{"report_id":"b9991146-a71f-40de-8919-eac9b6fa0f7f","version":6,"status":"done","tags":[],"date":"2026-04-23T04:41:44Z","url":{"schema":"https","addr":"belvingatefin.com","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"belvingatefin.com/","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"title":"AAR Global Construction Ltd | Home","dom":{"size":20865,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (20309)","md5":"e3fc48fbd3b66689565bbdba8d9e088e","sha1":"24f71c448eefcdc98d7d299e03ecb906b124405e","sha256":"8d0d42cc36e3f0b5256988f10b2b98abf8fee3a3f15db7c788d1618fa2bef889","sha512":"4c364c44f7f7ef003f42950e8cb08857b614182d8e223df20d1f7eada87701597d4faf0199b22018c6be57453c983ba0decf56c58651a21e5c18c256e4e4547a","ssdeep":"384:A6xL2DD7kcqnC5jhLXMdIa91WSDF909Dm+nJlBNvYYveW+1K6aMK2F:FL2DD7rqEFLXMdIa91WSCvYCeWcK6aM3","tlshash":"8b922230f561182b026759c1f0b2db69b6eb9319cf1398a8b3f947df9bc1ce8c5094a1","dom_hash":"domhashe96d10e79ae6e1d88fb29ab823536485","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"belvingatefin.com","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-28T04:41:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"belvingatefin.com","ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":52,"request_count":52,"received_data":13085738,"sent_data":24298,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"belvingatefin.com/assets/index-CYB5sINE.js","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f08433f6c89aa915f11c91c42eb30f31","sha1":"c41d4ab73494290287cc7ed06b82fbbb577f6124","sha256":"aa234cb21c1bd2fc007eb644f9f3b5801c0339269426c0ce425bd118ab335c72","sha512":"e898e21486ec6967cd80a3c0391d44b657ce1dfa38fbd380b75ab31dd5547d706557c36af962e28cbda9c41640e7c1ae5bd0942855ba03d627722f945826ec6a","ssdeep":"6144:LSy40btEBlJiY3iJdLkBagSKO82qgZRUSPzy+XqA5Ees2jbw20aKB6w0W+9lJE67:LA0OBNS7Lmag2q3SPz1bw20aM69W+9lL","tlshash":"54c44ad8b2a1b56597e706e580af4102b23a1d15b80c88a4f17cdcdf297584c62bbffd","size":551604,"data":"","first_seen":"2026-04-23T04:42:00.280097Z","last_seen":"2026-04-23T04:45:25.110903Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"belvingatefin.com/assets/Montserrat-Light-HfZpIE28.ttf","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Montserrat-Light-HfZpIE28.ttf HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/assets/index-COa9s3xS.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:22 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 77194\r\ndate: Thu, 23 Apr 2026 04:41:22 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":192116,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 18 tables, 1st \"DSIG\", 28 names, Macintosh, Copyright 2011 The Montserrat Project Authors (julieta.ulanovsky@gmail.com)MontserratLight6.001;","md5":"9e52b00d737492e337b2498406aef98f","sha1":"17468b8eb82a8e64d6d0073c2477f101efb7264d","sha256":"f13abb259dcc4abd8726fb32e9fbb624a99fec6f0ebc2fdb52309692e06c8dcf","sha512":"83f885510941b4cc5328533124544fe6072428b11a4af245040504d34f59e231b3144405a9e55bce79bdffad470a9edcdf54e19d7ffd2826ca95609b2a28b7f0","ssdeep":"3072:pwBBBBBBBBBBBBBBBBBBBBBBLBBBBBBBBBBBBBBt0whnTbTrEpBFdH6YyY+s5yCu:p6pvI7dus5yYTCerDV+vhJ19b7","tlshash":"0d143c46f70bc749dde24e34927a6385b358fe32be3dc357944a6d64ecaf0d90892284","first_seen":"2023-04-06T07:35:06Z","last_seen":"2026-04-23T04:45:25.094744Z","times_seen":266,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":92,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-3-C4tbHbNe.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-3-C4tbHbNe.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-5-CVHKG3o7.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-5-CVHKG3o7.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Montserrat-Regular-BJgBmYAR.ttf","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Montserrat-Regular-BJgBmYAR.ttf HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/assets/index-COa9s3xS.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 77662\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":190648,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 18 tables, 1st \"DSIG\", 26 names, Macintosh, Copyright 2011 The Montserrat Project Authors (julieta.ulanovsky@gmail.com)MontserratRegular6.00","md5":"f7213526ec9296ff43426bfe3eae8926","sha1":"21ead490649992f7200fc1f3839b9fc08e882afe","sha256":"d104de3cd2bcab4493c69f0456c5e423e143fa86ddd13439f1839740e1f479dd","sha512":"46021542614a66b8dc0f6b67753d906a0f052c86d3c14f3c0372966a4a6bf95967c03f75f0b04c0272e0565fb3fb179f98298a6f5d30af494c2969085a5355dc","ssdeep":"3072:5AuY6YyY+s6ovACyYnQGfhadEb2Psj6oBJ7:5AQs6EymQG5a4j7","tlshash":"ee144a17f317d30ae9760d349ab96385735afe323e0ec347908a5dd8e8de0e93859285","first_seen":"2023-04-06T07:35:06Z","last_seen":"2026-04-23T04:45:25.112171Z","times_seen":126,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/fa-brands-400-Ch568Ea9.woff2","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/fa-brands-400-Ch568Ea9.woff2 HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/assets/index-COa9s3xS.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 117852\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":117852,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 117852, version 773.1280","md5":"b55b1345f0b919f0cab774ec25d6654e","sha1":"c39dd7c713983702de91b08ae00b194b0bdb9008","sha256":"232c6f6a7678304f9efaa26f30b1610debc2ba9f4cd636b5e6751c8d73761b92","sha512":"793756b3bf0e21181d06f44593a99a1986b90db4704f4765d4a1e8937acf3d1d38a750c6d6082545bbc80c04fc8dc03da5ab2b4a3f31b7f2345751050df115fb","ssdeep":"3072:Rs3c1iEht0b6W85CbPgRgaCMtsWOwydzrCyzhRaLZTBlZsEmOQadt:RDik3CzS8MtDOw+XaXZ8Of","tlshash":"74b31251ac7bce3f72b16c584a42db8aa3c4a3c9e3c174194eab3dadd11682e71d8d11","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:34:22.689719Z","times_seen":6454,"resource_available":false,"data":null}},"time_used":283,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-1-D2I-ZsXK.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-1-D2I-ZsXK.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6212\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6212,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 204 x 54, 8-bit/color RGBA, non-interlaced","md5":"b3ddf8042d3e61b85a6c3256b7f0df7c","sha1":"4fefc785ab4fdaa4db538b54392107814ba07c85","sha256":"3fdb8ab774e5cc70247a33e66ca79e3f5a45144d54f1bcf9352b2faa4141d4ad","sha512":"65c5ca98618c738983b14a028e92d3612f03aabb8ca47536e5e4793fa29fa593beb01f988869611dd2b3b42f6600489319dae5e6ac591e0181cbae60fb27ee14","ssdeep":"96:32uhgQhvwpqpnUSMPI9D7IbEYPnA+utayKaMpCnxJAVSDBNx21oQ:thvwpqpUSMQRt2mtaoMsnrAVSDpu","tlshash":"42d18f1d41a55f13b882d65819feb42b15302650c940e001b45fce5a6ec677fcadbaf9","first_seen":"2026-04-23T04:42:00.279037Z","last_seen":"2026-04-23T04:45:25.116255Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-23T04:41:20.576Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":393,"timings":{"blocked":0,"dns":211,"connect":88,"send":0,"wait":0,"receive":0,"ssl":91},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/index-CYB5sINE.js","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/index-CYB5sINE.js HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 168116\r\ndate: Thu, 23 Apr 2026 04:41:22 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":551604,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (37610)","md5":"f08433f6c89aa915f11c91c42eb30f31","sha1":"c41d4ab73494290287cc7ed06b82fbbb577f6124","sha256":"aa234cb21c1bd2fc007eb644f9f3b5801c0339269426c0ce425bd118ab335c72","sha512":"e898e21486ec6967cd80a3c0391d44b657ce1dfa38fbd380b75ab31dd5547d706557c36af962e28cbda9c41640e7c1ae5bd0942855ba03d627722f945826ec6a","ssdeep":"6144:LSy40btEBlJiY3iJdLkBagSKO82qgZRUSPzy+XqA5Ees2jbw20aKB6w0W+9lJE67:LA0OBNS7Lmag2q3SPz1bw20aM69W+9lL","tlshash":"54c44ad8b2a1b56597e706e580af4102b23a1d15b80c88a4f17cdcdf297584c62bbffd","first_seen":"2026-04-23T04:42:00.280097Z","last_seen":"2026-04-23T04:45:25.110903Z","times_seen":2,"resource_available":true,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":219,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/dotted%20lines-BagUA43k.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/dotted%20lines-BagUA43k.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 125035\r\ndate: Thu, 23 Apr 2026 04:41:22 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":125035,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1313 x 1314, 8-bit/color RGBA, non-interlaced","md5":"a9f94aedb34d768ea2cd7dd8bb8f4424","sha1":"a3e92c2c99bdb1d96b1b1387fed568e60e568f74","sha256":"d6d338e427dd2bfd42ce89e5f9e0dbfd76d8a467b6d01e2d241d22bea44cb3fc","sha512":"f3f66e552460ea205a072e72b3caa9bc8899066ccab5b0899106b2d1bd7936fbed24f61a5490be4b4654a5f1fee7fa4577cd99891b054c2130ba529450b98ad7","ssdeep":"3072:FdRjMqo6v15rrS3RrgEUqXqQp26Ozz+n0h4m:BMj6N5q3pgEfXxp2zzzis4m","tlshash":"c3c3e19a2307d6e43e1f3fc1e7d29519f4341a8906e19e723cf84dede04a8618f86766","first_seen":"2026-04-23T04:42:00.284575Z","last_seen":"2026-04-23T04:45:25.089256Z","times_seen":2,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/about-1-Bm4Jfvtv.jpg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/about-1-Bm4Jfvtv.jpg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/sketch-2-OSqrKGCT.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/sketch-2-OSqrKGCT.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-1-D2I-ZsXK.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-1-D2I-ZsXK.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-2-BWheEyr0.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-2-BWheEyr0.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/quote-bg-BypIHxIU.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/quote-bg-BypIHxIU.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 337139\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":337139,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5030 x 2204, 8-bit/color RGBA, non-interlaced","md5":"957596c58fc42e6fe93d26fe046dadd7","sha1":"536e0d85e601a3325c6e4940444afa7fa3355416","sha256":"1a92b2278e9b9fa00224f9454159bb9cbcb405b01ff33746a8a148fa4801da9a","sha512":"b57b87b6ccdf6d5aec4078bf68eb56602cd3bb0268d5eebef419819355a96237a5d7f919d6c8215170b30036679f05b269f72b26c008a1c7c9a68d32e089f8c5","ssdeep":"6144:hLHy81MkYLrETlZxnkb1wnERd7dYLhLnQG:zMkYvET5nzERfc","tlshash":"9864129268170cd0c8795fb0d9bb6f8b17b6083a8781435b9f707a1a1c9f1b13ceb959","first_seen":"2026-04-23T04:42:00.285786Z","last_seen":"2026-04-23T04:45:25.090632Z","times_seen":2,"resource_available":false,"data":null}},"time_used":431,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":168,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/logo-white-BqQ01aL1.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/logo-white-BqQ01aL1.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Montserrat-Bold-C_xxkq68.ttf","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Montserrat-Bold-C_xxkq68.ttf HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/assets/index-COa9s3xS.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 76943\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":191648,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 18 tables, 1st \"DSIG\", 26 names, Macintosh, Copyright 2011 The Montserrat Project Authors (julieta.ulanovsky@gmail.com)MontserratBold6.001;U","md5":"a8de8ffe262db7e277deb8f1c439c518","sha1":"8f23dacf7d2f4aa9be53c957f48009f610965be5","sha256":"447b848269bdae2e8e30f385a95f24dcc54a80304b00452159cdd3f687d6cfc3","sha512":"58dd4667e09176e7126bbdd3a212a5c447cccfcb806496d9804749683645f29165b1523421c44dd9e31123624718212bbb2544c87f5e20b7d78f29ef051bc823","ssdeep":"3072:S+JA/d19NV1VflH7jITyY+s0gh2SJoxrSjlpCjOeimlkfr2Psj6oBo7:Sv/d19NV1VB70ks0WJVsOmef5O7","tlshash":"1c145b12b753c30ded520d3196b9638a375cfab17e3dc347e15a6d98dbaa0da042238d","first_seen":"2023-04-06T07:35:06Z","last_seen":"2026-04-23T04:45:25.094252Z","times_seen":104,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Cil_ten-DmzFTEh-.jpg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Cil_ten-DmzFTEh-.jpg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 116178\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":116178,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 765x1020, components 3","md5":"63379859428adbb6c9cf2261cd69f5b0","sha1":"ac0e0e84a34678b8a40b7447bb1d53a66f686da3","sha256":"8407804e7c9edf6ab332745733d616c53ae502162599b9798fcc0b8b5b976ee3","sha512":"531792879109f6fce9e22be9c1e8584196ee76c3ff10b8c9588c421f90294e2090db0ff87d2170deee79be472d5bfc18b23d691f7fe85c01db18621959c51497","ssdeep":"3072:2/Ut0KTpaocAItqrTqHRFXq72oQAE9D3QGS0QD+paJ/4H9Lho6j72zpON:2/U5pcAIYrGxhq7AA0LdS0QD++0Q6Wdg","tlshash":"0ab3128800c49715ac1d21bea074ce91b3ace53694a2f100d37fb95b988fb1b4da4ef9","first_seen":"2026-04-23T04:42:00.287613Z","last_seen":"2026-04-23T04:45:25.115645Z","times_seen":2,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/1-BIX0-FSg.jpeg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/1-BIX0-FSg.jpeg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 147333\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":147333,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 810x1080, components 3","md5":"b78c2e56f386805c5b680dcff57f0a49","sha1":"1c504439cbb1151906686577e9804aae6c06b80f","sha256":"d499f1a3b0bcbf5385d2db2df7f2e1d87647433d4b30318dbc2d26886ea12c71","sha512":"8b0da8d69c93d8e545064963952eeb2be0daba9b9cc3ac9bd73a0b374ee1c9bffd186b34b172a7eb58353373f618a0160eca3b969af7a5abe2c706c6a2e6661b","ssdeep":"3072:k7/nfOTSfQMvTAovMBtLu+cglnYAaDYdaCLHwHvygXSpbmBexE/8:Q/SSR3vMBtpczAaDjCbwPceei/8","tlshash":"efe3121a60ddc946d5c801fcfc641b356bc78d4b64470b9114ca59bd2c93a783cfabab","first_seen":"2026-04-23T04:42:00.28846Z","last_seen":"2026-04-23T04:45:25.084329Z","times_seen":2,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/footer-sketch-D1qxvEPB.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/footer-sketch-D1qxvEPB.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 754118\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":754118,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 4096 x 1615, 8-bit/color RGBA, non-interlaced","md5":"184795ea71aa56a41a1b00dae2a5ce64","sha1":"ac7cc44347318250e7e088d00db23ed2d40260c4","sha256":"2a7a180ac22b2349f0914b539969e1860bc97d0076c4e463c637c79c7efe03d0","sha512":"f946fd2a25f0f7ead27d3018132fef97e75f45b4a56a64e7fb114cbd249aa4ef02c47896caa1ee97a9db495a2e9c0eb6964a3b094c3bd2c1539d6df67a7538f6","ssdeep":"12288:e4X/t8zeCtI4ORGhmmZ97ElnkxwXj2PygqEhUJ00btrWpDsfst6MBr5RLVZyxKiN:LWw4xZ97YkbPygqEhUJ00b5XMPxVZyx1","tlshash":"73f4f152eb4c527335002059b44625974bd97e7b3088dc2a9ee3f9af6343fb49ebad04","first_seen":"2026-04-23T04:42:00.291162Z","last_seen":"2026-04-23T04:45:25.110008Z","times_seen":2,"resource_available":false,"data":null}},"time_used":563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":336,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/index-COa9s3xS.css","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/index-COa9s3xS.css HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:22 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 35226\r\ndate: Thu, 23 Apr 2026 04:41:22 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":193093,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (43247)","md5":"5073c7e27d659c78c79e32492c81a7c2","sha1":"045859a0a2b617030b0281d5e6ab139b3c889942","sha256":"49ed26d5bfd72df2f2922fca7666c1dcda8830e6b2b2b8829085334690f2f43e","sha512":"306712c5ef5011de6cd85d38815796a2924f54a963c2484a2698cf19c43fa186929a0abc9832737f14ce95f48bd03b3b934da1dcde3dc48ef17049a0045c5f22","ssdeep":"1536:SajH6bxgRdLaMoMnMoMBMoMWMoMIMoMnMoMJMoMqsVMp+Icne0Fj6R1j3w1YSpsG:7HL7Icne0Fmv7w1YSpsg8dg9td8IZpbD","tlshash":"971493b4e10c00d4bb33ce1b939a776c6134f760d5220c45f91fa98d9ec2aa526a6f7d","first_seen":"2026-04-23T04:42:00.294236Z","last_seen":"2026-04-23T04:45:25.11421Z","times_seen":2,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":387,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/quote-bg-BypIHxIU.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/quote-bg-BypIHxIU.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/slide-one-DVK8yV-y.jpg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/slide-one-DVK8yV-y.jpg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2063159\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2063159,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1408 x 768, 8-bit/color RGBA, non-interlaced","md5":"4a9ac613afe7c6e346d6db20f52c560c","sha1":"6727ab21059a66ed66f4dc7571331e74b760c2f2","sha256":"2a47f016eecd4df5e546a2be7bfa36019ec4de68d3fd0b07d85730db03289504","sha512":"8d12b38d982a90deb9c1de8a96865dd88431bd32a19982c1fd1f3aafbdba1504186be395c7a23292ba4289f2d7db5ea792bf4649a4f312c12d182fbcd615efa4","ssdeep":"24576:rTHgWHhIKmqD5b7UCVOaAFHyzMkmsHvr39Q7jOI+p+F:rrPHuKmqD53/caAdyHvbuGIIq","tlshash":"84253398f9384d70bddc0d04ce9026185a9be94f953c3c4b567cb26cb68871f0a9d7ad","first_seen":"2026-04-23T04:42:00.295423Z","last_seen":"2026-04-23T04:45:25.111419Z","times_seen":2,"resource_available":false,"data":null}},"time_used":633,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":432,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/fa-solid-900-QWY35r5r.woff2","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/fa-solid-900-QWY35r5r.woff2 HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/assets/index-COa9s3xS.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 156400\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":156400,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 156400, version 773.1280","md5":"1ec0ba058c021acf7feaa18081445d63","sha1":"73e7eabf7a8ae9be149a85d196c9f3f26622925b","sha256":"ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f","sha512":"16a1b8a067ad4a33dcf4483c8370ca42e32f1385e3c4e717f8d0ce9995ca1f8397b15a63c0cee044c4b0fca96c4b648c850f483eeb1188a20f8b6cbf11d2b208","ssdeep":"3072:T0NNdf7uJ/Q8zfLtuI3m4uTtijwbr+mV+5ZUTRjV:AN7r8jMbgjwvOrU3","tlshash":"b6e3139a9a1f63d89c3cd982f61ef3fb715aadab1f521220193149f9d04f0af5035a4c","first_seen":"2024-04-05T18:44:58Z","last_seen":"2026-04-23T07:46:27.488589Z","times_seen":9568,"resource_available":false,"data":null}},"time_used":299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":275,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Zaza_one-UJRjNDBK.jpg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Zaza_one-UJRjNDBK.jpg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 565668\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":565668,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x2560, components 3","md5":"af5d777d2ae8fc674273f729bc63fca7","sha1":"8e005df30e459d5d499f977f61c7973b9b975d23","sha256":"ef1585ee0ea1f3a3dcf7003fb2b32b4366bc41d54b7717b5ac9be514c5772e2d","sha512":"6550832e8f79146f859b03ef1517d53c27739f5659bcfc3c3494b5fff58c6212bfeae2d03c9ca002cef53b9211c015a704a9da5b6aaa300efcceac09ce993618","ssdeep":"12288:J7iY6Lj/p3EGYrSx+5SqZ/29LxvxjR1naTQPSd:8YIbpM+x+5Jp29lZF92Qw","tlshash":"c9c42312b683c13cce91365089cf73693a77e2e5cd9cf0d624303da7b547bcaa896169","first_seen":"2026-04-23T04:42:00.298195Z","last_seen":"2026-04-23T04:45:25.091344Z","times_seen":2,"resource_available":false,"data":null}},"time_used":530,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":281,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-4-BOOSkKaW.webp","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-4-BOOSkKaW.webp HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 111168\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":111168,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"dbed712070ea64ee5885fb76c5f6fae5","sha1":"61b16773c94d9365f000e1722c13c4ae7e302450","sha256":"8621fa848a61262f06d086c6eea0a817f428cbdbda02d9d1692c5f8ca9400696","sha512":"b606d7f20dd8c1bae6e501532f2574225142ae344d0cd51bf0d2ed534cef266156e2a54921eb690939d856ca7e4a00da32f877845f4886e3fc9a462afcd6d433","ssdeep":"1536:JEVm4xFALRU3dw4JKdu/grspfrdoMD9nS0dTl7bELGyLAa6gNE2qSZSi7qBt1aGp:JZ4xOgdD4rryDtSIJcXv6g6ZSfqB5p","tlshash":"f8b3129be91559127208f8730b2f62a32430cfee4b4d82653ea6c54bbd87471adc6f1d","first_seen":"2026-04-23T04:42:00.299332Z","last_seen":"2026-04-23T04:45:25.108131Z","times_seen":2,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Icon-4-Br7deDIq.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Icon-4-Br7deDIq.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 17208\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":17208,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"b93ae972909c921bfb72fa285b40d725","sha1":"fb3dfddd505c7bc296c36898fba8d7b1586d2e5c","sha256":"c02a68a427f051406cc6277d416b22abcb47eadb82a3553c84922d041604bc34","sha512":"d2a3cd9c6f767429365f28defedafa3275ed8cfb94266f65308bceff551972c5eb0f67d940c0221e4862088d473aa630a77bd2e459465ada3c5bdfa5ceb57e07","ssdeep":"384:7J5hLNvTCKY9LU+iMVsE2LafHqRmnZMeMY0vn1Y/yYmk:F5hp+/12EzfKaZ7MY06Ak","tlshash":"0f72bf63ddf2a9a500e81f35fcf7429d66bb6b608f01990a0d5d015eaf9eb0f6ca4704","first_seen":"2026-04-23T04:42:00.300194Z","last_seen":"2026-04-23T04:45:25.116831Z","times_seen":2,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-4-BOOSkKaW.webp","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-4-BOOSkKaW.webp HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/sketch-overlay-Y3hbaS3k.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/sketch-overlay-Y3hbaS3k.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1815825\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1815825,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1408 x 768, 8-bit/color RGBA, non-interlaced","md5":"797a81a70737f0e0bd1697e6b4fafc5e","sha1":"9cde8615003ae92e72971a8bfce94612e20544c5","sha256":"ffb20c07a75e37c035215694c26eb0010214daf5fabdbfa091c86ba265c1972d","sha512":"be2d406f71519684ba144300782ebe6c58951534ed9836cd191229de544593b37feb0d591b44d5804093e2a1ca52a84142aa1df19ee929aa3dc81f8d2edd0c8a","ssdeep":"24576:/aU6PtWBn6zJzgSOVpU19ISUPu1g6OcISQ8vieAV:/UPta6zxgpU16SUPuPOcISjaj","tlshash":"e6252309295a0f1505f36318b5e204bc8b0e375891fbbdf6126f72fb6efa8994050ad7","first_seen":"2026-04-23T04:42:00.303422Z","last_seen":"2026-04-23T04:45:25.107123Z","times_seen":2,"resource_available":false,"data":null}},"time_used":688,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":420,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/sketch-2-OSqrKGCT.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/sketch-2-OSqrKGCT.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1454753\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1454753,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1408 x 768, 8-bit/color RGB, non-interlaced","md5":"794e280ef56804904cf32a86addb4c84","sha1":"2f1e3688ced50351dd8e8c02aa8797947faf1f67","sha256":"b0645d5049ff4b4fd9d408d6a7368f1d8dc364a85c0a015c13aedb81e0c7f459","sha512":"b694c8140e2696466ad17633242bca1d30f08ebb300b975bf282c9d83f47937b5a30f3f310189fcfe83b307945e1a4fc22a217c275ee71a54e87f01ce4ad0a9c","ssdeep":"24576:qWOUiMSwJ6OItxSX389TbTMVoeK2oYpwdT4S3TueGUf:qTbyX3yTXMVnK+pwhtv","tlshash":"2125330fb652c17eb404b37604aafd989a4d233735a94c2d527e77f06ad84c1171eb8e","first_seen":"2026-04-23T04:42:00.307236Z","last_seen":"2026-04-23T04:45:25.097517Z","times_seen":2,"resource_available":false,"data":null}},"time_used":638,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":388,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-2-BWheEyr0.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-2-BWheEyr0.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 21220\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":21220,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1555 x 937, 8-bit colormap, non-interlaced","md5":"165e6c4b586cbafa8e06ccaec4d8c171","sha1":"3dd1a112e2a90843b058fb6aff81d4a2a78f245a","sha256":"7a1eea73625a5ab2e94645218fa2d2911223b107ade891c9bcd80f8244e4ec93","sha512":"c564abc0ee17c3ac5e16fa79131d2b52a71ebd4c3a680b50b8ea8913067351186fb3504b0ab35faa00acc47ecebdc4bfe7f3f9a19eb2aadd2471df23befbec33","ssdeep":"384:rPhlh3NLwHYS92tBirmmRVkU6EGjfpYkhYeiKWreXSb5VPlY6eNyR:r5H3NLOX900fRmUcft4KKeXIn9DR","tlshash":"d992d1c950cad500d22ad0b0b6a2a4518fb3eeb0a3c357e4ed9d45423c0e6eb554e7bf","first_seen":"2026-04-23T04:42:00.310294Z","last_seen":"2026-04-23T04:45:25.099094Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/ico-BK6dnvva.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/ico-BK6dnvva.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 52217\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":52217,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1028 x 659, 8-bit/color RGBA, non-interlaced","md5":"a0bbda2da8385f355c725a3b3fba7da7","sha1":"8f77e5fd76e80e5a621029753b843d025d1539df","sha256":"219ed3d76e3818fd1f4b8fd8cfcaf1e637e5f249df0edfdccc85fb2982f01c88","sha512":"f719366ba2005b022fc107a3ff0a3f441753b90a2e6e1fec7568455cfa88db973f6173aa9f1bb11e62295c2423883b08d2fbb7e8b3a70d7908ff4ea8b71e552d","ssdeep":"1536:GxElp9UCse5rZPkT4ZKdtuWEVAq+VgO/C6Y2VKB1cRK:prVFRNKLuWEmq0pRVKB14K","tlshash":"3933f1b88a6f61c4c9c66ab3d9f07c4cb950de4802bcc47699d9919f4a1126b33a13f6","first_seen":"2026-04-23T04:42:00.311374Z","last_seen":"2026-04-23T04:45:25.113514Z","times_seen":2,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/footer-sketch-D1qxvEPB.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/footer-sketch-D1qxvEPB.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/logo-CQw7h1eZ.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.947Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/logo-CQw7h1eZ.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:22 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 164017\r\ndate: Thu, 23 Apr 2026 04:41:22 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":164017,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2964 x 424, 8-bit/color RGBA, non-interlaced","md5":"43ab6415c3c024aa75c2fb8cd5185db2","sha1":"5f6fac9a85776e328b535b0f41bb58f9044ad52d","sha256":"2c787203bed35c794d46f1b1406dd868e1e5509732f2d736802d612a0e1700c1","sha512":"138bd786e9c6d902c6cc95f32bdf6de9f30dbe7c1fc759c7a815d3b49b942bacc1f86aea3c3c423662367a1b4a652a42288ef9f636ccb17a924d5115ce705537","ssdeep":"3072:BZ2t9nfiy7YEiGaHbXt5CftRIHrG1iEF1nVaLdBGtDdd2RlTaxGM74:fM9fi4YEiGaHH+RamiEZaLjGT21VM8","tlshash":"fef3120ba523e69acc6f1ef169fe2ca02b7933900d7409f17575f46cdd24b8568c1ba2","first_seen":"2026-04-23T04:42:00.312667Z","last_seen":"2026-04-23T04:45:25.085576Z","times_seen":2,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":91,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Icon-2-CK09bsmX.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Icon-2-CK09bsmX.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 34194\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":34194,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"6ee38fd4189aa1cbc318b5a1c9bd6d1a","sha1":"2d41b2901aa8c25070c3e76ec93a827e2b70807d","sha256":"a6c7ad00ece5a12503873a195fcddef23fea847e1dba837c963c7feca7e4a5d9","sha512":"e70fda89be542aec605f0cbb04edd6e86832e09098e2d515c45123ba0970ee1f575fa9bc7284ae67376e18e0a02d2cc6e4989478ed738212d9920335ed0aa16f","ssdeep":"768:0k7kvVvm1mApBCG6WG2FvnuA6HilNb4DMnoOGGHFr:nGvuJ0G6WG2Ju9iwQGK9","tlshash":"27e2e172f25d63dfd6081479193f0b2131adbdf44fe53569978490288ed671f7222e28","first_seen":"2026-04-23T04:42:00.315823Z","last_seen":"2026-04-23T04:45:25.095422Z","times_seen":2,"resource_available":false,"data":null}},"time_used":358,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Icon-3-B1z4KW2Z.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Icon-3-B1z4KW2Z.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 29518\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":29518,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 281 x 280, 8-bit/color RGBA, non-interlaced","md5":"d600e80248ea76246404309d9430533a","sha1":"0046744077e18ffb4fb69d60a2731eb47e18362b","sha256":"7cdfc5cc39eef97e675a248ee738a4181e433c0b60a607665cba62ba19345ca7","sha512":"e205c01792f4010098bba7c5b4d1193e76e262dc38d931f7805d74c33ab55808f9bbb93c248d33c365ddabffad89937309fc4738eb21d7b9af1e1d67485f27a8","ssdeep":"768:sxFor4iIhVG3y8/OK5sHriwU4QSzN4N4LoWwKGofo:sxqa7GHXsLi964N4L3wKGx","tlshash":"34d2e1138239cc0ce8815b7240d5a54dbfebece07d661594aeeb89cbbc35b805fd0a42","first_seen":"2026-04-23T04:42:00.31699Z","last_seen":"2026-04-23T04:45:25.115096Z","times_seen":2,"resource_available":false,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Cil_ten-DmzFTEh-.jpg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Cil_ten-DmzFTEh-.jpg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/1-BIX0-FSg.jpeg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/1-BIX0-FSg.jpeg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/slide-two-BkukrZHs.jpg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/slide-two-BkukrZHs.jpg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1462292\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1462292,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1408 x 768, 8-bit/color RGB, non-interlaced","md5":"17052aeb9a72f81ceef77f237d8fbb15","sha1":"8145d5b8f9b567879cf3ad422506a577adaf0f71","sha256":"2e907d98fa7707cbaf0e5df4329d8fce0321a51ada3902f6a840f8d892446406","sha512":"440f55d3f28b8bd471e9477d48b67cfe9feb119916ad4518b7af849d73a5c2e37cd6c77808fddfa46273f111b432a98984bac445695585505295019ae01b5e81","ssdeep":"24576:ch8ppQR3TsLCSaeUuvT1DUDjKyAyahn8nu+FwaJZjXJc5pB+B91f/SZRyrEE:cSpWR3TsL1hvaKyA7l1aXDJoY6jE","tlshash":"fb2533f3d2eba6f6a3dfd47405424a3e76997134fb034b06841162d193ec696d20bbe2","first_seen":"2026-04-23T04:42:00.318949Z","last_seen":"2026-04-23T04:45:25.093194Z","times_seen":2,"resource_available":false,"data":null}},"time_used":578,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":304,"receive":274,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/orca_9-CKFZc6uF.jpeg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/orca_9-CKFZc6uF.jpeg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 155025\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":155025,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x1280, components 3","md5":"3015190ca0b9b9d23c334fbb1cb68f92","sha1":"8721b66eb0917cbd9bca78fbbfb6d479c8260b05","sha256":"380a2cbd8e873d4dc8ecbfe1ff1c025cfe9848f6aaa6ad7a9f3adaf004080d44","sha512":"06785122880f6353abc8a485daba2e13fda3e54f0ae0238daaa30b5deeb743cf04e915241bd081624567301c65c7826ec0f6c13c421a9b41483085bbff94a2c8","ssdeep":"3072:Zns5tCkSxu2qixntqpjGi/Jox25bt03AVbdkf5DZUyGregskP:ZWzZ27tgiC/3kf5DlGreE","tlshash":"86e323edb1a17eabc444d4f7fe9a1d373116425cfa901ecff1c8a5882019a4e0a47e97","first_seen":"2026-04-23T04:42:00.320779Z","last_seen":"2026-04-23T04:45:25.087961Z","times_seen":2,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-23T04:41:22.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 234\r\ndate: Thu, 23 Apr 2026 04:41:22 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":556,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"58f0901b6ed7115ceb6987ac26db13fa","sha1":"1a3db880e9656cf27ca03c1afa9944344ff94019","sha256":"5ef943f8a7dc5295e28281789603a7e0be06d7df161298c2f77035336449ec67","sha512":"551d1d63acfd8064eb770dcb7b873191f04b77154331ed9feab64f3a4a9ffdbad62ce48d5f64bb68456d5f0359697158456cddd17dd52ec00e2842acd0a3006f","ssdeep":"","tlshash":"c9f0814194e08d16427007546d92e5158943e387834d9e142697a0bd5e80b8289df5f8","first_seen":"2026-04-23T04:42:00.323542Z","last_seen":"2026-04-23T04:45:25.092346Z","times_seen":2,"resource_available":true,"data":null}},"time_used":465,"timings":{"blocked":186,"dns":1,"connect":90,"send":0,"wait":93,"receive":0,"ssl":93},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/sketch-overlay-Y3hbaS3k.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/sketch-overlay-Y3hbaS3k.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Icon-1-xaiWxCIU.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:22.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Icon-1-xaiWxCIU.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 32498\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":32498,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"4342439221a39df38986e6112067b18d","sha1":"e14456d38871d6346811c6316b833c68d2bb453e","sha256":"e36d0d3a07258d9f2ec7109286b0160594dbd176e0ee3c2e077fa1449431bcee","sha512":"3e4bb2f9ad222481d8e032f785f04b49fa9521cb81eb2bda07847e7b4c0273889f76a6960fd10102160504457ad82682f9ea79d029c6ed355496f52c8634386b","ssdeep":"768:Ru6EAE6AxDKBAdpeLsQy90L8IP8LrFsj7pKwjiNFJ7nL:A6NtPo9K8IP6RcpK8ilL","tlshash":"d5e2d02bb0105b4f480c81ff1c3f9705c46ddcbe5254944968abea70a8e267b5cea06b","first_seen":"2026-04-23T04:42:00.327175Z","last_seen":"2026-04-23T04:45:25.086417Z","times_seen":2,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":259,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/orca_9-CKFZc6uF.jpeg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/orca_9-CKFZc6uF.jpeg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/about-1-Bm4Jfvtv.jpg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/about-1-Bm4Jfvtv.jpg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 259706\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":259706,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 453x499, components 3","md5":"93af3add4030b6a40ca6e63040b3b7a3","sha1":"bdac4b5d5d319998f07f8bf03d324ed82242922c","sha256":"e8bdd1bd5811837f80757a5683645f34b5fc474a9a4532b41f9a4c7b37d54b1a","sha512":"24b87d4093bb96ac323c7d1cebe48e14123f03d0291444b7e65bde8f4fe7ce1d9919fed7f513dba45276a9aa7584a08d91d7f63c13fbcabc862503d8cb38b51b","ssdeep":"6144:sIdpVBcrNGAAsYNNbCg7DgEW8pg7Gb4w4md7IuuXGM:sITVBING/s+8ognGbnbBhM","tlshash":"534423cccff098ba85758024df61a92067f61e053ba8146f964ce381b2ecdbf5a45d4a","first_seen":"2026-04-23T04:42:00.328351Z","last_seen":"2026-04-23T04:45:25.096872Z","times_seen":2,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":161,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-3-C4tbHbNe.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-3-C4tbHbNe.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 850911\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":850911,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1182 x 867, 8-bit/color RGBA, non-interlaced","md5":"ee2d227a6d4eec4918cef0abe86406b2","sha1":"84d353419cb4159300b78b0333e2e931dd6209f8","sha256":"11b0d650025326323868e758c1eaa27b648aca156df9b510e1534595de47274c","sha512":"6f1ddd3c81f59fd422202bb607fc22195bd5b6e674b3826b8bff5362f3cfd466f3bb4e4f734ac619d96984367cb1ccbf841bfbbc5c86bf3c8249a5e0e8443db7","ssdeep":"12288:jo/EwLZDU63ANb+EXiCZ6ZkvODouK7p5kmr0HewdJ1bP/9rZJBNWRh8bQLIF9:MLZdAh+0ie6moIr0HnbnX9Wv88Lw","tlshash":"b9052381221b456ec09ab670218cff67fb7d2351349e5893cbfe7680592f63e18736a1","first_seen":"2026-04-23T04:42:00.329371Z","last_seen":"2026-04-23T04:45:25.10022Z","times_seen":2,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":352,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/logo-white-BqQ01aL1.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/logo-white-BqQ01aL1.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 38937\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":38937,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1425 x 204, 8-bit/color RGBA, non-interlaced","md5":"67f19b31f9a58610e313cb806d0efc82","sha1":"20941f2f3d08844692b383db498b122b610b3de3","sha256":"431611a4dd135c110511c411be2ccd7c89e9e5fe2bd34e043d57f33cb6e6a5a7","sha512":"5eed7ec6fac3bd0e60302dd044fb0297333901a64d004254f336f56839dd7d77523f72ccb11e0ba4ce8caf947006575b8dfaa3d467b06bf664ea95addcd8bfa4","ssdeep":"768:1xF9io+KDkUrLqcZdhDJo+mhRryOPto/pFpaXrhLb:1xqoxrFC+mXHPtoxFGh/","tlshash":"bb03e1369e76dd446d8b668235b08f27d437d40408e44c2af5c26e4f5ceaccea5e05db","first_seen":"2026-04-23T04:42:00.330633Z","last_seen":"2026-04-23T04:45:25.088599Z","times_seen":2,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Zaza_one-UJRjNDBK.jpg","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Zaza_one-UJRjNDBK.jpg HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/image-one-MU_ffsUy.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/image-one-MU_ffsUy.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T09:09:27.219133Z","times_seen":14096498,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Montserrat-Medium-CzoOGdJ7.ttf","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.053Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Montserrat-Medium-CzoOGdJ7.ttf HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/assets/index-COa9s3xS.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 77374\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":192488,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 18 tables, 1st \"DSIG\", 28 names, Macintosh, Copyright 2011 The Montserrat Project Authors (julieta.ulanovsky@gmail.com)MontserratMedium6.001","md5":"5f797490f806b3b229299f0a66de89c9","sha1":"d7ddcd6682a72ff6044cf2015a71b183494ce320","sha256":"a4d412d818d5fc0215a4593b23d8b5dea20a607e4f1510509f0a7366ca6b931b","sha512":"1e4d52f279591a6b0801fe8a7999669f87fb13c2da5b1bf28fecb2cb6c49f5fff95afcc16db038b4470957bfa07103e16e34ed2eb83027d3cc6c503b2cb31443","ssdeep":"3072:ybFbJITyY+szEfL5B5c7HTe7NJN9x1UBjNg2Psj6oB77:ybFbWksz3Te7NBUBjNGB7","tlshash":"8b14290ab707c349fd620d3595a963957358ff333f1ac38b954a6da4e8af0da0572388","first_seen":"2023-05-11T17:50:02Z","last_seen":"2026-04-23T04:45:25.09619Z","times_seen":45,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/Montserrat-SemiBold-tM4fCJ64.ttf","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/Montserrat-SemiBold-tM4fCJ64.ttf HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/assets/index-COa9s3xS.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: font/ttf\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 77282\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":192268,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, digitally signed, 18 tables, 1st \"DSIG\", 28 names, Macintosh, Copyright 2011 The Montserrat Project Authors (julieta.ulanovsky@gmail.com)MontserratSemiBold6.0","md5":"31e34a4dc526ffb104e2d988f6f52516","sha1":"6b005ad9e70be1343f8e7e0c157d4aad66b285c9","sha256":"d26efb0dcc5b153bb38c8600fe0e5c3ed3ee2c8be163e73d30fd99ad691cf010","sha512":"e7656baf1e7de9e96438018350407b900bf29d709d3ba607f293aee378e2c4e839b7077dd258cf11eaa306272d60395e8da5ce0281798e62fa8ec8c77886de73","ssdeep":"3072:C1UUf9dLf0XBQo3I7yY+sMJflAw1F2cFO4jVm/2qhlXgA2Psj6oBc7:CqUf9dLfa4MsM0wucV2DgmS7","tlshash":"09142b17b307c349ed560d35977973c77358fb723e1ec34b914a6ea8a8da0da0662388","first_seen":"2023-04-17T20:19:56Z","last_seen":"2026-04-23T04:45:25.113032Z","times_seen":271,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":272,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/image-one-MU_ffsUy.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/image-one-MU_ffsUy.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 373549\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":373549,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 382 x 510, 8-bit/color RGBA, non-interlaced","md5":"cd811a28935d30d1239a588a0c8036db","sha1":"9b090dbc3006fea564eaad18a6d1ec51fad0aec8","sha256":"eca6a9dafe9e56345ae9cf87c68f3f5c57079d888cc2aee5055781be6ea387de","sha512":"216452f71cc221ed68b3f6ea614fec76047da41feeea62dcfe6ad858160e5f1ae27212a9ef47aa2d7b27d9379683fa069f0df33b053e10e53cb85bc7631bfc15","ssdeep":"6144:dYByKq6hzoXd3z0BVOxF221HWPWS2nkBqJY9LEPDwHAVk3yRxnOz4ljcFbPpCAL5:2yI6Xd3z0BVO/j12ynPe1EPvk3yRxOzv","tlshash":"e68423806baa49f8479f85e7969edadde3b72843aee40f34d6d5778123940e40b7f010","first_seen":"2026-04-23T04:42:00.334247Z","last_seen":"2026-04-23T04:45:25.098224Z","times_seen":2,"resource_available":false,"data":null}},"time_used":434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"belvingatefin.com/assets/brand-5-CVHKG3o7.png","fqdn":"belvingatefin.com","domain":"belvingatefin.com","tld":"com"},"ip":{"addr":"163.61.188.9","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://belvingatefin.com/","date":"2026-04-23T04:41:23.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aarglobalconstructionltd.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Mar 2026 18:45:52 GMT","end":"Thu, 25 Jun 2026 18:45:51 GMT"},"fingerprint":{"sha1":"A5:E0:C3:76:56:46:D4:92:D8:94:18:4E:C1:DE:91:9B:1D:39:18:07","sha256":"3F:5B:05:BF:D8:BB:7C:0D:33:F1:41:D1:70:30:EA:C2:6F:06:A9:E6:CD:C0:3D:1C:BC:82:00:2A:7F:B9:A4:51"}}},"request":{"raw":"GET /assets/brand-5-CVHKG3o7.png HTTP/1.1\r\nHost: belvingatefin.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://belvingatefin.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 04:41:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 17 Jan 2026 14:36:58 GMT\r\naccept-ranges: bytes\r\ncontent-length: 108694\r\ndate: Thu, 23 Apr 2026 04:41:23 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":108694,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1696 x 716, 8-bit/color RGBA, non-interlaced","md5":"1e763fde8753ee21bb55af24875c7bfd","sha1":"b55a5ba683e53872afdc2ccf3f9604d817e2cdf1","sha256":"509e7de56d477b146b360dcf46455d096f15ff479ef1061dfbad97adde3d4135","sha512":"a73533fccd088263ecbe596c7234a18b1d486881ff3862128be03360de56efaedff563227a31793449f5e6cc2504778a1e5d33398176370318bc2ef2eb6d35d7","ssdeep":"1536:9e8CmoXG3Yst5CPZIgn8mQcxaXmE9FO5HMlUkQegGWor+41/iGXJlbXYR613QzKH:9eq0Gos6ZIgn8ex7E9FknloKyiQXu85","tlshash":"47b3027a9236d7e0d84b413e4c225f17ba63f96c00d9ea14cb399d6cac40dac17e65cd","first_seen":"2026-04-23T04:42:00.335575Z","last_seen":"2026-04-23T04:45:25.109248Z","times_seen":2,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":73,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"belvingatefin.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}