{"report_id":"d81ea4d6-ef48-43ce-a539-45cc0f8f72d0","version":6,"status":"done","tags":[],"date":"2026-03-27T13:25:15Z","url":{"schema":"http","addr":"logfiles.help","fqdn":"logfiles.help","domain":"logfiles.help","tld":"help"},"ip":{"addr":"89.163.155.33","port":0,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"logfiles.help/windows.php","fqdn":"logfiles.help","domain":"logfiles.help","tld":"help"},"title":"Adobe Acrobat for Windows — Download","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"logfiles.help","fqdn":"logfiles.help","domain":"logfiles.help","tld":"help"},"ip":{"addr":"89.163.155.33","port":0,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-01T13:25:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"logfiles.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.edigitalagency.com.au","ip":{"addr":"103.254.137.34","port":443,"asn":55803,"as":"Hostopia Australia Web Pty Ltd","country":"Australia","country_code":"AU"},"domain_registered":"unknown","domain_rank":7158634,"first_seen":"2017-02-27T09:26:14Z","last_seen":"2026-03-02T15:32:07.63493Z","alert_count":0,"request_count":2,"received_data":3410,"sent_data":970,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"logfiles.help","ip":{"addr":"89.163.155.33","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"domain_registered":"2026-03-17","domain_rank":0,"first_seen":"2026-03-27T13:25:15.523351Z","last_seen":"2026-03-27T13:25:15.523351Z","alert_count":4,"request_count":4,"received_data":13466,"sent_data":1886,"comment":"","tags":null,"fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"logfiles.help/","fqdn":"logfiles.help","domain":"logfiles.help","tld":"help"},"ip":{"addr":"89.163.155.33","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"42d4e6246fbc3a40eab7645219d57801","sha1":"879e6f11b1e21ed60f04f38495892513ea3833c0","sha256":"404da476c80a0abe377af49a4ec9731487794d4d0b9d203625f4e31dbd47ad6b","sha512":"31ee2dc038510bf2716556c076cf42363709d8c4188cf53aae9facaa2b50c8c22b22af598865746b7d615c5df114ef7e039d143b045322322c1cb29f2f79054a","ssdeep":"","tlshash":"8101421b65f160001b3774654b3fb7853173313b520dca4574ad67c0afb18674567ee8","size":703,"data":"","first_seen":"2026-03-27T13:25:19.256219Z","last_seen":"2026-03-27T13:25:19.256219Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"logfiles.help/windows.php","fqdn":"logfiles.help","domain":"logfiles.help","tld":"help"},"ip":{"addr":"89.163.155.33","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"5e14fb1e3aed90da07414487ac5c0914","sha1":"c733b8e12680559054ad3782cd1103c352032897","sha256":"4e161d10528768356f41d6556fb83be14fe9ecba9965f8fb217509967970b4a1","sha512":"d84e47e278df15fa99cfafd826cf2a13005725d26b016290b7c9c0ad26b6904ef1dae13fd537611e6b190a3da7424064fbaed35b41df122351241ed8956520b8","ssdeep":"","tlshash":"71219d6f74bb01309b6b65bb9a5f2b4c34305103340bc0a479fda5149fb0e476997ade","size":1301,"data":"","first_seen":"2025-12-22T17:43:44.82864Z","last_seen":"2026-03-27T13:25:19.257345Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.edigitalagency.com.au/wp-content/uploads/new-Adobe-icon-png-small-size.png","fqdn":"www.edigitalagency.com.au","domain":"edigitalagency.com.au","tld":"com.au"},"ip":{"addr":"103.254.137.34","port":443,"asn":55803,"as":"Hostopia Australia Web Pty Ltd","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://logfiles.help/windows.php","date":"2026-03-27T13:24:57.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edigitalagency.com.au","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Tue, 16 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"46:85:02:E9:B5:CD:6C:99:23:48:EF:90:71:1B:98:E4:64:12:15:97","sha256":"0A:2D:04:CB:8B:9B:41:4A:0E:EE:FD:C3:E8:14:27:8D:5E:55:68:62:77:6F:77:70:0A:EC:D3:74:45:A2:3D:FE"}}},"request":{"raw":"GET /wp-content/uploads/new-Adobe-icon-png-small-size.png HTTP/1.1\r\nHost: www.edigitalagency.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://logfiles.help/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 08 Jun 2025 13:31:30 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1500\r\ncontent-type: image/png\r\ndate: Fri, 27 Mar 2026 13:24:57 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1500,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 225 x 199, 4-bit colormap, non-interlaced","md5":"c952c2db66408a12650584c46cd20a46","sha1":"256a9ab36b022423a7d3ed4fa03ba192b5ba20db","sha256":"a9315da1d1d44aaf55aaf88ab5f9ddd45084c540b2e72f0ca3b3e17d837e0aff","sha512":"4576e6b9252e2e096396e4490c1fbd59facc507841e48e105a6740616a70f517b232a74d42e21425cc7d28c31b6ac63984e31cccbece7c9c83faf315722a2b66","ssdeep":"","tlshash":"68311cc16970bc696df92da7d1691ae97197eb090f0183b047171784f3af6131ce7c28","first_seen":"2025-12-22T17:43:44.819818Z","last_seen":"2026-04-13T18:58:41.590683Z","times_seen":7,"resource_available":false,"data":null}},"time_used":319,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":318,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"logfiles.help/favicon.ico","fqdn":"logfiles.help","domain":"logfiles.help","tld":"help"},"ip":{"addr":"89.163.155.33","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://logfiles.help/windows.php","date":"2026-03-27T13:24:57.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.logfiles.help","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 00:44:41 GMT","end":"Mon, 15 Jun 2026 00:44:40 GMT"},"fingerprint":{"sha1":"8C:DD:4B:C7:18:D4:F3:91:73:A0:40:5B:69:C3:AB:CC:96:04:53:CF","sha256":"E5:E1:86:53:A2:29:CD:10:C0:B7:69:C9:C1:44:70:CE:B6:BB:85:E9:08:58:05:61:28:4E:BE:A5:8F:B4:F4:AC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: logfiles.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://logfiles.help/windows.php\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 27 Mar 2026 13:24:57 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nalt-svc: h3=\":444\"; ma=2592000, h3-29=\":444\"; ma=2592000, h3-Q050=\":444\"; ma=2592000, h3-Q046=\":444\"; ma=2592000, h3-Q043=\":444\"; ma=2592000, quic=\":444\"; ma=2592000; v=\"43,46\"\r\nx-turbo-charged-by: LiteSpeed\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-23T05:49:55.124078Z","times_seen":40170,"resource_available":true,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"logfiles.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"logfiles.help/","fqdn":"logfiles.help","domain":"logfiles.help","tld":"help"},"ip":{"addr":"89.163.155.33","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-27T13:24:51.703Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.logfiles.help","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 00:44:41 GMT","end":"Mon, 15 Jun 2026 00:44:40 GMT"},"fingerprint":{"sha1":"8C:DD:4B:C7:18:D4:F3:91:73:A0:40:5B:69:C3:AB:CC:96:04:53:CF","sha256":"E5:E1:86:53:A2:29:CD:10:C0:B7:69:C9:C1:44:70:CE:B6:BB:85:E9:08:58:05:61:28:4E:BE:A5:8F:B4:F4:AC"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: logfiles.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 27 Mar 2026 13:24:51 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nalt-svc: h3=\":444\"; ma=2592000, h3-29=\":444\"; ma=2592000, h3-Q050=\":444\"; ma=2592000, h3-Q046=\":444\"; ma=2592000, h3-Q043=\":444\"; ma=2592000, quic=\":444\"; ma=2592000; v=\"43,46\"\r\nx-turbo-charged-by: LiteSpeed\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2597,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"31a2bd04f16e68cc20695496f69dd1dd","sha1":"7cd0e2fa186622b62f33e73c59d6af1831688174","sha256":"4fb52c8d8aa9945ee737744ad4b7823ddee61a16e0762944498c456f51b02c16","sha512":"34373a1a285535eeb9e6c3a083766e4a55b93a6150b555e685b28bb61271c6436ad3468d7b77996ac6a7256f276005bd06e6a5c252c86c958f99489d2f1b7e99","ssdeep":"","tlshash":"5451221b588160014233d3a09fb7a748f6a6d127c30b85967add268a8ff5a0685e3fd8","first_seen":"2026-03-27T13:25:19.253635Z","last_seen":"2026-03-27T13:25:19.253635Z","times_seen":1,"resource_available":true,"data":null}},"time_used":282,"timings":{"blocked":129,"dns":75,"connect":21,"send":0,"wait":22,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"logfiles.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.edigitalagency.com.au/wp-content/uploads/new-Adobe-icon-png-small-size.png","fqdn":"www.edigitalagency.com.au","domain":"edigitalagency.com.au","tld":"com.au"},"ip":{"addr":"103.254.137.34","port":443,"asn":55803,"as":"Hostopia Australia Web Pty Ltd","country":"Australia","country_code":"AU"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://logfiles.help/","date":"2026-03-27T13:24:52.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"edigitalagency.com.au","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 13 Feb 2026 00:00:00 GMT","end":"Tue, 16 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"46:85:02:E9:B5:CD:6C:99:23:48:EF:90:71:1B:98:E4:64:12:15:97","sha256":"0A:2D:04:CB:8B:9B:41:4A:0E:EE:FD:C3:E8:14:27:8D:5E:55:68:62:77:6F:77:70:0A:EC:D3:74:45:A2:3D:FE"}}},"request":{"raw":"GET /wp-content/uploads/new-Adobe-icon-png-small-size.png HTTP/1.1\r\nHost: www.edigitalagency.com.au\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://logfiles.help/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 08 Jun 2025 13:31:30 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1500\r\ncontent-type: image/png\r\ndate: Fri, 27 Mar 2026 13:24:54 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1500,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 225 x 199, 4-bit colormap, non-interlaced","md5":"c952c2db66408a12650584c46cd20a46","sha1":"256a9ab36b022423a7d3ed4fa03ba192b5ba20db","sha256":"a9315da1d1d44aaf55aaf88ab5f9ddd45084c540b2e72f0ca3b3e17d837e0aff","sha512":"4576e6b9252e2e096396e4490c1fbd59facc507841e48e105a6740616a70f517b232a74d42e21425cc7d28c31b6ac63984e31cccbece7c9c83faf315722a2b66","ssdeep":"","tlshash":"68311cc16970bc696df92da7d1691ae97197eb090f0183b047171784f3af6131ce7c28","first_seen":"2025-12-22T17:43:44.819818Z","last_seen":"2026-04-13T18:58:41.590683Z","times_seen":7,"resource_available":false,"data":null}},"time_used":4444,"timings":{"blocked":2060,"dns":1432,"connect":311,"send":0,"wait":320,"receive":0,"ssl":317},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"logfiles.help/favicon.ico","fqdn":"logfiles.help","domain":"logfiles.help","tld":"help"},"ip":{"addr":"89.163.155.33","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://logfiles.help/","date":"2026-03-27T13:24:52.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.logfiles.help","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 00:44:41 GMT","end":"Mon, 15 Jun 2026 00:44:40 GMT"},"fingerprint":{"sha1":"8C:DD:4B:C7:18:D4:F3:91:73:A0:40:5B:69:C3:AB:CC:96:04:53:CF","sha256":"E5:E1:86:53:A2:29:CD:10:C0:B7:69:C9:C1:44:70:CE:B6:BB:85:E9:08:58:05:61:28:4E:BE:A5:8F:B4:F4:AC"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: logfiles.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://logfiles.help/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Fri, 27 Mar 2026 13:24:52 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\ncache-control: private, no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nalt-svc: h3=\":444\"; ma=2592000, h3-29=\":444\"; ma=2592000, h3-Q050=\":444\"; ma=2592000, h3-Q046=\":444\"; ma=2592000, h3-Q043=\":444\"; ma=2592000, quic=\":444\"; ma=2592000; v=\"43,46\"\r\nx-turbo-charged-by: LiteSpeed\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1238,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"0bde7d4b3da67537eaf9188e6f8049cf","sha1":"64300fc482d01d38b40ab20e15960b6509665e5a","sha256":"5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807","sha512":"2d4d27ab5b3dd2a701a944e9b5372b40ee4f8b3267f133be7ad0d4b42528302aaa002b6132722e2ad1fe629fc3e8baf1011c8dad326062e9c0946d6f1b6eafb4","ssdeep":"","tlshash":"8d21423ec1c1150a80271154fb81e2942619825192470fa1379e7167f6cc0f756937c8","first_seen":"2023-03-07T01:03:24Z","last_seen":"2026-04-23T05:49:55.124078Z","times_seen":40170,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":70,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"logfiles.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"logfiles.help/windows.php","fqdn":"logfiles.help","domain":"logfiles.help","tld":"help"},"ip":{"addr":"89.163.155.33","port":443,"asn":24961,"as":"WIIT AG","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-27T13:24:57.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.logfiles.help","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 17 Mar 2026 00:44:41 GMT","end":"Mon, 15 Jun 2026 00:44:40 GMT"},"fingerprint":{"sha1":"8C:DD:4B:C7:18:D4:F3:91:73:A0:40:5B:69:C3:AB:CC:96:04:53:CF","sha256":"E5:E1:86:53:A2:29:CD:10:C0:B7:69:C9:C1:44:70:CE:B6:BB:85:E9:08:58:05:61:28:4E:BE:A5:8F:B4:F4:AC"}}},"request":{"raw":"GET /windows.php HTTP/1.1\r\nHost: logfiles.help\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://logfiles.help/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Fri, 27 Mar 2026 13:24:57 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nalt-svc: h3=\":444\"; ma=2592000, h3-29=\":444\"; ma=2592000, h3-Q050=\":444\"; ma=2592000, h3-Q046=\":444\"; ma=2592000, h3-Q043=\":444\"; ma=2592000, quic=\":444\"; ma=2592000; v=\"43,46\"\r\nx-turbo-charged-by: LiteSpeed\r\nContent-Encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":6561,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"51d26a13582082f4924d3b7f3080970c","sha1":"61902d7cedc40ff5f56af26de6f83542893a614a","sha256":"c6ca96801cd24a7dc9b5a88eb6b403d0402c382106fd5882add35560b25fedca","sha512":"bd3868c29ec960af05a897bccc87a7e8288e17f2c32e63017b140a4d6ca1ded56969ed9e5c705e37f377e2a7fcf27c873da5e914f576e22e86bf73fe199a9f5c","ssdeep":"96:fhajz+EpNgtMfu9dQDTf9P0962CAVGK21fll2N4Mc:fhYKq8rnjVGK2V726Mc","tlshash":"08d15027908461256677d185afa50b4efe518207d20783407aedb356dff2e028e73bce","first_seen":"2025-12-22T17:43:44.823777Z","last_seen":"2026-03-27T13:25:19.254704Z","times_seen":6,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-27","alert":"Sinkholed","trigger":"logfiles.help","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}