{"report_id":"dfc99a45-9c7b-4233-a287-7317967d8add","version":6,"status":"done","tags":[],"date":"2026-02-04T16:26:03Z","url":{"schema":"http","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":0,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"final":{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"title":"My Store","dom":{"size":67641,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (16879)","md5":"d4f5e06863caa369dc0b5e4a8d48de7f","sha1":"7748349708e4b5d835010dc877cd0226399e99da","sha256":"a15d90e57004cab2afe0b129a46a14a154292caf0a080eac8c363b36a2b15f0c","sha512":"92bbcac04f32aec942c3be0192a0fbc9c5c1cfe6dff77d471a77e7f393e8fd0a61750275c759a91a811d4c6a8af65054ae5313dd1d6408a44dde4f2a6d8e2a49","ssdeep":"1536:FvcclkV5ypez1nT8rdiuy4kvVZobXemlUVuXwamI0vCLyxYQn:FvcclkV0ddid4kNZobXemlUVugamI0vP","tlshash":"446364a156b448f4797f833f9e44a218a527e902ca0577e5b0f3d194758cfa60ae3b0f","dom_hash":"domhash492b44ed5bcd82dd2a4080eb8d62c06a","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":0,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-11T16:26:03Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"domain_registered":"2023-06-20","domain_rank":0,"first_seen":"2026-02-04T16:26:04.12252Z","last_seen":"2026-02-04T16:26:04.12252Z","alert_count":11,"request_count":11,"received_data":239295,"sent_data":5979,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Redis Object Cache","description":"","website":"https://wprediscache.com","common_platform_enumeration":"","icon":"RedisObjectCache.svg","categories":["Caching"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Site Kit:1.171.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Redis","description":"Redis is an in-memory data structure project implementing a distributed, in-memory key–value database with optional durability. Redis supports different kinds of abstract data structures, such as strings, lists, maps, sets, sorted sets, HyperLogLogs, bitmaps, streams, and spatial indexes.","website":"https://redis.io","common_platform_enumeration":"cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*","icon":"Redis.svg","categories":["Databases"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/website-preview/rewrite.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f886fe7021a2f9f21728763afc4afff","sha1":"8cd9f251ffab4a3c8d90f18d8fa9d90ba55a69de","sha256":"f34126446fd5857420ccec00c44b253ecc245215c87db751269f81e8cfa9c1d7","sha512":"4c8c9e3112bf45c2f5084a35ba5969f1c795094388bd9e70d08814f1b214e411f2f203415351ada77feb08e9f3ff9b8920dfe19291f42cd9ee2ec19755032555","ssdeep":"192:2jFAYxAq3DX/4CyR6DMCy9NSQw+gCyL4CymyZ00yie8GpyN:wAU3T5sSaQpyN","tlshash":"25d1105ab9f221b76a33703957efb680b975c2032105cb00bccda7641f60a2d1aa7bc5","size":6212,"data":"","first_seen":"2026-02-04T16:26:06.009724Z","last_seen":"2026-06-05T07:24:45.755523Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-block-template-skip-link-js-after","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fbaf46c807bb4cd06731d80570ec5445","sha1":"7f5a884040311da2eb898e9b9a25df07ab98c2d6","sha256":"125f7130736678e8bf8a857c52a8f4573184dc2dfaa37ecb2bac489372dec0a1","sha512":"f51ea13a0fb248c284d26032e5140281b2a7b2f87250124c92d3909afcef6746fa5d755dc74f555a761561cf957f1427f6d05e278398ad16bc7eab2829d70f27","ssdeep":"","tlshash":"d22195c4f21506f401662a39c4341bc9e2b92998f6db1ca7cc0c8c2cb1b256f46b6f7e","size":1441,"data":"","first_seen":"2025-12-06T18:19:19.74043Z","last_seen":"2026-05-02T04:53:42.938929Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-content/plugins/clsop/assets/js/wpr-beacon.min.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"c7292e918daecc3cbe9b88be41439374","sha1":"4267f1c8d6ba9d49bd4de5d9a50753db19c6886e","sha256":"c887b51ed880800ad5057329aa53b8a55d31e34cc6e8406791c1e497355d4bd8","sha512":"af498333004d69a8d3a9eb779baf8a70a1ac08c44e8007a9da00071f73bfce6996375f95c830583e2b4671ed774ab254b075fa8f690bda7cfeacf4cf9fd7e1fe","ssdeep":"768:0sGdmuPXGPWao/BTBxHGWNm8U/gahHTFWRu5YensJLbjlFNcJTewptENIvtELBpg:NGdeo/BTHBQl1FIObn9vtELBpQiS1Q/u","tlshash":"51c2087372be683351cd10ce74203249b6345d49361ad068f9ac6dee71a5ec32a68fbd","size":26004,"data":"","first_seen":"2025-08-27T08:47:57.655165Z","last_seen":"2026-06-08T18:24:31.05573Z","times_seen":4349,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=66c613f68580994bb00a","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"introduction_type":"importedModule","is_inline":false,"md5":"4dc1083fadc3146eef9e178a635322d7","sha1":"4e30da47cbbd6c3b4bc243ef9196fdb54b8a5648","sha256":"222102c59fbeb8df4f97e143c264d83d794d74a6123486b03b9ecf32a5471918","sha512":"aa096ebe4c95e43225ee1f09450521632db53c9cd732d01e1492747a1f45cb0254cc2a443cd1f024314c86fa0eec441f20ae33c5ef4a55d6cb95bcb7b84d3384","ssdeep":"768:HeW4693pQRsx45G/0vTVhtFiBa7jJEbYlrEdORuHhYlxuQLSZEXdYqAOmp9mI66f:HeQ93u6/0vxh17thuhyQpgFbonUWqeou","tlshash":"bc03c7a4b065f03047e614a6907b051bf3356618344fc0e0f769e8ea78b919f6567f3e","size":41194,"data":"","first_seen":"2026-02-04T02:31:53.531475Z","last_seen":"2026-06-08T22:29:40.529861Z","times_seen":5227,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":true,"md5":"f0999628d755a92ebb18426d5930efd1","sha1":"1e8961380c61acad244233b35939cfca1597cd42","sha256":"df94a7ca9163ffb7942447d240445b6041dd16070aa0b518d601976ca4e1c95c","sha512":"a42c5358cf8f35e4578d98172e10f9c4fd68bbaac0d4ee98ad85b840cb0f95fda0ab18778c986014922dfeb4746dc3b0d3552946c7a4a9161a806775914a9884","ssdeep":"","tlshash":"9411b7c4b21506f401662a2dc4341bc9e2b9299cb6db1ca7cc0c8c2cb1b256f46b6f7f","size":1100,"data":"","first_seen":"2025-12-03T05:32:37.74183Z","last_seen":"2026-06-08T20:19:43.411973Z","times_seen":903,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/website-preview/banner.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"16bfac7b2cf99536b872f55d0f63b3e2","sha1":"c0e1208c2a3c98e9cdf14337cefcba9efae97f07","sha256":"202e5bba8634db5a1bfd4474b6b1df06f5d2b231ebec599111459e3a692b3301","sha512":"4d7b1be3371b23ae4a157dfa21a265241c3a4e06c634edc31b4a344b931a284d063df8f532f986c236c6c2d3087a069a210e693afa4dec3c9bae6ccbe4ec75f7","ssdeep":"192:2selvGRQCuQs/3MQDEFbLgdHt672CMrFtlOgwojK/O3mocmgEKCmhyb43j8SgKmi:ylvEQXD/3NQFPb72TrDogJjWcmocmPzq","tlshash":"ac4294596ef520359d17202f979ff2897a71e103d108ce10396dc3a80fa4d256abbfe8","size":12259,"data":"","first_seen":"2026-02-04T16:26:06.003497Z","last_seen":"2026-06-05T07:24:45.764645Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/website-preview/banner.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"16bfac7b2cf99536b872f55d0f63b3e2","sha1":"c0e1208c2a3c98e9cdf14337cefcba9efae97f07","sha256":"202e5bba8634db5a1bfd4474b6b1df06f5d2b231ebec599111459e3a692b3301","sha512":"4d7b1be3371b23ae4a157dfa21a265241c3a4e06c634edc31b4a344b931a284d063df8f532f986c236c6c2d3087a069a210e693afa4dec3c9bae6ccbe4ec75f7","ssdeep":"192:2selvGRQCuQs/3MQDEFbLgdHt672CMrFtlOgwojK/O3mocmgEKCmhyb43j8SgKmi:ylvEQXD/3NQFPb72TrDogJjWcmocmPzq","tlshash":"ac4294596ef520359d17202f979ff2897a71e103d108ce10396dc3a80fa4d256abbfe8","size":12259,"data":"","first_seen":"2026-02-04T16:26:06.003497Z","last_seen":"2026-06-05T07:24:45.764645Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/website-preview/rewrite.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f886fe7021a2f9f21728763afc4afff","sha1":"8cd9f251ffab4a3c8d90f18d8fa9d90ba55a69de","sha256":"f34126446fd5857420ccec00c44b253ecc245215c87db751269f81e8cfa9c1d7","sha512":"4c8c9e3112bf45c2f5084a35ba5969f1c795094388bd9e70d08814f1b214e411f2f203415351ada77feb08e9f3ff9b8920dfe19291f42cd9ee2ec19755032555","ssdeep":"192:2jFAYxAq3DX/4CyR6DMCy9NSQw+gCyL4CymyZ00yie8GpyN:wAU3T5sSaQpyN","tlshash":"25d1105ab9f221b76a33703957efb680b975c2032105cb00bccda7641f60a2d1aa7bc5","size":6212,"data":"","first_seen":"2026-02-04T16:26:06.009724Z","last_seen":"2026-06-05T07:24:45.755523Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=b0f909c3ec791c383210","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"introduction_type":"scriptElement","is_inline":false,"md5":"81f491adccda86aaf56a1ce68fa59b87","sha1":"c27ca491887c7fdad5a3ca67592173427cc861af","sha256":"efc3dac74026580ee6b527716e2e63ba29f2116a90d4a47a691438b9a2b86c2f","sha512":"809037c160df1990ac458f977252a4cb2629c748f1a8133240c9d2897b14ad58d2407d822fea9c61efeb19af1e72dc16b29c09c917dca024f4145f1977d1ff57","ssdeep":"","tlshash":"24610234306576b1aefe5ad8f3148428a3148581640b78717e1cb9ee58eef5391f0bea","size":3401,"data":"","first_seen":"2025-12-03T01:51:42.331168Z","last_seen":"2026-06-08T10:01:14.297336Z","times_seen":11278,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-content/plugins/clsop/assets/js/wpr-beacon.min.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:43.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /wp-content/plugins/clsop/assets/js/wpr-beacon.min.js HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:44 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 26004\r\nConnection: keep-alive\r\nLast-Modified: Wed, 04 Feb 2026 10:14:57 GMT\r\nAccept-Ranges: bytes\r\nX-Robots-Tag: noindex, nofollow\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26004,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (14464)","md5":"c7292e918daecc3cbe9b88be41439374","sha1":"4267f1c8d6ba9d49bd4de5d9a50753db19c6886e","sha256":"c887b51ed880800ad5057329aa53b8a55d31e34cc6e8406791c1e497355d4bd8","sha512":"af498333004d69a8d3a9eb779baf8a70a1ac08c44e8007a9da00071f73bfce6996375f95c830583e2b4671ed774ab254b075fa8f690bda7cfeacf4cf9fd7e1fe","ssdeep":"768:0sGdmuPXGPWao/BTBxHGWNm8U/gahHTFWRu5YensJLbjlFNcJTewptENIvtELBpg:NGdeo/BTHBQl1FIObn9vtELBpQiS1Q/u","tlshash":"51c2087372be683351cd10ce74203249b6345d49361ad068f9ac6dee71a5ec32a68fbd","first_seen":"2025-08-27T08:47:57.655165Z","last_seen":"2026-06-08T18:24:31.05573Z","times_seen":4349,"resource_available":true,"data":null}},"time_used":2081,"timings":{"blocked":692,"dns":1,"connect":345,"send":0,"wait":684,"receive":9,"ssl":348},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/website-preview/banner.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:44.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /website-preview/banner.js HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 12259\r\nLast-Modified: Thu, 13 Nov 2025 17:51:48 GMT\r\nConnection: keep-alive\r\nETag: \"69161ab4-2fe3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12259,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"16bfac7b2cf99536b872f55d0f63b3e2","sha1":"c0e1208c2a3c98e9cdf14337cefcba9efae97f07","sha256":"202e5bba8634db5a1bfd4474b6b1df06f5d2b231ebec599111459e3a692b3301","sha512":"4d7b1be3371b23ae4a157dfa21a265241c3a4e06c634edc31b4a344b931a284d063df8f532f986c236c6c2d3087a069a210e693afa4dec3c9bae6ccbe4ec75f7","ssdeep":"192:2selvGRQCuQs/3MQDEFbLgdHt672CMrFtlOgwojK/O3mocmgEKCmhyb43j8SgKmi:ylvEQXD/3NQFPb72TrDogJjWcmocmPzq","tlshash":"ac4294596ef520359d17202f979ff2897a71e103d108ce10396dc3a80fa4d256abbfe8","first_seen":"2026-02-04T16:26:06.003497Z","last_seen":"2026-06-05T07:24:45.764645Z","times_seen":2,"resource_available":true,"data":null}},"time_used":353,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":352,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/favicon.ico","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:45.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:46 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate\r\nPragma: no-cache\r\nLink: \u003chttps://elmersmg.online/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nX-Redirect-By: WordPress\r\nSet-Cookie: PHPSESSID=ef82f436fc4fa89efbfb0ab36aff5b39; path=/\r\nLocation: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-includes/images/w-logo-blue-white-bg.png\r\nX-Robots-Tag: noindex, nofollow\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T22:17:26.933573Z","times_seen":16251514,"resource_available":true,"data":null}},"time_used":893,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":893,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-04T16:25:41.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:42 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Robots-Tag: noindex, nofollow\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Redis Object Cache","description":"","website":"https://wprediscache.com","common_platform_enumeration":"","icon":"RedisObjectCache.svg","categories":["Caching"]},{"name":"WordPress:6.9.1","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Site Kit:1.171.0","description":"Site Kit is a one-stop solution for WordPress users to use everything Google has to offer to make them successful on the web.","website":"https://sitekit.withgoogle.com/","common_platform_enumeration":"","icon":"Google.svg","categories":["Analytics","WordPress plugins"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Redis","description":"Redis is an in-memory data structure project implementing a distributed, in-memory key–value database with optional durability. Redis supports different kinds of abstract data structures, such as strings, lists, maps, sets, sorted sets, HyperLogLogs, bitmaps, streams, and spatial indexes.","website":"https://redis.io","common_platform_enumeration":"cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*","icon":"Redis.svg","categories":["Databases"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66925,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (16879)","md5":"39b271016921adc06acff8bedc322eca","sha1":"52f8d72c788662e2ceecca50977b998912141779","sha256":"a805c929609307a737b197ffa79adce7cf56ebc4734a4ad04c7fca4dd651d470","sha512":"d3efbd5eb82089fc2b855b4634394135b3f09ac24a510826905d55f9ec8ea88cd32e5d507e94c9b90dcf64fff1c5237944e2a08a8159cc23a87d79c6f4ad8e1b","ssdeep":"1536:oqWclkX5ypez1nT8fdqBy4eZMp64wvSAIXuTVH0vCLyxYu+:oqWclkX0pdqY4eZMp64wvSAIeTVH0vCp","tlshash":"c96374a157b448f4797f833f9e44a218a527e902ca0577e5b0f3d194658cfa60ae3b0f","first_seen":"2026-02-04T16:26:06.006342Z","last_seen":"2026-02-04T16:26:06.006342Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3360,"timings":{"blocked":1140,"dns":430,"connect":351,"send":0,"wait":704,"receive":375,"ssl":355},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=b0f909c3ec791c383210","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:43.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=b0f909c3ec791c383210 HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:44 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 3401\r\nConnection: keep-alive\r\nLast-Modified: Tue, 28 Oct 2025 04:26:48 GMT\r\nAccept-Ranges: bytes\r\nX-Robots-Tag: noindex, nofollow\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3401,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (3401), with no line terminators","md5":"81f491adccda86aaf56a1ce68fa59b87","sha1":"c27ca491887c7fdad5a3ca67592173427cc861af","sha256":"efc3dac74026580ee6b527716e2e63ba29f2116a90d4a47a691438b9a2b86c2f","sha512":"809037c160df1990ac458f977252a4cb2629c748f1a8133240c9d2897b14ad58d2407d822fea9c61efeb19af1e72dc16b29c09c917dca024f4145f1977d1ff57","ssdeep":"","tlshash":"24610234306576b1aefe5ad8f3148428a3148581640b78717e1cb9ee58eef5391f0bea","first_seen":"2025-12-03T01:51:42.331168Z","last_seen":"2026-06-08T10:01:14.297336Z","times_seen":11278,"resource_available":true,"data":null}},"time_used":1737,"timings":{"blocked":691,"dns":1,"connect":343,"send":0,"wait":352,"receive":0,"ssl":348},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-content/themes/twentytwentyfive/assets/fonts/manrope/Manrope-VariableFont_wght.woff2","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:44.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /wp-content/themes/twentytwentyfive/assets/fonts/manrope/Manrope-VariableFont_wght.woff2 HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:44 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 53600\r\nConnection: keep-alive\r\nLast-Modified: Mon, 28 Oct 2024 16:02:18 GMT\r\nAccept-Ranges: bytes\r\nX-Robots-Tag: noindex, nofollow\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53600,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 53600, version 1.0","md5":"a8ebc7eb54efacfda66d0a2531058ecd","sha1":"5b56dbe3d3eabe178719988f4fee76d9d4ad7079","sha256":"ce340d48531930f3f2c8b7c47d149f82c9f4413548dd216e0f4d9af94a87c374","sha512":"bde7ef9fa476ae2bf7220afadc1285dec21f1a51718f3633a82cd4d08ac0adafd02acf01db82b3c263ab8a87e2cb18a03830f302d664f4441629ec24678bf2ac","ssdeep":"1536:GcCtX6JRTj6XLzm1OSRKt9Vo3IGC9pT/UTQ+z/y:qX6DWXPmwSRIVPGC9pTREy","tlshash":"203302d1f44038206c75e3fbddecfb9434ea81aaf53945d384a658bc0f8056addb0264","first_seen":"2023-11-30T06:19:19Z","last_seen":"2026-06-08T20:59:04.02066Z","times_seen":9171,"resource_available":false,"data":null}},"time_used":1078,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":725,"receive":353,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/website-preview/rewrite.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:44.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /website-preview/rewrite.js HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:44 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 6212\r\nLast-Modified: Thu, 13 Nov 2025 17:51:44 GMT\r\nConnection: keep-alive\r\nETag: \"69161ab0-1844\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6212,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"2f886fe7021a2f9f21728763afc4afff","sha1":"8cd9f251ffab4a3c8d90f18d8fa9d90ba55a69de","sha256":"f34126446fd5857420ccec00c44b253ecc245215c87db751269f81e8cfa9c1d7","sha512":"4c8c9e3112bf45c2f5084a35ba5969f1c795094388bd9e70d08814f1b214e411f2f203415351ada77feb08e9f3ff9b8920dfe19291f42cd9ee2ec19755032555","ssdeep":"192:2jFAYxAq3DX/4CyR6DMCy9NSQw+gCyL4CymyZ00yie8GpyN:wAU3T5sSaQpyN","tlshash":"25d1105ab9f221b76a33703957efb680b975c2032105cb00bccda7641f60a2d1aa7bc5","first_seen":"2026-02-04T16:26:06.009724Z","last_seen":"2026-06-05T07:24:45.755523Z","times_seen":2,"resource_available":true,"data":null}},"time_used":351,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=66c613f68580994bb00a","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:44.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /wp-includes/js/dist/script-modules/interactivity/index.min.js?ver=66c613f68580994bb00a HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=b0f909c3ec791c383210\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:44 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 41194\r\nConnection: keep-alive\r\nLast-Modified: Thu, 29 Jan 2026 15:37:52 GMT\r\nAccept-Ranges: bytes\r\nX-Robots-Tag: noindex, nofollow\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41194,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (41194), with no line terminators","md5":"4dc1083fadc3146eef9e178a635322d7","sha1":"4e30da47cbbd6c3b4bc243ef9196fdb54b8a5648","sha256":"222102c59fbeb8df4f97e143c264d83d794d74a6123486b03b9ecf32a5471918","sha512":"aa096ebe4c95e43225ee1f09450521632db53c9cd732d01e1492747a1f45cb0254cc2a443cd1f024314c86fa0eec441f20ae33c5ef4a55d6cb95bcb7b84d3384","ssdeep":"768:HeW4693pQRsx45G/0vTVhtFiBa7jJEbYlrEdORuHhYlxuQLSZEXdYqAOmp9mI66f:HeQ93u6/0vxh17thuhyQpgFbonUWqeou","tlshash":"bc03c7a4b065f03047e614a6907b051bf3356618344fc0e0f769e8ea78b919f6567f3e","first_seen":"2026-02-04T02:31:53.531475Z","last_seen":"2026-06-08T22:29:40.529861Z","times_seen":5227,"resource_available":true,"data":null}},"time_used":736,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":691,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/wp-includes/images/w-logo-blue-white-bg.png","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:46.402Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=ef82f436fc4fa89efbfb0ab36aff5b39\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:46 GMT\r\nContent-Type: image/png\r\nContent-Length: 4119\r\nConnection: keep-alive\r\nLast-Modified: Mon, 15 Nov 2021 16:04:02 GMT\r\nAccept-Ranges: bytes\r\nX-Robots-Tag: noindex, nofollow\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"000bf649cc8f6bf27cfb04d1bcdcd3c7","sha1":"d73d2f6d74ec6cdcbae07955592962e77d8ae814","sha256":"6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0","sha512":"73d2ea5ffc572c1ae73f37f8f0ff25e945afee8e077b6ee42ce969e575cdc2d8444f90848ea1cb4d1c9ee4bd725aee2b4576afc25f17d7295a90e1cbfe6edfd5","ssdeep":"96:h3bdWfcmTY+aRF1pXWZL2+42HGhIUc8KeLEd:hgXTY+as02mOB8XLEd","tlshash":"00814b63df38c566e66a2b189ff6bca56b290fd50ca1194c0eecb025632c06d1065089","first_seen":"2023-04-08T12:31:37Z","last_seen":"2026-06-08T22:14:16.88898Z","times_seen":66497,"resource_available":true,"data":null}},"time_used":363,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/website-preview/banner.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:43.695Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /website-preview/banner.js HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:43 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 12259\r\nLast-Modified: Thu, 13 Nov 2025 17:51:48 GMT\r\nConnection: keep-alive\r\nETag: \"69161ab4-2fe3\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12259,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"16bfac7b2cf99536b872f55d0f63b3e2","sha1":"c0e1208c2a3c98e9cdf14337cefcba9efae97f07","sha256":"202e5bba8634db5a1bfd4474b6b1df06f5d2b231ebec599111459e3a692b3301","sha512":"4d7b1be3371b23ae4a157dfa21a265241c3a4e06c634edc31b4a344b931a284d063df8f532f986c236c6c2d3087a069a210e693afa4dec3c9bae6ccbe4ec75f7","ssdeep":"192:2selvGRQCuQs/3MQDEFbLgdHt672CMrFtlOgwojK/O3mocmgEKCmhyb43j8SgKmi:ylvEQXD/3NQFPb72TrDogJjWcmocmPzq","tlshash":"ac4294596ef520359d17202f979ff2897a71e103d108ce10396dc3a80fa4d256abbfe8","first_seen":"2026-02-04T16:26:06.003497Z","last_seen":"2026-06-05T07:24:45.764645Z","times_seen":2,"resource_available":true,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site/website-preview/rewrite.js","fqdn":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","domain":"54-179-179-29.wpsquared.site","tld":"wpsquared.site"},"ip":{"addr":"54.179.179.29","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/","date":"2026-02-04T16:25:43.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.elmersmg.online","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Feb 2026 10:12:53 GMT","end":"Tue, 05 May 2026 10:12:52 GMT"},"fingerprint":{"sha1":"69:0F:11:3E:ED:3E:40:EC:58:76:2B:FE:AC:40:3C:B5:6A:ED:59:F7","sha256":"1B:06:38:69:FB:B0:A7:27:29:2D:40:D8:63:DE:22:8F:9F:50:6E:DF:ED:42:DC:2D:E7:D5:B8:F7:2E:FA:92:61"}}},"request":{"raw":"GET /website-preview/rewrite.js HTTP/1.1\r\nHost: fantastic-cyan-walrus.54-179-179-29.wpsquared.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fantastic-cyan-walrus.54-179-179-29.wpsquared.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Wed, 04 Feb 2026 16:25:43 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 6212\r\nLast-Modified: Thu, 13 Nov 2025 17:51:44 GMT\r\nConnection: keep-alive\r\nETag: \"69161ab0-1844\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6212,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"2f886fe7021a2f9f21728763afc4afff","sha1":"8cd9f251ffab4a3c8d90f18d8fa9d90ba55a69de","sha256":"f34126446fd5857420ccec00c44b253ecc245215c87db751269f81e8cfa9c1d7","sha512":"4c8c9e3112bf45c2f5084a35ba5969f1c795094388bd9e70d08814f1b214e411f2f203415351ada77feb08e9f3ff9b8920dfe19291f42cd9ee2ec19755032555","ssdeep":"192:2jFAYxAq3DX/4CyR6DMCy9NSQw+gCyL4CymyZ00yie8GpyN:wAU3T5sSaQpyN","tlshash":"25d1105ab9f221b76a33703957efb680b975c2032105cb00bccda7641f60a2d1aa7bc5","first_seen":"2026-02-04T16:26:06.009724Z","last_seen":"2026-06-05T07:24:45.755523Z","times_seen":2,"resource_available":true,"data":null}},"time_used":352,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":352,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"fantastic-cyan-walrus.54-179-179-29.wpsquared.site","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}