{"report_id":"a59af226-bed0-4014-ac11-b31ada35fae6","version":0,"status":"done","tags":["suspicious"],"date":"2026-06-18T12:38:18Z","url":{"schema":"http","addr":"afilarias.click/online/fedex.html","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":0,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"http","addr":"afilarias.click/online/fedex.html","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"title":"로그인","dom":{"size":83468,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2243)","md5":"ecad9a95430771ed8b3aaec8403c0b84","sha1":"7e5909c97553feff764f3ce7331251c3c568c1db","sha256":"913af5495f54adc0bbd08820cb7783ba63b10b9375cbb57fe3d5e298d7228868","sha512":"ea1abf4e1f04d032d2c4e9f0a1d226a40f9132d0baddcb92bac1fee1bf86269f54d2e5a3e6338b41e18c387b4bfa01dd81625e46d6027735acc3b4e27d50ece3","ssdeep":"1536:I2gz8YpmRV9hfYSNQqJwd29LWAwpdoDEz/2OInXOXQmb1NAy2Y4vVzZN4e9GLLhn:I2gojYSNQq6d29LWAkdoDEz/JInX2QmB","tlshash":"7b83f93922f5916b909fc29eb6f225195598d81bd1860644f6fc0b246fd3cc0fc8babd","dom_hash":"domhash7c8ed6269812cc5c215fbb9990487135","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"afilarias.click/online/fedex.html","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":0,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-23T12:38:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-18","alert":"Detects file containing Telegram Bot API","trigger":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"theexternalfiles.elevatedprude.shop","ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-28T23:59:19.067892Z","last_seen":"2026-06-13T16:30:16.930554Z","alert_count":2,"request_count":14,"received_data":2305626,"sent_data":7987,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}]},{"fqdn":"afilarias.click","ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-18T12:38:19.707767Z","last_seen":"2026-06-18T12:38:19.707767Z","alert_count":9,"request_count":9,"received_data":89259,"sent_data":4167,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"extjs.elevatedprude.shop","ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-15T22:28:30.815102Z","last_seen":"2026-05-05T09:35:40.323976Z","alert_count":0,"request_count":1,"received_data":1545,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"scriptseai6686.fedex.com","ip":{"addr":"3.164.240.115","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"1991-02-26","domain_rank":0,"first_seen":"2025-10-13T09:25:46.488497Z","last_seen":"2026-05-05T11:11:39.083898Z","alert_count":0,"request_count":2,"received_data":1341,"sent_data":1435,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2026-06-15T07:32:13.522223Z","alert_count":0,"request_count":1,"received_data":88517,"sent_data":500,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87533,"data":"","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-22T05:30:23.751774Z","times_seen":172782,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"08fc18c44d04c0a1f6b759dcc72c40e5","sha1":"9e2b584e10a10cc97994b256838d54aceecc94f4","sha256":"f701543ad7f7e8ff6f1f3bd2e3095c60c42b897eac51344ed7efdcfc65fa120b","sha512":"dc3da821c5b2fef224cdf58b2ee4399cf8c919e95d63372332aa71182837ceeeb1b69b3cf28c8fb15c37e27db951d123986cd9ab9b57b87db869a88985ff5bab","ssdeep":"384:XYTIDkoAzNFYjtqbz9ibJzAfSbkH47Vf53kN2k1AiUN7OkG7Xvc0NG:XGYbFYDUJKw","tlshash":"1282009f23575986aaab702c76933319a1ed0f13cc3cc85d9c902e50526127627e7abf","size":18600,"data":"","first_seen":"2026-06-18T12:38:24.468343Z","last_seen":"2026-06-19T01:21:46.50652Z","times_seen":3,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-18","alert":"Detects file containing Telegram Bot API","trigger":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"extjs.elevatedprude.shop/validator.js","fqdn":"extjs.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bfbf014a279ef0047ea805aae7bc5654","sha1":"e4aa6c4abe5d8ed937054bbcca0df33c15864040","sha256":"51da6d84d149da13b28aaf97c4916174d45a85c7f3ba35ccd94bcb21415c035a","sha512":"5476ca186ccf22d914c9cfa92af9a8432adab95ce87edb574138b1de154d2d734f30723fdf3f94b2aa826d59b56f7a27734becc520b87416aa8e853a98a89c0a","ssdeep":"","tlshash":"3221514435c722144243942c688f9004256e85f30c8eba0eff4e61f4cf0093fa0f6a28","size":1258,"data":"","first_seen":"2026-02-15T22:28:36.542525Z","last_seen":"2026-06-19T01:21:46.507238Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/online/fedex.html","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"cf058c7ab123ff840606b1c7b0a0b0c7","sha1":"9dd40e3ca3ff011689afcfb9f50bffbd9f94104f","sha256":"1208e8b7e25495190bc47bf79b26e3b789afd61cc52afe7ad6f54f6e2a5ba7af","sha512":"16f84b4f229fa978a6ba4b2efe17d2ab4c6b8f9481c92b92f1cc58bdc1438a7ed178a0943b63fc27d4e2350e8d159cdbfde271f0317e1dcbcf37ee97e1e1bc19","ssdeep":"","tlshash":"77e0c60104cc14a22a268407f22eb04a7a22a4020d8dfee9f04db20c2f3d6a83216a4d","size":348,"data":"","first_seen":"2026-06-18T12:38:24.489233Z","last_seen":"2026-06-18T13:33:48.324444Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/online/fedex.html","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-06-22T05:34:27.502159Z","times_seen":312581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:55.438Z","timestamp":1781786275438,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/funcs.js HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/javascript\r\nlast-modified: Thu, 12 Feb 2026 08:42:09 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5191\r\ndate: Thu, 18 Jun 2026 12:37:56 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":18600,"size_decoded":5511,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (18600), with no line terminators","md5":"08fc18c44d04c0a1f6b759dcc72c40e5","sha1":"9e2b584e10a10cc97994b256838d54aceecc94f4","sha256":"f701543ad7f7e8ff6f1f3bd2e3095c60c42b897eac51344ed7efdcfc65fa120b","sha512":"dc3da821c5b2fef224cdf58b2ee4399cf8c919e95d63372332aa71182837ceeeb1b69b3cf28c8fb15c37e27db951d123986cd9ab9b57b87db869a88985ff5bab","ssdeep":"384:XYTIDkoAzNFYjtqbz9ibJzAfSbkH47Vf53kN2k1AiUN7OkG7Xvc0NG:XGYbFYDUJKw","tlshash":"1282009f23575986aaab702c76933319a1ed0f13cc3cc85d9c902e50526127627e7abf","first_seen":"2026-06-18T12:38:24.468343Z","last_seen":"2026-06-19T01:21:46.50652Z","times_seen":3,"resource_available":true,"data":null}},"time_used":673,"timings":{"blocked":-1,"dns":22,"connect":162,"send":0,"wait":162,"receive":0,"ssl":328},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-18","alert":"Detects file containing Telegram Bot API","trigger":"theexternalfiles.elevatedprude.shop/fedex2/css/funcs.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Regular.woff2","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:56.786Z","timestamp":1781786276786,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Regular.woff2 HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://afilarias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 18 Jun 2026 12:37:56 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":1542,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-06-22T05:29:38.192988Z","times_seen":135120,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Medium.woff2","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.227Z","timestamp":1781786277227,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Medium.woff2 HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://afilarias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1251,"size_decoded":1542,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-06-22T05:29:38.192988Z","times_seen":135120,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Medium-U5SS2SUK.woff","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.434Z","timestamp":1781786277434,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Medium-U5SS2SUK.woff HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://afilarias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\ncontent-type: text/html\r\ncontent-length: 1251\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1251,"size_decoded":1542,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"8150f458ed6fb9b1db4e5cfa57a1a281","sha1":"6e5726854d28687b560d7fdcb5c782c425c7dfb9","sha256":"4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896","sha512":"4cc6a112673aef8bb8bb8a385c26791b805d43bb707b509880e894f1c83bab4e16f13de187036c5f660c3bec1d286258396b7bde65c5d7945c5019665196818c","ssdeep":"","tlshash":"c021353ec1c1560ae0271164fbc1f7a86669825291970f703b9eb176f6cd0bb56a36c8","first_seen":"2024-02-08T16:48:55Z","last_seen":"2026-06-22T05:29:38.192988Z","times_seen":135120,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/online/media/FedExSans_W-Medium-U5SS2SUK.woff","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.612Z","timestamp":1781786277612,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /online/media/FedExSans_W-Medium-U5SS2SUK.woff HTTP/1.1\r\nHost: afilarias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/online/fedex.html\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 18 Jun 2026 12:37:57 GMT\r\nServer: Apache\r\nContent-Length: 355\r\nKeep-Alive: timeout=5, max=93\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":555,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-22T04:36:54.942415Z","times_seen":41353,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"extjs.elevatedprude.shop/validator.js","fqdn":"extjs.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:55.442Z","timestamp":1781786275442,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"extjs.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 05 Nov 2025 00:00:00 GMT","end":"Thu, 05 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"AE:86:50:9D:A5:CE:7F:DD:1C:01:03:17:46:CD:4C:AE:18:B2:BC:DB","sha256":"EF:19:61:6C:41:74:CB:56:46:73:B4:BA:D5:5F:E3:4E:11:26:95:7B:EA:DA:A9:DD:D6:5E:5F:BC:2B:7D:3D:E5"}}},"request":{"raw":"GET /validator.js HTTP/1.1\r\nHost: extjs.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/javascript\r\nlast-modified: Thu, 08 Jan 2026 00:43:37 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 617\r\ndate: Thu, 18 Jun 2026 12:37:56 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1258,"size_decoded":904,"mime_type":"text/javascript","magic":"ASCII text","md5":"bfbf014a279ef0047ea805aae7bc5654","sha1":"e4aa6c4abe5d8ed937054bbcca0df33c15864040","sha256":"51da6d84d149da13b28aaf97c4916174d45a85c7f3ba35ccd94bcb21415c035a","sha512":"5476ca186ccf22d914c9cfa92af9a8432adab95ce87edb574138b1de154d2d734f30723fdf3f94b2aa826d59b56f7a27734becc520b87416aa8e853a98a89c0a","ssdeep":"","tlshash":"3221514435c722144243942c688f9004256e85f30c8eba0eff4e61f4cf0093fa0f6a28","first_seen":"2026-02-15T22:28:36.542525Z","last_seen":"2026-06-19T01:21:46.507238Z","times_seen":12,"resource_available":true,"data":null}},"time_used":680,"timings":{"blocked":-1,"dns":30,"connect":161,"send":0,"wait":161,"receive":0,"ssl":327},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/content/dam/fedex-com/common/sprite-placeholder.png","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:55.448Z","timestamp":1781786275448,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /content/dam/fedex-com/common/sprite-placeholder.png HTTP/1.1\r\nHost: afilarias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/online/fedex.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 18 Jun 2026 12:37:56 GMT\r\nServer: Apache\r\nContent-Length: 355\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":555,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-22T04:36:54.942415Z","times_seen":41353,"resource_available":true,"data":null}},"time_used":1062,"timings":{"blocked":1039,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"scriptseai6686.fedex.com/cdn/cd/apple-touch-icon.png?bz0zN2UzZTE1MDkxMDY0NDljNzgzOTg4MzVjZWZmZWYyZixhPTlmODljODRhNTU5ZjU3MzYzNmE0N2ZmOGRhZWQwZDMz","fqdn":"scriptseai6686.fedex.com","domain":"fedex.com","tld":"com"},"ip":{"addr":"3.164.240.115","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:56.909Z","timestamp":1781786276909,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"scriptseai6686.fedex.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 18 Sep 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2A:7D:3F:EE:FA:DE:20:37:AF:C3:F4:D0:7A:19:DD:49:D0:92:00:8B","sha256":"E7:E8:F0:69:BF:3B:16:FF:3B:46:8E:CE:85:9F:B6:76:21:0C:3C:AC:1A:57:0D:78:7E:5B:4B:8B:52:25:66:99"}}},"request":{"raw":"GET /cdn/cd/apple-touch-icon.png?bz0zN2UzZTE1MDkxMDY0NDljNzgzOTg4MzVjZWZmZWYyZixhPTlmODljODRhNTU5ZjU3MzYzNmE0N2ZmOGRhZWQwZDMz HTTP/1.1\r\nHost: scriptseai6686.fedex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nOrigin: http://afilarias.click\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: image/jpeg\r\ncontent-length: 0\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nstrict-transport-security: max-age=31536000\r\nserver: nginx\r\npragma: no-cache\r\ncache-control: no-cache, pre-check=0, post-check=0, max-age=0, s-maxage=0, no-store, must-revalidate\r\nreferrer-policy: unsafe-url\r\nx-content-type-options: no-sniff\r\naccess-control-allow-origin: http://afilarias.click\r\naccess-control-allow-credentials: true\r\nx-permitted-cross-domain-policies: master-only\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 52b109b1375547c721208eb7c7b3185a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: 3CpW2ccc-lQXMD6DvU_LBBNzHMbP56tKghFmPgG5BoNvDKrzUfhrfQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":698,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T05:29:52.229853Z","times_seen":16627450,"resource_available":true,"data":null}},"time_used":600,"timings":{"blocked":-1,"dns":15,"connect":8,"send":0,"wait":564,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/favicon.ico","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:56.911Z","timestamp":1781786276911,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/favicon.ico HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:57 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Sat, 31 Jan 2026 19:06:52 GMT\r\naccept-ranges: bytes\r\ncontent-length: 5430\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":5430,"size_decoded":5781,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"a53129769d15f251d4e5c5cb966765b4","sha1":"043d6a7b9cca5d05aba04fc0a3f4527e3ad075e0","sha256":"eab1b9a0ef942d84e3a8ed8c3e3996acb7a46af9a0b9f914ced662bcbe0e54be","sha512":"149e9ecc344fc864c4f772acdbb6e00bdfc5399301922b58f137c14ac042f1c57775213dc6335c8d9cd39b7e9ef7982acfda29f2be794a8c0923ab4e6735792c","ssdeep":"24:EDfxncjMt+eDLLA0y3AoqJkYr2NjPx+nQjBpTTOBjEV1tdSnhajWljDXjX0XXjXL:cVDD4CExYjQEag07023H","tlshash":"06b1a709a638edd0d0a12a31c842d9fe0b25ed07e87c483b5a90ff8a777311c0e2568f","first_seen":"2023-04-30T20:19:19Z","last_seen":"2026-06-22T00:58:41.158886Z","times_seen":915,"resource_available":false,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":166,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/content/dam/fedex/apac-asia-pacific/MVP-APAC/images/2020/Q1/naver_blog_131181076.svg","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.143Z","timestamp":1781786277143,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /content/dam/fedex/apac-asia-pacific/MVP-APAC/images/2020/Q1/naver_blog_131181076.svg HTTP/1.1\r\nHost: afilarias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/online/fedex.html\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 18 Jun 2026 12:37:57 GMT\r\nServer: Apache\r\nContent-Length: 355\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":555,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-22T04:36:54.942415Z","times_seen":41353,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Bold.woff2","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.223Z","timestamp":1781786277223,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Bold.woff2 HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://afilarias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:57 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 31 Jan 2026 19:03:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 38540\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":38540,"size_decoded":38890,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 38540, version 1.0","md5":"d46339c854a0dbc522d67d17c8cf929a","sha1":"44b817d8237ae0f23e2b179cc68f96b31c139222","sha256":"581f47436501e3855b637339bbe82b36020eaf4dcd14da4e1463b02f96b423b6","sha512":"d34487128ef03b9478b1d6643511b5b67a6927a2e60e874ce11fd7d77da32a5330ead8b1c1ecc773b6500e446b75e54f2e64fe16a9aa02b0cebd4e096931cd77","ssdeep":"768:iOSWhJe2C0HNpSYCF5NbD7nCn3JrFQTw0wgRtRB2477NKL:iO2RI0ZzCn3AT82RBN8","tlshash":"c303f2889b4a34aac9744239cc1f03a1773737dfa9253b765ef490d6939a05bf42ed04","first_seen":"2023-11-15T04:08:53Z","last_seen":"2026-06-19T01:21:46.511977Z","times_seen":236,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/online/media/FedExSans_W-Regular-FT2ZS5ZP.woff","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.229Z","timestamp":1781786277229,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /online/media/FedExSans_W-Regular-FT2ZS5ZP.woff HTTP/1.1\r\nHost: afilarias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/online/fedex.html\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 18 Jun 2026 12:37:57 GMT\r\nServer: Apache\r\nContent-Length: 355\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":555,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-22T04:36:54.942415Z","times_seen":41353,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/online/media/FedExSans_W-Light-O5ACP6NZ.woff","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.438Z","timestamp":1781786277438,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /online/media/FedExSans_W-Light-O5ACP6NZ.woff HTTP/1.1\r\nHost: afilarias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/online/fedex.html\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 18 Jun 2026 12:37:57 GMT\r\nServer: Apache\r\nContent-Length: 355\r\nKeep-Alive: timeout=5, max=94\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":555,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-22T04:36:54.942415Z","times_seen":41353,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":23,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:55.432Z","timestamp":1781786275432,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/styles-HFSJOUXO.css HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 31 Jan 2026 19:03:24 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 98083\r\ndate: Thu, 18 Jun 2026 12:37:56 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1044268,"size_decoded":98476,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"54397abf16a4ff008ed74cd4ecb17cbb","sha1":"026e079afa5dd85c313a5b66cfe43f1a5513a517","sha256":"86c0e13240046e28066423791141a0b8219816be3a125dfafc2be666e31ce85c","sha512":"4da4dc3ec7a7a7b9318417245651d1c560156155907ffc2a1a043ead2172c5e696c4db709be21cb555b3a644bcdb7c3cbc44a88234e483e36c6c8d53413a1824","ssdeep":"3072:VpY0cFm5eMSJ3U4lyTAzajkilKz4RofGRTg3:Y0cFqeMSJ3U4lyTAzajkilKz4RofGRTE","tlshash":"e425fefbf5c2155ac19fc90141a43fb855ef781092078ea8c6036bad878f7dd2a6364b","first_seen":"2026-06-18T12:38:24.476898Z","last_seen":"2026-06-19T01:21:46.509652Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1220,"timings":{"blocked":-1,"dns":29,"connect":163,"send":0,"wait":162,"receive":1,"ssl":864},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"scriptseai6686.fedex.com/cdn/cd/style.css?bz0zN2UzZTE1MDkxMDY0NDljNzgzOTg4MzVjZWZmZWYyZixhPTlmODljODRhNTU5ZjU3MzYzNmE0N2ZmOGRhZWQwZDMzLGQ9MzdlM2UxNTA5MTA2NDQ5Yzc4Mzk4ODM1Y2VmZmVmMmYtMTkzNDgwNzcxMTY1MTkwMCx1cmw9aHR0cHM6Ly93d3cuZmVkZXguY29tL3NlY3VyZS1sb2dpbi9rby1rci8jL2NyZWRlbnRpYWxzLHA9ZmFsc2U=","fqdn":"scriptseai6686.fedex.com","domain":"fedex.com","tld":"com"},"ip":{"addr":"52.84.50.51","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:55.433Z","timestamp":1781786275433,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"scriptseai6686.fedex.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA OV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 18 Sep 2025 00:00:00 GMT","end":"Fri, 18 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"2A:7D:3F:EE:FA:DE:20:37:AF:C3:F4:D0:7A:19:DD:49:D0:92:00:8B","sha256":"E7:E8:F0:69:BF:3B:16:FF:3B:46:8E:CE:85:9F:B6:76:21:0C:3C:AC:1A:57:0D:78:7E:5B:4B:8B:52:25:66:99"}}},"request":{"raw":"GET /cdn/cd/style.css?bz0zN2UzZTE1MDkxMDY0NDljNzgzOTg4MzVjZWZmZWYyZixhPTlmODljODRhNTU5ZjU3MzYzNmE0N2ZmOGRhZWQwZDMzLGQ9MzdlM2UxNTA5MTA2NDQ5Yzc4Mzk4ODM1Y2VmZmVmMmYtMTkzNDgwNzcxMTY1MTkwMCx1cmw9aHR0cHM6Ly93d3cuZmVkZXguY29tL3NlY3VyZS1sb2dpbi9rby1rci8jL2NyZWRlbnRpYWxzLHA9ZmFsc2U= HTTP/1.1\r\nHost: scriptseai6686.fedex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css\r\ncontent-length: 0\r\ndate: Thu, 18 Jun 2026 12:37:55 GMT\r\nstrict-transport-security: max-age=31536000\r\nserver: nginx\r\npragma: no-cache\r\ncache-control: no-cache, pre-check=0, post-check=0, max-age=0, s-maxage=0, no-store, must-revalidate\r\nreferrer-policy: unsafe-url\r\nx-content-type-options: no-sniff\r\naccess-control-allow-credentials: true\r\nx-permitted-cross-domain-policies: master-only\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f1d504785a7b18c010970da2bd4ab8c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: Fu2KN5uanxV5vV7atlYZZVsEw1Iq5RYMOHF9HWosMRfFw_4OfRUt4g==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":643,"mime_type":"text/css","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T05:29:52.229853Z","times_seen":16627450,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":-1,"dns":18,"connect":1,"send":0,"wait":319,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:55.436Z","timestamp":1781786275436,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 May 2026 08:38:19 GMT","end":"Mon, 17 Aug 2026 08:38:18 GMT"},"fingerprint":{"sha1":"4D:E0:8E:62:2F:B2:3D:28:5D:7D:B5:8D:C5:3A:72:E4:EE:AB:7D:93","sha256":"AE:0B:4F:B5:B7:41:E5:0C:70:C0:E1:2A:F9:DB:AD:A8:64:94:F3:70:6D:38:1C:8A:8A:CA:52:96:5C:D8:5C:87"}}},"request":{"raw":"GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30462\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 17 Jun 2026 07:11:07 GMT\r\nexpires: Thu, 17 Jun 2027 07:11:07 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nlast-modified: Tue, 12 Sep 2023 02:38:22 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 106008\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":87533,"size_decoded":31446,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"2c872dbe60f4ba70fb85356113d8b35e","sha1":"ee48592d1fff952fcf06ce0b666ed4785493afdc","sha256":"fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a","sha512":"bf6089ed4698cb8270a8b0c8ad9508ff886a7a842278e98064d5c1790ca3a36d5d69d9f047ef196882554fc104da2c88eb5395f1ee8cf0f3f6ff8869408350fe","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKr:sHNwcv9VBQpLl88SMBQ47GKr","tlshash":"3983f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-08-31T16:03:19Z","last_seen":"2026-06-22T05:30:23.751774Z","times_seen":172782,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":5,"connect":15,"send":0,"wait":16,"receive":46,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:55.443Z","timestamp":1781786275443,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/common-core_SHF.css HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 31 Jan 2026 19:03:32 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 81283\r\ndate: Thu, 18 Jun 2026 12:37:56 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":982493,"size_decoded":81676,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"d142aad005b8c85435f281e952ac60fb","sha1":"56603a0975b6a447e7d2dbd5052ac9e2a0301a59","sha256":"6338a5153a88a2f80783be569dda27227aa003bfac382bcc0ca73fdf6565ce3e","sha512":"72da096feeb4e278e2eddd90e54be921fbe680c95278b636699f5ab78253f0e4e6d22386036514a5039eb876b56fbf3ab6841e2c17d735b15f2f7e08c4afd85d","ssdeep":"1536:nTV+ho7FCZ+ZLCTtAyPynnnKRry57w6Bico/cGuUL5IcEobhmJIX8h25cp6U/Uxi:nTd06NIX8h25cp6U/UxubmtgTld7","tlshash":"bc25bbebb7c11419e1be850840f43bba456f3c50b2178999e11b2bad6e4bfc52663d0f","first_seen":"2026-06-18T12:38:24.481286Z","last_seen":"2026-06-19T01:21:46.49335Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1047,"timings":{"blocked":-1,"dns":18,"connect":165,"send":0,"wait":315,"receive":216,"ssl":333},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Regular-FT2ZS5ZP.woff","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:56.953Z","timestamp":1781786276953,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Regular-FT2ZS5ZP.woff HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://afilarias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:57 GMT\r\ncontent-type: font/woff\r\nlast-modified: Sat, 31 Jan 2026 19:03:14 GMT\r\naccept-ranges: bytes\r\ncontent-length: 45080\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":45080,"size_decoded":45429,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 45080, version 1.0","md5":"54a4a46eadf2bad915dba79458aac017","sha1":"d234584f867218de98a78a481570273919f35b49","sha256":"c361fe5762f2acd3432bf233c0012887c1c2c3523314872675d1924d33b47098","sha512":"7d4074797da56b380877f4fae242b52486a31ce2246675e34f85cc0f13459a2bc6f070d8fc6f8318e9145b840888ef298e7cd3b34b2df703cdd2c6e70bb4fee4","ssdeep":"768:lDX+vnoUZjJSwE0mIMXVf5YETLIwkTSBByRMdkCGLEFwMAiAa:lml3SwE0VMXzIw2UByRVLE6Q","tlshash":"1813f28b976bbfda50a6707d209017d79704c4a992d1af9bfd4f14b831340ad2c788de","first_seen":"2023-05-08T21:33:40Z","last_seen":"2026-06-19T13:25:30.297711Z","times_seen":259,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/logo.png","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.140Z","timestamp":1781786277140,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/logo.png HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:57 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 04 Feb 2026 00:27:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 17964\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":17964,"size_decoded":18313,"mime_type":"image/png","magic":"PNG image data, 176 x 50, 8-bit/color RGBA, non-interlaced","md5":"f9f3a4bf508eec8270bf7c8fe4397384","sha1":"8b47c45b41e159b9dc2d6fe563b1197bd2a3ec16","sha256":"99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90","sha512":"43e6b09ac312c53efd9654a46d84fb17fda4057bc07cc49147ed955a9317943da5b6adec1bd3f5235d1aa7ee270024f600e9d0a049c6caebfa99eda87d407394","ssdeep":"192:GCakQAsCxwwenxObL6R/TkkiCEiRJ01U752Fj:GCphGTkkHrkC2j","tlshash":"af824b45e57538d0415deabdbad2281a281371d3c9c34d80baef88913f927a4cc4d8e5","first_seen":"2023-05-05T02:07:39Z","last_seen":"2026-06-19T13:25:30.227809Z","times_seen":746,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Light.woff2","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.221Z","timestamp":1781786277221,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Light.woff2 HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://afilarias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/common-core_SHF.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:57 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 31 Jan 2026 19:03:09 GMT\r\naccept-ranges: bytes\r\ncontent-length: 37212\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":37212,"size_decoded":37562,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37212, version 1.0","md5":"7bd147fecf10f520157f6374a969483d","sha1":"2b35d5e7013fbddd3a5b03730641182eaf04a7c0","sha256":"06ac0dc3349799cc0273a77a565d65cdf1f362dcffbfadf590d832c01b0acb6b","sha512":"aa90668f7aa938a79ec855d078faed1264248b4718714e80b299a9ff8368545a57f1ddeae748c246c0209e1d5a89f438b32a5c1cea17203fab6b9acd42fe684d","ssdeep":"768:pBsKAtmt21dVVsyyI+ZH0YR4axgzXXu041NxNzuXvyO2uJ:D0YRDRnxMOfyXf2uJ","tlshash":"a8f2f1cd9ed3759045fb18e247133cefe50b281c2849efad580dd427ab64c5ea49ae0e","first_seen":"2023-11-15T04:08:52Z","last_seen":"2026-06-19T13:25:30.218204Z","times_seen":303,"resource_available":false,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":162,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/online/fedex.html","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-18T12:37:55.278Z","timestamp":1781786275278,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /online/fedex.html HTTP/1.1\r\nHost: afilarias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Thu, 18 Jun 2026 12:37:55 GMT\r\nServer: Apache\r\nLast-Modified: Wed, 17 Jun 2026 15:04:55 GMT\r\nAccept-Ranges: bytes\r\nContent-Length: 85130\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":85130,"size_decoded":85374,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2243), with CRLF line terminators","md5":"af18c34379c05bbb154985118170bb0c","sha1":"48b1c68925805ce0a90ba55aae90b5038b8fd4e5","sha256":"4529cadc12ad941e321289e1559810d00b8663d0af8e55727f036e539a7e705d","sha512":"09089e9fe7cd7a776e785466719939d112763721b76e00df5eacf778081b6262489cb2aa252f71a45de1195d8ff8d93881965587cb3b65c7142f3fc472e3fc57","ssdeep":"1536:P/fptAbaeGEdzSNQqCNvVCVjpOISbaWwoW3r5MdHjxAgBEy3Pk+x8OB5Ihn22d:P/BazSNQq+vVCVjpNSbaWwoGr5MNjxAP","tlshash":"b283c93966c0a16b517bc39de7b22654e699d45bd2860284f5ec0b132fb3cc0f88b97d","first_seen":"2026-06-18T12:38:24.485791Z","last_seen":"2026-06-18T13:33:48.321415Z","times_seen":2,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":3,"connect":23,"send":0,"wait":24,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/content/dam/fedex-com/common/sprite-placeholder.png","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:56.768Z","timestamp":1781786276768,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /content/dam/fedex-com/common/sprite-placeholder.png HTTP/1.1\r\nHost: afilarias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/online/fedex.html\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 18 Jun 2026 12:37:56 GMT\r\nServer: Apache\r\nContent-Length: 355\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":555,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-22T04:36:54.942415Z","times_seen":41353,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Light-O5ACP6NZ.woff","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.429Z","timestamp":1781786277429,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Light-O5ACP6NZ.woff HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://afilarias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:57 GMT\r\ncontent-type: font/woff\r\nlast-modified: Sat, 31 Jan 2026 19:03:09 GMT\r\naccept-ranges: bytes\r\ncontent-length: 45484\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":45484,"size_decoded":45833,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 45484, version 1.0","md5":"449c745b78495e0b82221cf55bbcd717","sha1":"8982e3f3ec432f1aa6829d27ab966a5ac69bc6f8","sha256":"b6eb141c02454bb6e59981e13c9936dd3b30f84f3d0831a3585c67f7fd1534e2","sha512":"dd01727ec4e4cba74a47af72f0d7ffcd57300f5590c82b1512092f1c65a29690d9d9015d81c8ef38cbcb6630b87b8ac966909a5af1a1308b59af655783b5ddc2","ssdeep":"768:YO9+3dejEjs0ZXeJC/hieDrR8P2v3GvX8bXe+2rPkUQ+A05YQTtvjYH7IF0PiAa:DtYjs04uiPu3TbXN2A+A05YQJbBoQ","tlshash":"dd13f1c90651d0e0e8acb1f86b6b0b6bcd15bff9814acc16f4634e424e64b66c965f3c","first_seen":"2023-05-08T21:33:40Z","last_seen":"2026-06-19T13:25:30.312273Z","times_seen":242,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/FedExSans_W-Bold-L2XWYCJE.woff","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.431Z","timestamp":1781786277431,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/FedExSans_W-Bold-L2XWYCJE.woff HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: http://afilarias.click\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://theexternalfiles.elevatedprude.shop/fedex2/css/styles-HFSJOUXO.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:57 GMT\r\ncontent-type: font/woff\r\nlast-modified: Sat, 31 Jan 2026 19:03:08 GMT\r\naccept-ranges: bytes\r\ncontent-length: 46788\r\ndate: Thu, 18 Jun 2026 12:37:57 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":46788,"size_decoded":47137,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 46788, version 1.0","md5":"965c7fbfd23fd8dd34f94d18240b0c18","sha1":"b9fc73e0128d3f5f5f53a2279f29db5c2451feb5","sha256":"a0bb0e1a14e37723f7a9b0b13ce4c26969f163c7b07deb696fe4b379f5293e08","sha512":"4b4da408e425f17594a3ea16d7ea76748a6dc8a0d735aaf143bf743f30ab3b2a6eb4085deb978df5e31f609b69476203cc5d47983df5442d79386f53dcdaa831","ssdeep":"768:rVs/C+RBpdZuMPLPkIcsbmguDmnwPnuqbt/C5KDgqoPWNzTyvDC/OzFnM83YWF1U:r8dkMYIxmc/+pCkDgr/JFnM8I8v8IX34","tlshash":"032301ab6602eb71f275bc5820895fa18f10f6320b93dcf6d95b9e334eb31ba4545213","first_seen":"2023-10-16T19:53:30Z","last_seen":"2026-06-19T13:25:30.238915Z","times_seen":243,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"afilarias.click/online/media/FedExSans_W-Bold-L2XWYCJE.woff","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"185.221.216.117","port":80,"asn":393960,"as":"HOST4GEEKS-LLC","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:57.436Z","timestamp":1781786277436,"http_version":"HTTP/1.1","security_state":"insecure","security_info":null,"request":{"raw":"GET /online/media/FedExSans_W-Bold-L2XWYCJE.woff HTTP/1.1\r\nHost: afilarias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/online/fedex.html\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nDate: Thu, 18 Jun 2026 12:37:57 GMT\r\nServer: Apache\r\nContent-Length: 355\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":355,"size_decoded":555,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"4525b2d648f7c457a689fd96421783a5","sha1":"11bfe30ce44585a15a38e86bc094224ddfe2c08e","sha256":"cc0b4e42510d49c6decd464123ecf3b14ae9b47f9b4ed2ee64893e2d6520a264","sha512":"94e3e8246cf38ff7740e51aa115c8c455b14f78e672c2686b782c0ce30b6fa2dbd91a78b29b3964d9c0414aabd4b9391fd5db326665e25b4b8e73dae60ffe979","ssdeep":"","tlshash":"71e0c04f4057b3474011a2907dc01291e505236b38a152f93ac09467500897dc4aa2dd","first_seen":"2025-12-09T03:51:58.5943Z","last_seen":"2026-06-22T04:36:54.942415Z","times_seen":41353,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"afilarias.click/online/fedex.html","fqdn":"afilarias.click","domain":"afilarias.click","tld":"click"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-18T12:37:52.815Z","timestamp":1781786272815,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /online/fedex.html HTTP/1.1\r\nHost: afilarias.click\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-22T05:29:52.229853Z","times_seen":16627450,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-18","alert":"Sinkholed","trigger":"afilarias.click","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"theexternalfiles.elevatedprude.shop/fedex2/css/nuance-c2c-button.css","fqdn":"theexternalfiles.elevatedprude.shop","domain":"elevatedprude.shop","tld":"shop"},"ip":{"addr":"198.54.121.227","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"http://afilarias.click/online/fedex.html","date":"2026-06-18T12:37:55.435Z","timestamp":1781786275435,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"theexternalfiles.elevatedprude.shop","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"B5:EB:E2:E3:09:9C:49:27:B9:8F:43:B1:85:1A:34:01:E2:F6:17:53","sha256":"66:AD:E0:C9:BB:65:89:B3:8F:AC:9C:1E:EB:85:D9:5A:67:0D:D0:CB:D3:55:13:D9:20:4F:F2:FF:76:38:A8:9C"}}},"request":{"raw":"GET /fedex2/css/nuance-c2c-button.css HTTP/1.1\r\nHost: theexternalfiles.elevatedprude.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: http://afilarias.click/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: public, max-age=604800\r\nexpires: Thu, 25 Jun 2026 12:37:56 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 31 Jan 2026 19:03:11 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3089\r\ndate: Thu, 18 Jun 2026 12:37:56 GMT\r\nserver: LiteSpeed\r\naccess-control-allow-origin: *\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":15196,"size_decoded":3481,"mime_type":"text/css","magic":"ASCII text","md5":"012c618f96b2fec914d452e1b92973e9","sha1":"9fa7e8924ed51dbd8a89f16e4774c1dc85526298","sha256":"10ccd4c3abcabd4ba976d2cf527d375c8e48480a26f7a4392f341be420aa2338","sha512":"3fece2e53f2baa5b95e65e2e57ce464e85f1e599bfb8b5a1f16288e53724f04a50fdbf219d06733975fe7c09068ddb2721bf6cf9ab77b0f8c425c04bbfc59cf2","ssdeep":"384:8JiHbQnq7ABH6QYTsLsHsWsNsHV3IMLs7fLNv0NBrWkiF0Ub:zaIMReHZsb","tlshash":"076283b95b83040e793b825c57ebab59123dc043e80add7c77d9229b9f860dc5097b87","first_seen":"2026-06-18T12:38:24.488087Z","last_seen":"2026-06-19T01:21:46.47482Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1160,"timings":{"blocked":-1,"dns":26,"connect":170,"send":0,"wait":622,"receive":0,"ssl":342},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}