pc-captcha-version: 1\r\nOrigin: https://inf-systems.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 07:24:21 GMT\r\ncontent-type: text/plain\r\ncontent-length: 97\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: https://inf-systems.cfd\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\nexpires: Thu, 01 Jan 1970 00:00:00 GMT\r\npragma: no-cache\r\nvary: Origin\r\nx-ratelimit-limit: 1000\r\nx-ratelimit-remaining: 998\r\nx-ratelimit-reset: 2\r\nx-trace-id: d3kb9927td5s73eif9ig\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HhuoY3%2BVZm3xJD7%2FF2L3097lLdybR5MCrZQXuv2O4wMelzGHxTSc%2BMRTcbcAnU1Mzfk4H7RoytbErxEw3JXnk%2Fl9NEsq%2B7Mt%2Bnx3DQ%3D%3D\"}]}\r\ncf-ray: 98c460a6ba5856cb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":97,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"72fcd1aba948585142be7bf9c8cc8d06","sha1":"bca7d18cfd9e1fb67cca74934e2680bb6dc16c84","sha256":"357b6866ad182926e0a38f35935bbec136f852910c9b4f1a3d194d1bdc915e9b","sha512":"cca3f90e42d4ec6adeb16b5b9728d17e846b27ebb1145af86200388f1fda2722261f42d2de19292d781ac209ca7e511e48c19c276e9a6b187545dce36778e2c0","ssdeep":"","tlshash":"fdb012129b6410e51868dac540073c1383718270de1cdc3f0c32e105160c2d97d0c0d7","first_seen":"2025-10-10T07:24:45.470321Z","last_seen":"2025-10-10T07:24:45.470321Z","times_seen":1,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"api.capchk.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inf-systems.cfd/hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/js/o9Y9TIPiymVgDzI9.js","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:28.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/js/o9Y9TIPiymVgDzI9.js HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 07:24:29 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 28229\r\npriority: u=3,i=?0\r\netag: \"1df4f-68842ce0-2a0bfd;br\"\r\nlast-modified: Sat, 26 Jul 2025 01:18:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qZWMXhyQUYOLxnYJ1FXYrgbtIuwXqmX9LtypDmklyZe8oaAySZdEfJ2pJeWH0LYY2pW%2FLttJc4V7a5oIAETE39aKUydy70zFww%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 98c460d81977569a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":122703,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"ace8b683fe731b9b4d7c5c606ede7104","sha1":"f5822cd4dc170809befb9144f77fab9657436c8d","sha256":"5e8a39a157dfd13b51b0df79db2c846a9fbe59a31ec7cfd93fcfa66999150b9f","sha512":"8b493208a4b3b782284435eb248c7a55fc9a4e3212a5ef64f74a73f7c93fe716408f622279c37094e5e6a7a833ef260cbc71d7e800ab50a2850cf050afbf37db","ssdeep":"1536:yu3bXdpuFJgR9YxSgPaZewnn1Dnvspfcj0:13b6FSR9VgC91DnqUj0","tlshash":"47c3fda34901bcbfe3aac1b1d39e3956d8aaea11e7d714d37042ace1346f26558df1c0","first_seen":"2025-08-01T21:22:09.653175Z","last_seen":"2026-03-27T16:48:21.880455Z","times_seen":779,"resource_available":true,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":673,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/favicon.ico","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://inf-systems.cfd/hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/index","date":"2025-10-10T07:24:31.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/index\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 07:24:31 GMT\r\ncontent-type: text/html\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\nx-turbo-charged-by: LiteSpeed\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YXn72CSMy9HxpTfiv2wZdG890WCuoxe%2BXWfgjvKsNx932Gv8yCLfXnqS2vA8Gb4N4g2XwntMNsmltHYmqB0x1elRL0aVixs%3D\"}]}\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\npriority: u=6,i=?0\r\ncf-ray: 98c460e8e9df569a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-04-04T16:53:42.39904Z","times_seen":20460,"resource_available":true,"data":null}},"time_used":401,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":401,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T07:24:18.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 10 Oct 2025 07:24:19 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lcfkIgXw75u7kZUMAr2nQmurTuryRfxGe9%2BXgkAKXa%2ByZt1Q1BDVi1aB8c8HppDfZ1W4uk4T4cVi8N5tmawEg%2FCMCGrCw4Q%3D\"}]}\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\ncf-ray: 98c46097bcd87129-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":66730,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (44086)","md5":"1e3e70d3de58b1a64b2600b422d3c14c","sha1":"2767e506333ec270c1cb1f514ce38d28a04a39b8","sha256":"d4e6f03090940afbc74ee25d1898968a8d30f94ad8690b511a01d4e8dbe2f889","sha512":"54ef6e76eb1d0d6aae12d1cd235597557b56751adf2d7462483a3829d71f9190db277c7b1656afa001cdb69d22a5645a210bc2319114f41353759d2926e24082","ssdeep":"1536:883MyYupzYZ+nCcFnb8j4lajgbtVYdT+GLSaot10oWW/t3n8ItUavPwNUvQJIIoR:N3MOzYdcZb888OMMJ","tlshash":"5963093d66f3ece20f929223f35e9e0af23a6527b546fc127d4da5803f922903b14585","first_seen":"2025-10-10T07:24:45.474835Z","last_seen":"2025-10-10T07:24:45.474835Z","times_seen":1,"resource_available":false,"data":null}},"time_used":742,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":742,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/favicon.ico","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:19.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T17:46:17.157563Z","times_seen":13340936,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/275ef9a7b0cb87d3/images/favicon.ico","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:19.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /275ef9a7b0cb87d3/images/favicon.ico HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 07:24:20 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 370\r\npriority: u=6,i=?0\r\ncache-control: public, max-age=43200\r\nexpires: Fri, 10 Oct 2025 19:24:20 GMT\r\netag: \"47e-682b2a98-2a0bf4;br\"\r\nlast-modified: Mon, 19 May 2025 12:56:56 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ebu8dC3tYqz7Hid5zSLpUtaZVY3MYMNn31SKmtXrB0iiVgLmmbnfjI7jGF%2FcFDhgq7XI3mKHHVfDHCT%2B4YPQjbSEqzPXxclpag%3D%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 98c460a04ffa569a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"7cdd5a7e87e82d145e7f82358f9ebd04","sha1":"265104cad00300e4094f8ce6a9edc86e54812ead","sha256":"5d91563b6acd54468ae282083cf9ee3d2c9b2daa45a8de9cb661c2195b9f6cbf","sha512":"407919cb23d24fd8ea7646c941f4dcee922b9b4021b6975dd30c738e61e1a147e10a473956a8fbb2ddf7559695e540f2cdf8535db2c66fa6c7decda38bb1b112","ssdeep":"","tlshash":"f621dbd23481462efe42387fa17a8b35b545ec0c4a5c101b1878fda5f2db4aa2921f14","first_seen":"2023-04-30T22:43:18Z","last_seen":"2026-04-03T20:51:24.997054Z","times_seen":3307,"resource_available":false,"data":null}},"time_used":486,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":486,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"api.capchk.org/puzzle?sitekey=712294c7cb9841348791888e9f36661a","fqdn":"api.capchk.org","domain":"capchk.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:20.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capchk.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Oct 2025 14:10:16 GMT","end":"Thu, 01 Jan 2026 15:07:58 GMT"},"fingerprint":{"sha1":"E5:60:95:5A:BF:56:AA:BD:E4:07:2A:87:58:5B:1C:06:D2:47:7D:6D","sha256":"9A:6F:7A:43:AF:56:F6:03:54:F0:72:13:5F:C6:63:D6:4D:F1:1F:B8:B4:F7:3E:44:77:79:2A:A2:D9:54:FC:70"}}},"request":{"raw":"OPTIONS /puzzle?sitekey=712294c7cb9841348791888e9f36661a HTTP/1.1\r\nHost: api.capchk.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: x-pc-captcha-version\r\nReferer: https://inf-systems.cfd/\r\nOrigin: https://inf-systems.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Fri, 10 Oct 2025 07:24:20 GMT\r\nserver: cloudflare\r\naccess-control-allow-headers: x-pc-captcha-version\r\naccess-control-allow-methods: GET\r\naccess-control-allow-origin: https://inf-systems.cfd\r\naccess-control-max-age: 3600\r\ncache-control: public, max-age=86400\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Request-Private-Network\r\nx-ratelimit-limit: 1000\r\nx-ratelimit-remaining: 999\r\nx-ratelimit-reset: 1\r\nx-trace-id: d3kb9927td5s73eif9h0\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H4u8CrJk0HXtqbh5q%2BFWzmca8NxKyATnIkAvwnlr4FY8XJGwFlO7BPhepWvPTSmFrQ4zAk8wZlEKiiX9VGJ2Rxk8FsFTOIKJpstAeg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 98c460a4686d56cb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T17:46:17.157563Z","times_seen":13340936,"resource_available":true,"data":null}},"time_used":526,"timings":{"blocked":78,"dns":54,"connect":1,"send":0,"wait":368,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"api.capchk.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"inf-systems.cfd/","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-10T07:24:27.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 317\r\nOrigin: https://inf-systems.cfd\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 07:24:28 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-encoding: br\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V0RF5oTAtEVGLUcKtuVn3Zud%2B1S1MCBkyVP%2FGYKHW48aMBmmSq9V9LeY%2BaoX%2BIdKuegBWq8w0tAHcO2Ek26SGk5JG7A00p0%3D\"}]}\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\npriority: u=1,i=?0\r\ncf-ray: 98c460d01953569a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":59395,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (41016), with CRLF line terminators","md5":"514b1a0069bdd97311be3663284467a0","sha1":"1af5cba1145941118e5da3e29ae3d5b455cfec68","sha256":"5b6bdbc6bb0fca72c2bbb183df9cf2c888369b5b4e82042fdcc282bddac3cc18","sha512":"9c389b17d5422dc587d819335d20d23c4a0c8c07abbe7c890afad1b03b723bdc559e9eb3a45ac4788d84d2ee09d2fc698beef11bc97341828543a619de9210b4","ssdeep":"768:WCJSB9gnhkFAM+909+KH0mY8L9jn6oizx7PbPzzZfeZq5K6:WCJS4eFA3GLY8LwoizdrzzZfeZq5K6","tlshash":"c843a5d13b84f094c6d52352ba7e093efd6831914bc3650dbb3f914b27b08e691ca9ad","first_seen":"2025-10-10T07:24:45.478697Z","last_seen":"2025-10-10T07:24:45.478697Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1244,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1241,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"inf-systems.cfd/hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/js/clEoeJKcfGfanUL.js","fqdn":"inf-systems.cfd","domain":"inf-systems.cfd","tld":"cfd"},"ip":{"addr":"172.67.216.57","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://inf-systems.cfd/","date":"2025-10-10T07:24:28.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"inf-systems.cfd","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Sep 2025 04:39:14 GMT","end":"Mon, 29 Dec 2025 05:37:18 GMT"},"fingerprint":{"sha1":"DD:15:D3:78:7A:67:97:A9:F7:12:EF:40:07:E8:04:75:23:00:0C:13","sha256":"A5:C4:FB:9D:34:6E:06:A8:27:BF:8B:EB:03:C5:B5:61:5B:19:B0:73:45:37:BB:33:8B:20:85:33:65:89:41:6D"}}},"request":{"raw":"GET /hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/js/clEoeJKcfGfanUL.js HTTP/1.1\r\nHost: inf-systems.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nCookie: PHPSESSID=ibilirr5hjelau729hq0roleed\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 10 Oct 2025 07:24:29 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 5504\r\npriority: u=3,i=?0\r\netag: \"3df0-68822b14-2a0bfc;br\"\r\nlast-modified: Thu, 24 Jul 2025 12:46:12 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Wr6jHRxYiFglhGzlYCyWMmYjc2keimt3k8dUUE6kEb29uzeXBcFG19Zou20KcX%2BpC5f2V1PrhxwIEQNdSVvrhywta7qqk2E%3D\"}]}\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-ray: 98c460d81976569a-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":15856,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (15856), with no line terminators","md5":"2d73540e77a95afc0e175e6832632f80","sha1":"395b7f01612c818e42180d7bd6cc45dee889d931","sha256":"22b383bee9018beb60be59df9dc5693b710b4fbb460c4ee72249eb6bbb15340b","sha512":"845d3078a4f637aefc1cd555bc821a608ddf3f20254c2e3eae22746369f14c8b5fa3a3aae65ac47953c66d6293cda0014188649b13caa816f545fa4c074de58e","ssdeep":"192:XJOvc1ds4w/WeDKCOtsclRSQdZ1opYAGARKWmuykrLe0L8sYAqzLkK0hYS1:5O94EWIKCOlRS2o6AGAHx3HLEvqj","tlshash":"ce62409e26523da3d21fd6f606c7a2cba9b42540cb884002c6dc53c876786e573f9c7b","first_seen":"2025-07-27T12:49:35.332897Z","last_seen":"2026-03-27T16:48:21.866617Z","times_seen":787,"resource_available":true,"data":null}},"time_used":553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":552,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-10","alert":"Phishing Block","trigger":"inf-systems.cfd","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-10","alert":"Sinkholed","trigger":"inf-systems.cfd","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Known Phishing Kit detected","verdict":"phishing","severity":"high","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Kratos Phishing Kit","verdict":"phishing","severity":"high","comment":"","tags":["phishing","kratos","aitm"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/syntaxerror019/HTML-STO/ld.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://inf-systems.cfd/hOEBZsYgtRQRs5PWVVwSn0OFzX5KRst9W9EzknPm6dRHRsflkQwSqD9HsL7oLF2SRcyFtKE880wa32HlCLyeXOa9lqzQEy7xR6gVxt43ObRW9HeBALAEWWNcJCQYH2UphRSRTU5/index","date":"2025-10-10T07:24:30.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /gh/syntaxerror019/HTML-STO/ld.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://inf-systems.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: master\r\nx-jsd-version-type: branch\r\netag: W/\"af5-IuZCjziTq18nLEpNfGlMwPnGfiA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 18072\r\ndate: Fri, 10 Oct 2025 07:24:30 GMT\r\nx-served-by: cache-fra-etou8220154-FRA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 953\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2805,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (2804)","md5":"0cb699a5581c3f985c95d7622a448b27","sha1":"22e6428f3893ab5f272c4a4d7c694cc0f9c67e20","sha256":"d156c15c56a07666d0de4e518c4960da11648012d8b0adb6ad0d549a45594e30","sha512":"48d31f0aaf970b87041039924f4eb357d4f56ce7524faa829d62ed5e8bd22449f11b33af91eb4125deae965fc99241184764a9d256932db1bc31f0fa7785f7ba","ssdeep":"","tlshash":"2d510e17bed0a2d6632be5bf3b239cc4fc699c0636221303f040a88ce8e6d99d566035","first_seen":"2024-12-03T14:39:02.115666Z","last_seen":"2025-12-13T11:13:30.878582Z","times_seen":475,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":84,"dns":1,"connect":26,"send":0,"wait":55,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}