{"report_id":"c2400936-fd07-4e52-a786-782c1f924deb","version":6,"status":"done","tags":[],"date":"2026-04-23T11:24:18Z","url":{"schema":"https","addr":"server.cpanelmanager.com/~eastern1/connect","fqdn":"server.cpanelmanager.com","domain":"cpanelmanager.com","tld":"com"},"ip":{"addr":"103.112.62.87","port":0,"asn":150156,"as":"99IT","country":"Bangladesh","country_code":"BD"},"final":{"url":{"schema":"https","addr":"server.cpanelmanager.com/~eastern1/connect/","fqdn":"server.cpanelmanager.com","domain":"cpanelmanager.com","tld":"com"},"title":"connect-wallet","dom":{"size":21561,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3999)","md5":"e65bd4106b393463965e54acbb00c739","sha1":"a279b8349bf06448fd636448a3ba67f9e2bff004","sha256":"5904225318bc77528e6ee7f7a50881d06124f1f5aa7eba37c32527208f4aec2a","sha512":"677e89f7e35cbca2552b5bae2b4a237d34ad6645f1aaeceeaf3a763a206e33e28c82a95b68ce7aa476bbe2d09e286e395dc845e7eef141fc7fb10f9d6d0d6f20","ssdeep":"192:Br9QtOgEA3aB697DATLF60ReSLgnHEIrWEOvM2BrZ+ra3FVjrt/VjIRcBnUCMeZB:BraE8e7qRQiDD1LxOPus","tlshash":"e7a2d75b56a721622c0779766bfb6b06b210e003d506cd69bedc17c8cf8abe46c4379c","dom_hash":"domhash5341ae4e9577ee6a15afe94489ca2058","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"server.cpanelmanager.com/~eastern1/connect","fqdn":"server.cpanelmanager.com","domain":"cpanelmanager.com","tld":"com"},"ip":{"addr":"103.112.62.87","port":0,"asn":150156,"as":"99IT","country":"Bangladesh","country_code":"BD"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-28T11:24:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"server.cpanelmanager.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-19T22:16:46.237507Z","alert_count":0,"request_count":3,"received_data":148098,"sent_data":1692,"comment":"","tags":null,"fingerprints":null},{"fqdn":"server.cpanelmanager.com","ip":{"addr":"103.112.62.87","port":443,"asn":150156,"as":"99IT","country":"Bangladesh","country_code":"BD"},"domain_registered":"2022-04-27","domain_rank":0,"first_seen":"2025-09-30T02:34:09.229339Z","last_seen":"2026-04-05T22:45:23.539676Z","alert_count":12,"request_count":3,"received_data":55717,"sent_data":1494,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-19T22:20:23.925162Z","alert_count":0,"request_count":1,"received_data":13321,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"server.cpanelmanager.com/~eastern1/connect/","fqdn":"server.cpanelmanager.com","domain":"cpanelmanager.com","tld":"com"},"ip":{"addr":"103.112.62.87","port":443,"asn":150156,"as":"99IT","country":"Bangladesh","country_code":"BD"},"introduction_type":"scriptElement","is_inline":true,"md5":"d8df6ca046307a9527adf685cec3c568","sha1":"568eb39e08228798b1b25bcb0a920a7a39c9e203","sha256":"ee5262136767c4cf0cae87fef2e80d7bfa73a75c83bdba8c68baa291950fde31","sha512":"f1b30c7a7338dc60a12c2f2c1e26c9ce97c213bacc614bc5cf0d4d13c1cc11307d27fe8327a3fa2590ee12f1b318940942b1db5516c09121f009b790dad1e5af","ssdeep":"","tlshash":"0431465a315b18200eb779ba579fa300a410d0033056dd4e7dcd42c05f9efa968eabd4","size":1465,"data":"","first_seen":"2025-10-04T09:54:11.876993Z","last_seen":"2026-04-23T11:24:18.868601Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://server.cpanelmanager.com/~eastern1/connect/","date":"2026-04-23T11:23:56.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:54 GMT","end":"Mon, 22 Jun 2026 08:36:53 GMT"},"fingerprint":{"sha1":"89:9D:A0:A4:A4:3B:62:A3:D0:B3:63:4B:5B:C3:1D:9B:09:43:3C:91","sha256":"DB:10:40:08:19:EF:D7:9C:5F:11:BC:78:DC:9F:81:F3:9E:A7:30:2F:1F:06:C8:C4:A4:DD:BC:C3:27:6F:2A:AA"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://server.cpanelmanager.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 23 Apr 2026 11:23:56 GMT\r\ndate: Thu, 23 Apr 2026 11:23:56 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12635,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"f04de8ad1ef740d940ec0f534a8f6474","sha1":"3b31756e84c8887867417c7d6cc64501c9d9193c","sha256":"2f1ac0c31bc3ede8317cf72e9d28051ec727c9a0014aa69cff495abd6256bb4e","sha512":"69afede137c125294044274e463f30c02594f379ec879285e0b3ee41097f503dfb8272487759870f547e4dc4cf8828a2c1efaa806deb2f3124b7f6d67c638783","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:8KYXuM0p2+4","tlshash":"28427892002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:44:19.218006Z","last_seen":"2026-04-23T14:20:25.405869Z","times_seen":16559,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":97,"dns":1,"connect":15,"send":0,"wait":33,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://server.cpanelmanager.com/~eastern1/connect/","date":"2026-04-23T11:23:56.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://server.cpanelmanager.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 22 Apr 2026 22:33:43 GMT\r\nexpires: Thu, 22 Apr 2027 22:33:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 46214\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-23T14:12:07.981954Z","times_seen":153021,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":72,"dns":2,"connect":7,"send":0,"wait":10,"receive":10,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://server.cpanelmanager.com/~eastern1/connect/","date":"2026-04-23T11:23:56.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://server.cpanelmanager.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 22 Apr 2026 22:33:43 GMT\r\nexpires: Thu, 22 Apr 2027 22:33:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 46214\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-23T14:12:07.981954Z","times_seen":153021,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":139,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":120},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://server.cpanelmanager.com/~eastern1/connect/","date":"2026-04-23T11:23:56.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://server.cpanelmanager.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 22 Apr 2026 22:33:43 GMT\r\nexpires: Thu, 22 Apr 2027 22:33:43 GMT\r\ncache-control: public, max-age=31536000\r\nage: 46214\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-23T14:12:07.981954Z","times_seen":153021,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":103,"dns":0,"connect":0,"send":0,"wait":8,"receive":4,"ssl":84},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"server.cpanelmanager.com/favicon.ico","fqdn":"server.cpanelmanager.com","domain":"cpanelmanager.com","tld":"com"},"ip":{"addr":"103.112.62.87","port":443,"asn":150156,"as":"99IT","country":"Bangladesh","country_code":"BD"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://server.cpanelmanager.com/~eastern1/connect/","date":"2026-04-23T11:23:57.141Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3-87.99itbd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 02:02:10 GMT","end":"Sun, 21 Jun 2026 02:02:09 GMT"},"fingerprint":{"sha1":"25:DE:1A:56:9B:11:57:4B:AB:29:C2:6D:6B:5A:83:C4:D4:14:28:72","sha256":"EC:41:08:DD:3E:9F:39:F1:83:80:EB:E6:3B:7D:FA:18:2A:EE:8E:68:D6:75:7D:28:DB:7F:78:B3:15:66:5D:1F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: server.cpanelmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://server.cpanelmanager.com/~eastern1/connect/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-type: text/html\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ndate: Thu, 23 Apr 2026 11:23:57 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10421,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4070)","md5":"d03ecb308415877ec91c380c1e8ac9f7","sha1":"d70de54f53d38a926854bf828b57d4ce5ec49908","sha256":"f17e5849674e4f9a800080164d6b4f2a274500927ce1fa78e73191b2cb6e8a0c","sha512":"768a3d2f11969538f6419845db0d52f1c4b616450894eb531691f2c62e85d4f025047c63a6c0a209b45e3eda742344aec0fcab04df959172803e29f0af851a55","ssdeep":"192:rlYHC0HNXGZkHQU7ydPJq5S2KqQVX/uTK3w3DK+tMy47R/Ga0kVhFuPwf8Pn93JP:FVGaRF8I8o+x3","tlshash":"9222a5a716e3000b740761ba67ab6201ab69e543d12fcd643f0db3e8cf865819d93b4d","first_seen":"2026-04-23T11:24:18.862129Z","last_seen":"2026-04-23T11:24:18.862129Z","times_seen":1,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":192,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"server.cpanelmanager.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"server.cpanelmanager.com/~eastern1/connect","fqdn":"server.cpanelmanager.com","domain":"cpanelmanager.com","tld":"com"},"ip":{"addr":"103.112.62.87","port":443,"asn":150156,"as":"99IT","country":"Bangladesh","country_code":"BD"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-23T11:23:55.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3-87.99itbd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 02:02:10 GMT","end":"Sun, 21 Jun 2026 02:02:09 GMT"},"fingerprint":{"sha1":"25:DE:1A:56:9B:11:57:4B:AB:29:C2:6D:6B:5A:83:C4:D4:14:28:72","sha256":"EC:41:08:DD:3E:9F:39:F1:83:80:EB:E6:3B:7D:FA:18:2A:EE:8E:68:D6:75:7D:28:DB:7F:78:B3:15:66:5D:1F"}}},"request":{"raw":"GET /~eastern1/connect HTTP/1.1\r\nHost: server.cpanelmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ncontent-type: text/html\r\ncontent-length: 795\r\ndate: Thu, 23 Apr 2026 11:23:56 GMT\r\nserver: LiteSpeed\r\nlocation: https://server.cpanelmanager.com/~eastern1/connect/\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":22159,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T14:09:31.030371Z","times_seen":14105856,"resource_available":true,"data":null}},"time_used":1314,"timings":{"blocked":567,"dns":207,"connect":178,"send":0,"wait":179,"receive":0,"ssl":181},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"server.cpanelmanager.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"server.cpanelmanager.com/~eastern1/connect/","fqdn":"server.cpanelmanager.com","domain":"cpanelmanager.com","tld":"com"},"ip":{"addr":"103.112.62.87","port":443,"asn":150156,"as":"99IT","country":"Bangladesh","country_code":"BD"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-23T11:23:56.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"s3-87.99itbd.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 02:02:10 GMT","end":"Sun, 21 Jun 2026 02:02:09 GMT"},"fingerprint":{"sha1":"25:DE:1A:56:9B:11:57:4B:AB:29:C2:6D:6B:5A:83:C4:D4:14:28:72","sha256":"EC:41:08:DD:3E:9F:39:F1:83:80:EB:E6:3B:7D:FA:18:2A:EE:8E:68:D6:75:7D:28:DB:7F:78:B3:15:66:5D:1F"}}},"request":{"raw":"GET /~eastern1/connect/ HTTP/1.1\r\nHost: server.cpanelmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Tue, 30 Sep 2025 15:20:48 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6010\r\ndate: Thu, 23 Apr 2026 11:23:56 GMT\r\nserver: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":22159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3999), with CRLF line terminators","md5":"b53c730c331a9d48ef9d93316426232e","sha1":"7482ea5d1b264bafb4ca73d12c77f04074bc8a6c","sha256":"ec6b2209f7ce29ca87172010cf97ddbb52c65b805d581b7f340dfeee04fa1ea9","sha512":"8e4d73db788a92fe9d1ed4a5f440fa920bc0483a155743bb52d6ea4521bbfc7f6308e27973287acfea064e2438e7108b65ba71eaababd5621132f52e90d3bff6","ssdeep":"192:2arbAfRu7MgsEnvabHFbDl7au9CtsVje0dVj9RcBnUCDeZfVKDwuReC5zRIRdqvm:frcVTRQtDD1LxaG+MC","tlshash":"c3a2c616d585216229376bb6eff2570af7519003c70386a9badc13c78fbaa585803fdc","first_seen":"2025-10-04T09:54:11.872982Z","last_seen":"2026-04-23T11:24:18.866796Z","times_seen":7,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-23","alert":"Phishing Block","trigger":"server.cpanelmanager.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-23","alert":"Sinkholed","trigger":"server.cpanelmanager.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}