{"report_id":"e8338a93-7af4-4267-9de2-2aafa6888a18","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-02-06T03:31:55Z","url":{"schema":"https","addr":"sterlhorizonltd.com/au/","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":0,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"title":"MetaMask","dom":{"size":1431317,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7476)","md5":"3d057071d4cbe20049184b0fa32ddf19","sha1":"e75fbb51fea42c22bfb1f2ad113257506bb3b8e0","sha256":"d686f8d97bfe4d14c519b33307560136ca2db9810627332a2cee09e1b4f45531","sha512":"c535bfae01b5138d4a21ff896c7053e3be8761257ad555f2941c8a0f4a1cb9a4f9173ac6e61e7b28249de6856cdd6282c7cd19fb11ea4569b771f718d25aecd4","ssdeep":"12288:aIiCfYIG2DdHaya6nrHQUIUrFECLlRJjTr42TSiTJKtAIOHLdMdhgyPZNIaNAEs6:a0fYxYdH9vdwAEs6","tlshash":"7265b5f6fdf71949341b2879956dd120b31c6847924eaf23bac4612cefc43fa4562b88","dom_hash":"domhashb7928f822ba1a096390ef18f55fd1228","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":0,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-13T03:31:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-02-06","alert":"Detects file containing Telegram Bot API","trigger":"sterlhorizonltd.com/au/?recovery_phrase=","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-02-06","alert":"Detects file containing Telegram Bot API","trigger":"sterlhorizonltd.com/au/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"ipapi.co","ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-04-19","domain_rank":7936,"first_seen":"2017-01-31T09:07:01Z","last_seen":"2026-02-04T12:01:59.027922Z","alert_count":0,"request_count":8,"received_data":6332,"sent_data":3512,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"sterlhorizonltd.com","ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"domain_registered":"2025-07-12","domain_rank":0,"first_seen":"2025-08-12T05:18:26.128482Z","last_seen":"2026-02-06T00:12:55.620055Z","alert_count":9,"request_count":9,"received_data":13437090,"sent_data":5018,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"raw.githubusercontent.com","ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":22021,"first_seen":"2014-03-01T07:08:08Z","last_seen":"2026-02-04T14:17:22.047479Z","alert_count":0,"request_count":8,"received_data":112225,"sent_data":3928,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}]},{"fqdn":"raffleslearning.com","ip":{"addr":"52.76.211.207","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"domain_registered":"2020-07-22","domain_rank":0,"first_seen":"2026-02-03T22:46:24.601358Z","last_seen":"2026-02-03T22:46:24.601358Z","alert_count":0,"request_count":8,"received_data":26106,"sent_data":3864,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"md5":"acdcd0a85b3ab33a75338f7a25054646","sha1":"dc09cdddcc75d383d56e6b1ab5103d927630a836","sha256":"231d8c416a14efd55c1ca1eaa4e22f6dc5f1942675a509a5eb5200e34abf4df5","sha512":"4265332a2e9f91b80938e6c4b3a1b33473c59d6b9f783a6c9fcb9262aaa94d8e05c6dba316d4dc45f452b01087c569f9a26c6a85998b3e63e1d22d5df42c9b22","size":9660,"token":"8514531060:AAGyzy7MfhxhtmbI_WB1we1NwRhgr5DCKOA","is_revoked":false,"bot":{"token":"8514531060:AAGyzy7MfhxhtmbI_WB1we1NwRhgr5DCKOA","user_id":"8514531060","username":"FreshamandyBot","first_name":"Freshamandy","last_name":"","chat":{"chat_id":"5582793263","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"md5":"acdcd0a85b3ab33a75338f7a25054646","sha1":"dc09cdddcc75d383d56e6b1ab5103d927630a836","sha256":"231d8c416a14efd55c1ca1eaa4e22f6dc5f1942675a509a5eb5200e34abf4df5","sha512":"4265332a2e9f91b80938e6c4b3a1b33473c59d6b9f783a6c9fcb9262aaa94d8e05c6dba316d4dc45f452b01087c569f9a26c6a85998b3e63e1d22d5df42c9b22","size":9660,"token":"8514531060:AAGyzy7MfhxhtmbI_WB1we1NwRhgr5DCKOA","is_revoked":false,"bot":{"token":"8514531060:AAGyzy7MfhxhtmbI_WB1we1NwRhgr5DCKOA","user_id":"8514531060","username":"FreshamandyBot","first_name":"Freshamandy","last_name":"","chat":{"chat_id":"5582793263","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7155d0a39c2fb7bee643c64fda8d14f1","sha1":"21524246c001f5d97ec83823f038bd03e2e4cb3f","sha256":"40ee6aae064a214f83ff398f8202bce80fe860c962dd0a78c0236c3982e8e4c2","sha512":"d246dac790ce2deedb39b3e71de4d6707ca39dfeb97d3ac78a7f95b4544e77d3a480bdab4db6868cb9726440749162fe851e0ae66ac8201be08a8d4bfd4b7542","ssdeep":"","tlshash":"16115927222233707ce9d5dca9b6d98e39bb501be40a0090b09f944d2c34bc944f7bec","size":861,"data":"","first_seen":"2023-03-12T15:49:33Z","last_seen":"2026-03-01T19:19:44.063491Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"7155d0a39c2fb7bee643c64fda8d14f1","sha1":"21524246c001f5d97ec83823f038bd03e2e4cb3f","sha256":"40ee6aae064a214f83ff398f8202bce80fe860c962dd0a78c0236c3982e8e4c2","sha512":"d246dac790ce2deedb39b3e71de4d6707ca39dfeb97d3ac78a7f95b4544e77d3a480bdab4db6868cb9726440749162fe851e0ae66ac8201be08a8d4bfd4b7542","ssdeep":"","tlshash":"16115927222233707ce9d5dca9b6d98e39bb501be40a0090b09f944d2c34bc944f7bec","size":861,"data":"","first_seen":"2023-03-12T15:49:33Z","last_seen":"2026-03-01T19:19:44.063491Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4ca6f03e651a860c1fa8cbd49b1fea9","sha1":"3d18a4cce9a7b3a7c96f0dd7780f198126b00126","sha256":"b4e26da648426e6a9f4da35864f58e2dec5514f62041c958c0e026340d990c1f","sha512":"735389cbe20f332fe10fdf353a7fe4a7d750f44bd37ac64d300c50d6b624e2df28caa9707f9137d0d14bd883f60dc4e3ff94ff31a148c1d15ffcb5be74a450bb","ssdeep":"96:KF/eEsCi+vfU99Fdko9ZeG22eGTss+SiRrjMidssSizwRTsSSirLch:c/eEsCiIfs3d/9MG2hGAsNynZs/gwhsX","tlshash":"95a1001d747922285a77a0feb38bac4661d79017a090ed493a8f83050fc2a74fbd56e9","size":4908,"data":"","first_seen":"2026-02-03T22:46:29.17268Z","last_seen":"2026-03-01T19:19:44.065004Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"acdcd0a85b3ab33a75338f7a25054646","sha1":"dc09cdddcc75d383d56e6b1ab5103d927630a836","sha256":"231d8c416a14efd55c1ca1eaa4e22f6dc5f1942675a509a5eb5200e34abf4df5","sha512":"4265332a2e9f91b80938e6c4b3a1b33473c59d6b9f783a6c9fcb9262aaa94d8e05c6dba316d4dc45f452b01087c569f9a26c6a85998b3e63e1d22d5df42c9b22","ssdeep":"192:XCC186gXk9IHapW2bWO8LYRzLk9M1axvsu+zdUW6IQbZWgB:XCCi6g09ICbWO8yMGu+BJ63B","tlshash":"4212509e25fb11314a6378f913afa6063531a01bb440ed593a9dc3d00fa1ea5dc737ea","size":9660,"data":"","first_seen":"2026-02-06T00:13:01.219296Z","last_seen":"2026-03-01T19:19:44.066618Z","times_seen":5,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-02-06","alert":"Detects file containing Telegram Bot API","trigger":"sterlhorizonltd.com/au/?recovery_phrase=","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c4ca6f03e651a860c1fa8cbd49b1fea9","sha1":"3d18a4cce9a7b3a7c96f0dd7780f198126b00126","sha256":"b4e26da648426e6a9f4da35864f58e2dec5514f62041c958c0e026340d990c1f","sha512":"735389cbe20f332fe10fdf353a7fe4a7d750f44bd37ac64d300c50d6b624e2df28caa9707f9137d0d14bd883f60dc4e3ff94ff31a148c1d15ffcb5be74a450bb","ssdeep":"96:KF/eEsCi+vfU99Fdko9ZeG22eGTss+SiRrjMidssSizwRTsSSirLch:c/eEsCiIfs3d/9MG2hGAsNynZs/gwhsX","tlshash":"95a1001d747922285a77a0feb38bac4661d79017a090ed493a8f83050fc2a74fbd56e9","size":4908,"data":"","first_seen":"2026-02-03T22:46:29.17268Z","last_seen":"2026-03-01T19:19:44.065004Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"acdcd0a85b3ab33a75338f7a25054646","sha1":"dc09cdddcc75d383d56e6b1ab5103d927630a836","sha256":"231d8c416a14efd55c1ca1eaa4e22f6dc5f1942675a509a5eb5200e34abf4df5","sha512":"4265332a2e9f91b80938e6c4b3a1b33473c59d6b9f783a6c9fcb9262aaa94d8e05c6dba316d4dc45f452b01087c569f9a26c6a85998b3e63e1d22d5df42c9b22","ssdeep":"192:XCC186gXk9IHapW2bWO8LYRzLk9M1axvsu+zdUW6IQbZWgB:XCCi6g09ICbWO8yMGu+BJ63B","tlshash":"4212509e25fb11314a6378f913afa6063531a01bb440ed593a9dc3d00fa1ea5dc737ea","size":9660,"data":"","first_seen":"2026-02-06T00:13:01.219296Z","last_seen":"2026-03-01T19:19:44.066618Z","times_seen":5,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-02-06","alert":"Detects file containing Telegram Bot API","trigger":"sterlhorizonltd.com/au/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:27.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Fri, 06 Feb 2026 03:31:27 GMT\r\ncontent-type: text/plain\r\ncontent-length: 109\r\nretry-after: 2893\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B71WRO19vltTd%2BcwR8EBufZ7KV2ZiLnchq40VNJf7HlwOwhnwtJC%2F1YGXGrzx35Y3uMub0whp6RsK5Brrkhbx1qcjpHq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9c979320e999712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"c3159f773282f6ca3a22581044699ff9","sha1":"85835e662022f3f574110238bc76a0a41756759a","sha256":"172548325ccff37cd04998aefa5ffcaaa343d1f18fc5541fc7bb229994f4d92d","sha512":"12c0f48cf84315f1c6b3c2b0b2cba3825c44705ec68624e4f462e1709bf8d10fe642a99e1ac2d493bf3b2c7e759dea3ab4d6d49314f7abfe979c941faf485e65","ssdeep":"","tlshash":"5cb0124ad1d40b2002d017fd83a9f26cfaa788343aec13b89464307e1651447375dd4c","first_seen":"2026-01-07T00:37:32.012541Z","last_seen":"2026-03-13T19:52:28.279392Z","times_seen":723,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T03:31:32.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.sterlhorizonltd.com.skytrustheritage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Feb 2026 19:25:41 GMT","end":"Mon, 04 May 2026 19:25:40 GMT"},"fingerprint":{"sha1":"05:83:38:0C:D3:78:14:55:2A:D2:0A:0C:B7:BC:20:33:7E:B3:19:E9","sha256":"24:88:62:EB:C6:4F:2B:D9:94:3B:E5:31:57:64:7E:F5:42:6F:78:45:FC:D3:39:A4:B3:42:A5:E2:AC:5E:1F:AD"}}},"request":{"raw":"GET /au/?recovery_phrase= HTTP/1.1\r\nHost: sterlhorizonltd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sterlhorizonltd.com/au/?recovery_phrase=\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Feb 2026 05:39:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1492802\r\ncontent-type: text/html\r\ndate: Fri, 06 Feb 2026 03:31:32 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1492802,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7479), with CRLF line terminators","md5":"2570b7f1dcfee8c5d6bf2bb88db0c8bc","sha1":"c9f4579a4ea4adb1d6fa8e161548ce1085103baa","sha256":"cebea53904ab15e1c984d967aeb8e9d63963210da3e334810164893bf755744f","sha512":"a5286a62a6dddc36d03cfd4efdebb1f9d145031e582dca5432da0145a19141f5751ab6a8adf32fa538ec65577317e3943adf4af76c6663801a85cf115d047f49","ssdeep":"6144:csyOvOnfQIEJ2DpTHTdgEla6b0woxlRxZR9nzjrhhpWVzPnRqzwPLL2IAuCupyCg:bDvOnYIG2DdHaEa6brRqz/","tlshash":"982562a9dd43154a26737f39d36e9520ff152877ab4e2762b9c0a01cafd47e84029ecc","first_seen":"2025-09-17T14:40:46.91789Z","last_seen":"2026-03-01T19:19:44.059894Z","times_seen":8,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":123,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:35.452Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: D04A:28C6C7:622CCD:6BE320:6982AB17\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Fri, 06 Feb 2026 03:31:35 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410025-HEL\r\nx-cache: HIT\r\nx-cache-hits: 8\r\nx-timer: S1770348695.459364,VS0,VE0\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: a55c683bd5d2d967d5f6060e4dbe487432772740\r\nexpires: Fri, 06 Feb 2026 03:36:35 GMT\r\nsource-age: 50\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":13116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-04-15T16:52:55.284599Z","times_seen":253,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:40.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Fri, 06 Feb 2026 03:31:40 GMT\r\ncontent-type: text/plain\r\ncontent-length: 109\r\nretry-after: 2880\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R8NoZSoU2CldsLPq8OIKd73SZ2AUaznlqPkrDspEXuBggGt23dhCcKktNt50YwTrYKexg2Db2O5%2F8WBva%2FEQh0pt%2FpOI\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9c97937409c4712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"c3159f773282f6ca3a22581044699ff9","sha1":"85835e662022f3f574110238bc76a0a41756759a","sha256":"172548325ccff37cd04998aefa5ffcaaa343d1f18fc5541fc7bb229994f4d92d","sha512":"12c0f48cf84315f1c6b3c2b0b2cba3825c44705ec68624e4f462e1709bf8d10fe642a99e1ac2d493bf3b2c7e759dea3ab4d6d49314f7abfe979c941faf485e65","ssdeep":"","tlshash":"5cb0124ad1d40b2002d017fd83a9f26cfaa788343aec13b89464307e1651447375dd4c","first_seen":"2026-01-07T00:37:32.012541Z","last_seen":"2026-03-13T19:52:28.279392Z","times_seen":723,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T03:31:23.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.sterlhorizonltd.com.skytrustheritage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Feb 2026 19:25:41 GMT","end":"Mon, 04 May 2026 19:25:40 GMT"},"fingerprint":{"sha1":"05:83:38:0C:D3:78:14:55:2A:D2:0A:0C:B7:BC:20:33:7E:B3:19:E9","sha256":"24:88:62:EB:C6:4F:2B:D9:94:3B:E5:31:57:64:7E:F5:42:6F:78:45:FC:D3:39:A4:B3:42:A5:E2:AC:5E:1F:AD"}}},"request":{"raw":"GET /au/?recovery_phrase= HTTP/1.1\r\nHost: sterlhorizonltd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sterlhorizonltd.com/au/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Feb 2026 05:39:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1492802\r\ncontent-type: text/html\r\ndate: Fri, 06 Feb 2026 03:31:23 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1492802,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7479), with CRLF line terminators","md5":"2570b7f1dcfee8c5d6bf2bb88db0c8bc","sha1":"c9f4579a4ea4adb1d6fa8e161548ce1085103baa","sha256":"cebea53904ab15e1c984d967aeb8e9d63963210da3e334810164893bf755744f","sha512":"a5286a62a6dddc36d03cfd4efdebb1f9d145031e582dca5432da0145a19141f5751ab6a8adf32fa538ec65577317e3943adf4af76c6663801a85cf115d047f49","ssdeep":"6144:csyOvOnfQIEJ2DpTHTdgEla6b0woxlRxZR9nzjrhhpWVzPnRqzwPLL2IAuCupyCg:bDvOnYIG2DdHaEa6brRqz/","tlshash":"982562a9dd43154a26737f39d36e9520ff152877ab4e2762b9c0a01cafd47e84029ecc","first_seen":"2025-09-17T14:40:46.91789Z","last_seen":"2026-03-01T19:19:44.059894Z","times_seen":8,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"raffleslearning.com/wp-content/plugins/wp-optimize/js/metamask-fox.svg","fqdn":"raffleslearning.com","domain":"raffleslearning.com","tld":"com"},"ip":{"addr":"52.76.211.207","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:23.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"raffleslearning.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 22 Aug 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:4B:3A:CF:72:14:6D:22:20:09:CA:45:59:43:8E:4E:CE:E0:89:07","sha256":"5D:BD:BA:E5:C5:7C:54:14:C8:3B:35:02:80:8B:CA:00:EF:6B:6C:AA:6B:5F:CC:5A:81:DC:E6:3F:FC:AF:11:11"}}},"request":{"raw":"GET /wp-content/plugins/wp-optimize/js/metamask-fox.svg HTTP/1.1\r\nHost: raffleslearning.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 03:31:24 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nPermissions-Policy: geolocation=(self), microphone=()\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nLast-Modified: Tue, 03 Feb 2026 04:29:54 GMT\r\nETag: \"ab7-649e3e42afd6c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2743\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2743,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4996138606cfa7014efff76c2f2b00d","sha1":"5e93e9539ca90071f290d668e379f066169f1420","sha256":"63460a5753c47f2c58c3caa61921e336dd428d4cd435ce2b8ba3f099c5883fa3","sha512":"27de54ef4e56ddab16937ae960d1569e36cd149f331f55fd722b968f7d0d562cce2865cef319cc4ba13939071a39b32d1b42b3bf2c7a2235bb4a524e56768fe7","ssdeep":"","tlshash":"c451edd8b3084369dd148b6c5e5f257a20177cedb168a5c09ec6298560b8bbf8cbcdc5","first_seen":"2025-06-27T11:16:50.373223Z","last_seen":"2026-04-10T14:28:36.088547Z","times_seen":53,"resource_available":false,"data":null}},"time_used":345,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":345,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:23.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Fri, 06 Feb 2026 03:31:23 GMT\r\ncontent-type: text/plain\r\ncontent-length: 109\r\nretry-after: 2897\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yBh4YeihN8CRcOT%2F1H9nOQwcBWhLf%2Bb4G2UqEvd5JfdSaBaBqBSFGlrgrL89X%2F75jaB4YR418Riu9yaXGM9AG1TBeBM1\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9c97930a3d2d712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"c3159f773282f6ca3a22581044699ff9","sha1":"85835e662022f3f574110238bc76a0a41756759a","sha256":"172548325ccff37cd04998aefa5ffcaaa343d1f18fc5541fc7bb229994f4d92d","sha512":"12c0f48cf84315f1c6b3c2b0b2cba3825c44705ec68624e4f462e1709bf8d10fe642a99e1ac2d493bf3b2c7e759dea3ab4d6d49314f7abfe979c941faf485e65","ssdeep":"","tlshash":"5cb0124ad1d40b2002d017fd83a9f26cfaa788343aec13b89464307e1651447375dd4c","first_seen":"2026-01-07T00:37:32.012541Z","last_seen":"2026-03-13T19:52:28.279392Z","times_seen":723,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:27.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: D04A:28C6C7:622CCD:6BE320:6982AB17\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Fri, 06 Feb 2026 03:31:27 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410025-HEL\r\nx-cache: HIT\r\nx-cache-hits: 5\r\nx-timer: S1770348687.408144,VS0,VE0\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: 739e4ee514dfb71809a70a90f4a1211fabdc7ea4\r\nexpires: Fri, 06 Feb 2026 03:36:27 GMT\r\nsource-age: 42\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":13116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-04-15T16:52:55.284599Z","times_seen":253,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T03:31:29.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.sterlhorizonltd.com.skytrustheritage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Feb 2026 19:25:41 GMT","end":"Mon, 04 May 2026 19:25:40 GMT"},"fingerprint":{"sha1":"05:83:38:0C:D3:78:14:55:2A:D2:0A:0C:B7:BC:20:33:7E:B3:19:E9","sha256":"24:88:62:EB:C6:4F:2B:D9:94:3B:E5:31:57:64:7E:F5:42:6F:78:45:FC:D3:39:A4:B3:42:A5:E2:AC:5E:1F:AD"}}},"request":{"raw":"GET /au/?recovery_phrase= HTTP/1.1\r\nHost: sterlhorizonltd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sterlhorizonltd.com/au/?recovery_phrase=\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Feb 2026 05:39:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1492802\r\ncontent-type: text/html\r\ndate: Fri, 06 Feb 2026 03:31:29 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1492802,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7479), with CRLF line terminators","md5":"2570b7f1dcfee8c5d6bf2bb88db0c8bc","sha1":"c9f4579a4ea4adb1d6fa8e161548ce1085103baa","sha256":"cebea53904ab15e1c984d967aeb8e9d63963210da3e334810164893bf755744f","sha512":"a5286a62a6dddc36d03cfd4efdebb1f9d145031e582dca5432da0145a19141f5751ab6a8adf32fa538ec65577317e3943adf4af76c6663801a85cf115d047f49","ssdeep":"6144:csyOvOnfQIEJ2DpTHTdgEla6b0woxlRxZR9nzjrhhpWVzPnRqzwPLL2IAuCupyCg:bDvOnYIG2DdHaEa6brRqz/","tlshash":"982562a9dd43154a26737f39d36e9520ff152877ab4e2762b9c0a01cafd47e84029ecc","first_seen":"2025-09-17T14:40:46.91789Z","last_seen":"2026-03-01T19:19:44.059894Z","times_seen":8,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T03:31:40.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.sterlhorizonltd.com.skytrustheritage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Feb 2026 19:25:41 GMT","end":"Mon, 04 May 2026 19:25:40 GMT"},"fingerprint":{"sha1":"05:83:38:0C:D3:78:14:55:2A:D2:0A:0C:B7:BC:20:33:7E:B3:19:E9","sha256":"24:88:62:EB:C6:4F:2B:D9:94:3B:E5:31:57:64:7E:F5:42:6F:78:45:FC:D3:39:A4:B3:42:A5:E2:AC:5E:1F:AD"}}},"request":{"raw":"GET /au/?recovery_phrase= HTTP/1.1\r\nHost: sterlhorizonltd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sterlhorizonltd.com/au/?recovery_phrase=\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Feb 2026 05:39:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1492802\r\ncontent-type: text/html\r\ndate: Fri, 06 Feb 2026 03:31:40 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1492802,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7479), with CRLF line terminators","md5":"2570b7f1dcfee8c5d6bf2bb88db0c8bc","sha1":"c9f4579a4ea4adb1d6fa8e161548ce1085103baa","sha256":"cebea53904ab15e1c984d967aeb8e9d63963210da3e334810164893bf755744f","sha512":"a5286a62a6dddc36d03cfd4efdebb1f9d145031e582dca5432da0145a19141f5751ab6a8adf32fa538ec65577317e3943adf4af76c6663801a85cf115d047f49","ssdeep":"6144:csyOvOnfQIEJ2DpTHTdgEla6b0woxlRxZR9nzjrhhpWVzPnRqzwPLL2IAuCupyCg:bDvOnYIG2DdHaEa6brRqz/","tlshash":"982562a9dd43154a26737f39d36e9520ff152877ab4e2762b9c0a01cafd47e84029ecc","first_seen":"2025-09-17T14:40:46.91789Z","last_seen":"2026-03-01T19:19:44.059894Z","times_seen":8,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/","date":"2026-02-06T03:31:21.066Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: D04A:28C6C7:622CCD:6BE320:6982AB17\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Fri, 06 Feb 2026 03:31:21 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410025-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1770348681.110455,VS0,VE2\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: ed7a09492276b649e0cdf6105d6f055a8c3a328a\r\nexpires: Fri, 06 Feb 2026 03:36:21 GMT\r\nsource-age: 36\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":13116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-04-15T16:52:55.284599Z","times_seen":253,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":37,"dns":1,"connect":13,"send":0,"wait":16,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T03:31:26.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.sterlhorizonltd.com.skytrustheritage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Feb 2026 19:25:41 GMT","end":"Mon, 04 May 2026 19:25:40 GMT"},"fingerprint":{"sha1":"05:83:38:0C:D3:78:14:55:2A:D2:0A:0C:B7:BC:20:33:7E:B3:19:E9","sha256":"24:88:62:EB:C6:4F:2B:D9:94:3B:E5:31:57:64:7E:F5:42:6F:78:45:FC:D3:39:A4:B3:42:A5:E2:AC:5E:1F:AD"}}},"request":{"raw":"GET /au/?recovery_phrase= HTTP/1.1\r\nHost: sterlhorizonltd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sterlhorizonltd.com/au/?recovery_phrase=\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Feb 2026 05:39:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1492802\r\ncontent-type: text/html\r\ndate: Fri, 06 Feb 2026 03:31:26 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1492802,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7479), with CRLF line terminators","md5":"2570b7f1dcfee8c5d6bf2bb88db0c8bc","sha1":"c9f4579a4ea4adb1d6fa8e161548ce1085103baa","sha256":"cebea53904ab15e1c984d967aeb8e9d63963210da3e334810164893bf755744f","sha512":"a5286a62a6dddc36d03cfd4efdebb1f9d145031e582dca5432da0145a19141f5751ab6a8adf32fa538ec65577317e3943adf4af76c6663801a85cf115d047f49","ssdeep":"6144:csyOvOnfQIEJ2DpTHTdgEla6b0woxlRxZR9nzjrhhpWVzPnRqzwPLL2IAuCupyCg:bDvOnYIG2DdHaEa6brRqz/","tlshash":"982562a9dd43154a26737f39d36e9520ff152877ab4e2762b9c0a01cafd47e84029ecc","first_seen":"2025-09-17T14:40:46.91789Z","last_seen":"2026-03-01T19:19:44.059894Z","times_seen":8,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":145,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"raffleslearning.com/wp-content/plugins/wp-optimize/js/metamask-fox.svg","fqdn":"raffleslearning.com","domain":"raffleslearning.com","tld":"com"},"ip":{"addr":"52.76.211.207","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:27.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"raffleslearning.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 22 Aug 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:4B:3A:CF:72:14:6D:22:20:09:CA:45:59:43:8E:4E:CE:E0:89:07","sha256":"5D:BD:BA:E5:C5:7C:54:14:C8:3B:35:02:80:8B:CA:00:EF:6B:6C:AA:6B:5F:CC:5A:81:DC:E6:3F:FC:AF:11:11"}}},"request":{"raw":"GET /wp-content/plugins/wp-optimize/js/metamask-fox.svg HTTP/1.1\r\nHost: raffleslearning.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 03:31:27 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nPermissions-Policy: geolocation=(self), microphone=()\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nLast-Modified: Tue, 03 Feb 2026 04:29:54 GMT\r\nETag: \"ab7-649e3e42afd6c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2743\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2743,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4996138606cfa7014efff76c2f2b00d","sha1":"5e93e9539ca90071f290d668e379f066169f1420","sha256":"63460a5753c47f2c58c3caa61921e336dd428d4cd435ce2b8ba3f099c5883fa3","sha512":"27de54ef4e56ddab16937ae960d1569e36cd149f331f55fd722b968f7d0d562cce2865cef319cc4ba13939071a39b32d1b42b3bf2c7a2235bb4a524e56768fe7","ssdeep":"","tlshash":"c451edd8b3084369dd148b6c5e5f257a20177cedb168a5c09ec6298560b8bbf8cbcdc5","first_seen":"2025-06-27T11:16:50.373223Z","last_seen":"2026-04-10T14:28:36.088547Z","times_seen":53,"resource_available":false,"data":null}},"time_used":1180,"timings":{"blocked":465,"dns":0,"connect":0,"send":0,"wait":350,"receive":1,"ssl":364},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:30.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: D04A:28C6C7:622CCD:6BE320:6982AB17\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Fri, 06 Feb 2026 03:31:30 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410025-HEL\r\nx-cache: HIT\r\nx-cache-hits: 6\r\nx-timer: S1770348690.185985,VS0,VE0\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: ffe1fa7064d658ffc895e4a38c35aec73121611a\r\nexpires: Fri, 06 Feb 2026 03:36:30 GMT\r\nsource-age: 45\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":13116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-04-15T16:52:55.284599Z","times_seen":253,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:32.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Fri, 06 Feb 2026 03:31:32 GMT\r\ncontent-type: text/plain\r\ncontent-length: 109\r\nretry-after: 2888\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7ywyzBlXZPtpiUtyJtY2snWdxn7qqua60rn3YwZ0jWRBto9kYhnv%2B2i2fj5CRLLA6jbhNuw30lcaVJcP2DnmF01tFE4v\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9c979342982e712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"c3159f773282f6ca3a22581044699ff9","sha1":"85835e662022f3f574110238bc76a0a41756759a","sha256":"172548325ccff37cd04998aefa5ffcaaa343d1f18fc5541fc7bb229994f4d92d","sha512":"12c0f48cf84315f1c6b3c2b0b2cba3825c44705ec68624e4f462e1709bf8d10fe642a99e1ac2d493bf3b2c7e759dea3ab4d6d49314f7abfe979c941faf485e65","ssdeep":"","tlshash":"5cb0124ad1d40b2002d017fd83a9f26cfaa788343aec13b89464307e1651447375dd4c","first_seen":"2026-01-07T00:37:32.012541Z","last_seen":"2026-03-13T19:52:28.279392Z","times_seen":723,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T03:31:35.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.sterlhorizonltd.com.skytrustheritage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Feb 2026 19:25:41 GMT","end":"Mon, 04 May 2026 19:25:40 GMT"},"fingerprint":{"sha1":"05:83:38:0C:D3:78:14:55:2A:D2:0A:0C:B7:BC:20:33:7E:B3:19:E9","sha256":"24:88:62:EB:C6:4F:2B:D9:94:3B:E5:31:57:64:7E:F5:42:6F:78:45:FC:D3:39:A4:B3:42:A5:E2:AC:5E:1F:AD"}}},"request":{"raw":"GET /au/?recovery_phrase= HTTP/1.1\r\nHost: sterlhorizonltd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sterlhorizonltd.com/au/?recovery_phrase=\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Feb 2026 05:39:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1492802\r\ncontent-type: text/html\r\ndate: Fri, 06 Feb 2026 03:31:35 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1492802,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7479), with CRLF line terminators","md5":"2570b7f1dcfee8c5d6bf2bb88db0c8bc","sha1":"c9f4579a4ea4adb1d6fa8e161548ce1085103baa","sha256":"cebea53904ab15e1c984d967aeb8e9d63963210da3e334810164893bf755744f","sha512":"a5286a62a6dddc36d03cfd4efdebb1f9d145031e582dca5432da0145a19141f5751ab6a8adf32fa538ec65577317e3943adf4af76c6663801a85cf115d047f49","ssdeep":"6144:csyOvOnfQIEJ2DpTHTdgEla6b0woxlRxZR9nzjrhhpWVzPnRqzwPLL2IAuCupyCg:bDvOnYIG2DdHaEa6brRqz/","tlshash":"982562a9dd43154a26737f39d36e9520ff152877ab4e2762b9c0a01cafd47e84029ecc","first_seen":"2025-09-17T14:40:46.91789Z","last_seen":"2026-03-01T19:19:44.059894Z","times_seen":8,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T03:31:20.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.sterlhorizonltd.com.skytrustheritage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Feb 2026 19:25:41 GMT","end":"Mon, 04 May 2026 19:25:40 GMT"},"fingerprint":{"sha1":"05:83:38:0C:D3:78:14:55:2A:D2:0A:0C:B7:BC:20:33:7E:B3:19:E9","sha256":"24:88:62:EB:C6:4F:2B:D9:94:3B:E5:31:57:64:7E:F5:42:6F:78:45:FC:D3:39:A4:B3:42:A5:E2:AC:5E:1F:AD"}}},"request":{"raw":"GET /au/ HTTP/1.1\r\nHost: sterlhorizonltd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Feb 2026 05:39:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1492802\r\ncontent-type: text/html\r\ndate: Fri, 06 Feb 2026 03:31:20 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1492802,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7479), with CRLF line terminators","md5":"2570b7f1dcfee8c5d6bf2bb88db0c8bc","sha1":"c9f4579a4ea4adb1d6fa8e161548ce1085103baa","sha256":"cebea53904ab15e1c984d967aeb8e9d63963210da3e334810164893bf755744f","sha512":"a5286a62a6dddc36d03cfd4efdebb1f9d145031e582dca5432da0145a19141f5751ab6a8adf32fa538ec65577317e3943adf4af76c6663801a85cf115d047f49","ssdeep":"6144:csyOvOnfQIEJ2DpTHTdgEla6b0woxlRxZR9nzjrhhpWVzPnRqzwPLL2IAuCupyCg:bDvOnYIG2DdHaEa6brRqz/","tlshash":"982562a9dd43154a26737f39d36e9520ff152877ab4e2762b9c0a01cafd47e84029ecc","first_seen":"2025-09-17T14:40:46.91789Z","last_seen":"2026-03-01T19:19:44.059894Z","times_seen":8,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":36,"dns":1,"connect":16,"send":0,"wait":31,"receive":162,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"raffleslearning.com/wp-content/plugins/wp-optimize/js/metamask-fox.svg","fqdn":"raffleslearning.com","domain":"raffleslearning.com","tld":"com"},"ip":{"addr":"52.76.211.207","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sterlhorizonltd.com/au/","date":"2026-02-06T03:31:20.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"raffleslearning.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 22 Aug 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:4B:3A:CF:72:14:6D:22:20:09:CA:45:59:43:8E:4E:CE:E0:89:07","sha256":"5D:BD:BA:E5:C5:7C:54:14:C8:3B:35:02:80:8B:CA:00:EF:6B:6C:AA:6B:5F:CC:5A:81:DC:E6:3F:FC:AF:11:11"}}},"request":{"raw":"GET /wp-content/plugins/wp-optimize/js/metamask-fox.svg HTTP/1.1\r\nHost: raffleslearning.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 03:31:21 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nPermissions-Policy: geolocation=(self), microphone=()\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nLast-Modified: Tue, 03 Feb 2026 04:29:54 GMT\r\nETag: \"ab7-649e3e42afd6c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2743\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2743,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4996138606cfa7014efff76c2f2b00d","sha1":"5e93e9539ca90071f290d668e379f066169f1420","sha256":"63460a5753c47f2c58c3caa61921e336dd428d4cd435ce2b8ba3f099c5883fa3","sha512":"27de54ef4e56ddab16937ae960d1569e36cd149f331f55fd722b968f7d0d562cce2865cef319cc4ba13939071a39b32d1b42b3bf2c7a2235bb4a524e56768fe7","ssdeep":"","tlshash":"c451edd8b3084369dd148b6c5e5f257a20177cedb168a5c09ec6298560b8bbf8cbcdc5","first_seen":"2025-06-27T11:16:50.373223Z","last_seen":"2026-04-10T14:28:36.088547Z","times_seen":53,"resource_available":false,"data":null}},"time_used":1806,"timings":{"blocked":730,"dns":0,"connect":345,"send":0,"wait":346,"receive":0,"ssl":380},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/","date":"2026-02-06T03:31:21.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Fri, 06 Feb 2026 03:31:21 GMT\r\ncontent-type: text/plain\r\ncontent-length: 109\r\nretry-after: 2899\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BrEUh047TxOzHUPyABPb%2FMmZRDBz31p5FsltyIu1AFd127vQY6Q2XN2MENrhmQHAubSFLdWBrJhcTJiyFXAIJdiXMQDH\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9c9792f9ea94712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"c3159f773282f6ca3a22581044699ff9","sha1":"85835e662022f3f574110238bc76a0a41756759a","sha256":"172548325ccff37cd04998aefa5ffcaaa343d1f18fc5541fc7bb229994f4d92d","sha512":"12c0f48cf84315f1c6b3c2b0b2cba3825c44705ec68624e4f462e1709bf8d10fe642a99e1ac2d493bf3b2c7e759dea3ab4d6d49314f7abfe979c941faf485e65","ssdeep":"","tlshash":"5cb0124ad1d40b2002d017fd83a9f26cfaa788343aec13b89464307e1651447375dd4c","first_seen":"2026-01-07T00:37:32.012541Z","last_seen":"2026-03-13T19:52:28.279392Z","times_seen":723,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":57,"dns":34,"connect":1,"send":0,"wait":5,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T03:31:27.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.sterlhorizonltd.com.skytrustheritage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Feb 2026 19:25:41 GMT","end":"Mon, 04 May 2026 19:25:40 GMT"},"fingerprint":{"sha1":"05:83:38:0C:D3:78:14:55:2A:D2:0A:0C:B7:BC:20:33:7E:B3:19:E9","sha256":"24:88:62:EB:C6:4F:2B:D9:94:3B:E5:31:57:64:7E:F5:42:6F:78:45:FC:D3:39:A4:B3:42:A5:E2:AC:5E:1F:AD"}}},"request":{"raw":"GET /au/?recovery_phrase= HTTP/1.1\r\nHost: sterlhorizonltd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sterlhorizonltd.com/au/?recovery_phrase=\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Feb 2026 05:39:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1492802\r\ncontent-type: text/html\r\ndate: Fri, 06 Feb 2026 03:31:27 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1492802,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7479), with CRLF line terminators","md5":"2570b7f1dcfee8c5d6bf2bb88db0c8bc","sha1":"c9f4579a4ea4adb1d6fa8e161548ce1085103baa","sha256":"cebea53904ab15e1c984d967aeb8e9d63963210da3e334810164893bf755744f","sha512":"a5286a62a6dddc36d03cfd4efdebb1f9d145031e582dca5432da0145a19141f5751ab6a8adf32fa538ec65577317e3943adf4af76c6663801a85cf115d047f49","ssdeep":"6144:csyOvOnfQIEJ2DpTHTdgEla6b0woxlRxZR9nzjrhhpWVzPnRqzwPLL2IAuCupyCg:bDvOnYIG2DdHaEa6brRqz/","tlshash":"982562a9dd43154a26737f39d36e9520ff152877ab4e2762b9c0a01cafd47e84029ecc","first_seen":"2025-09-17T14:40:46.91789Z","last_seen":"2026-03-01T19:19:44.059894Z","times_seen":8,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":83,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:30.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Fri, 06 Feb 2026 03:31:30 GMT\r\ncontent-type: text/plain\r\ncontent-length: 109\r\nretry-after: 2890\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uP31jOvj6WDQHe5wKESCVIsu9HIjkeBbwozZXR68m5IrODCeBuflAfW%2F3YvLsG18kK7gO0HGsjROjXyeA%2ByAhV9nWDF4\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9c979331ecdf712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"c3159f773282f6ca3a22581044699ff9","sha1":"85835e662022f3f574110238bc76a0a41756759a","sha256":"172548325ccff37cd04998aefa5ffcaaa343d1f18fc5541fc7bb229994f4d92d","sha512":"12c0f48cf84315f1c6b3c2b0b2cba3825c44705ec68624e4f462e1709bf8d10fe642a99e1ac2d493bf3b2c7e759dea3ab4d6d49314f7abfe979c941faf485e65","ssdeep":"","tlshash":"5cb0124ad1d40b2002d017fd83a9f26cfaa788343aec13b89464307e1651447375dd4c","first_seen":"2026-01-07T00:37:32.012541Z","last_seen":"2026-03-13T19:52:28.279392Z","times_seen":723,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raffleslearning.com/wp-content/plugins/wp-optimize/js/metamask-fox.svg","fqdn":"raffleslearning.com","domain":"raffleslearning.com","tld":"com"},"ip":{"addr":"52.76.211.207","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:38.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"raffleslearning.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 22 Aug 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:4B:3A:CF:72:14:6D:22:20:09:CA:45:59:43:8E:4E:CE:E0:89:07","sha256":"5D:BD:BA:E5:C5:7C:54:14:C8:3B:35:02:80:8B:CA:00:EF:6B:6C:AA:6B:5F:CC:5A:81:DC:E6:3F:FC:AF:11:11"}}},"request":{"raw":"GET /wp-content/plugins/wp-optimize/js/metamask-fox.svg HTTP/1.1\r\nHost: raffleslearning.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 03:31:38 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nPermissions-Policy: geolocation=(self), microphone=()\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nLast-Modified: Tue, 03 Feb 2026 04:29:54 GMT\r\nETag: \"ab7-649e3e42afd6c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2743\r\nKeep-Alive: timeout=5, max=96\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2743,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4996138606cfa7014efff76c2f2b00d","sha1":"5e93e9539ca90071f290d668e379f066169f1420","sha256":"63460a5753c47f2c58c3caa61921e336dd428d4cd435ce2b8ba3f099c5883fa3","sha512":"27de54ef4e56ddab16937ae960d1569e36cd149f331f55fd722b968f7d0d562cce2865cef319cc4ba13939071a39b32d1b42b3bf2c7a2235bb4a524e56768fe7","ssdeep":"","tlshash":"c451edd8b3084369dd148b6c5e5f257a20177cedb168a5c09ec6298560b8bbf8cbcdc5","first_seen":"2025-06-27T11:16:50.373223Z","last_seen":"2026-04-10T14:28:36.088547Z","times_seen":53,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:23.825Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: D04A:28C6C7:622CCD:6BE320:6982AB17\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Fri, 06 Feb 2026 03:31:23 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410025-HEL\r\nx-cache: HIT\r\nx-cache-hits: 2\r\nx-timer: S1770348684.832879,VS0,VE0\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: ddc83d28476a81176e769577151e6b0d70436f15\r\nexpires: Fri, 06 Feb 2026 03:36:23 GMT\r\nsource-age: 39\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":13116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-04-15T16:52:55.284599Z","times_seen":253,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raffleslearning.com/wp-content/plugins/wp-optimize/js/metamask-fox.svg","fqdn":"raffleslearning.com","domain":"raffleslearning.com","tld":"com"},"ip":{"addr":"52.76.211.207","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:32.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"raffleslearning.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 22 Aug 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:4B:3A:CF:72:14:6D:22:20:09:CA:45:59:43:8E:4E:CE:E0:89:07","sha256":"5D:BD:BA:E5:C5:7C:54:14:C8:3B:35:02:80:8B:CA:00:EF:6B:6C:AA:6B:5F:CC:5A:81:DC:E6:3F:FC:AF:11:11"}}},"request":{"raw":"GET /wp-content/plugins/wp-optimize/js/metamask-fox.svg HTTP/1.1\r\nHost: raffleslearning.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 03:31:33 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nPermissions-Policy: geolocation=(self), microphone=()\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nLast-Modified: Tue, 03 Feb 2026 04:29:54 GMT\r\nETag: \"ab7-649e3e42afd6c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2743\r\nKeep-Alive: timeout=5, max=98\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2743,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4996138606cfa7014efff76c2f2b00d","sha1":"5e93e9539ca90071f290d668e379f066169f1420","sha256":"63460a5753c47f2c58c3caa61921e336dd428d4cd435ce2b8ba3f099c5883fa3","sha512":"27de54ef4e56ddab16937ae960d1569e36cd149f331f55fd722b968f7d0d562cce2865cef319cc4ba13939071a39b32d1b42b3bf2c7a2235bb4a524e56768fe7","ssdeep":"","tlshash":"c451edd8b3084369dd148b6c5e5f257a20177cedb168a5c09ec6298560b8bbf8cbcdc5","first_seen":"2025-06-27T11:16:50.373223Z","last_seen":"2026-04-10T14:28:36.088547Z","times_seen":53,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:32.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: D04A:28C6C7:622CCD:6BE320:6982AB17\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Fri, 06 Feb 2026 03:31:32 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410025-HEL\r\nx-cache: HIT\r\nx-cache-hits: 7\r\nx-timer: S1770348693.841672,VS0,VE0\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: e8879f04ea3ab93b65ab45198acb1fa7bdbd23b7\r\nexpires: Fri, 06 Feb 2026 03:36:32 GMT\r\nsource-age: 48\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":13116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-04-15T16:52:55.284599Z","times_seen":253,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raffleslearning.com/wp-content/plugins/wp-optimize/js/metamask-fox.svg","fqdn":"raffleslearning.com","domain":"raffleslearning.com","tld":"com"},"ip":{"addr":"52.76.211.207","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:35.448Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"raffleslearning.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 22 Aug 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:4B:3A:CF:72:14:6D:22:20:09:CA:45:59:43:8E:4E:CE:E0:89:07","sha256":"5D:BD:BA:E5:C5:7C:54:14:C8:3B:35:02:80:8B:CA:00:EF:6B:6C:AA:6B:5F:CC:5A:81:DC:E6:3F:FC:AF:11:11"}}},"request":{"raw":"GET /wp-content/plugins/wp-optimize/js/metamask-fox.svg HTTP/1.1\r\nHost: raffleslearning.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 03:31:35 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nPermissions-Policy: geolocation=(self), microphone=()\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nLast-Modified: Tue, 03 Feb 2026 04:29:54 GMT\r\nETag: \"ab7-649e3e42afd6c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2743\r\nKeep-Alive: timeout=5, max=97\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2743,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4996138606cfa7014efff76c2f2b00d","sha1":"5e93e9539ca90071f290d668e379f066169f1420","sha256":"63460a5753c47f2c58c3caa61921e336dd428d4cd435ce2b8ba3f099c5883fa3","sha512":"27de54ef4e56ddab16937ae960d1569e36cd149f331f55fd722b968f7d0d562cce2865cef319cc4ba13939071a39b32d1b42b3bf2c7a2235bb4a524e56768fe7","ssdeep":"","tlshash":"c451edd8b3084369dd148b6c5e5f257a20177cedb168a5c09ec6298560b8bbf8cbcdc5","first_seen":"2025-06-27T11:16:50.373223Z","last_seen":"2026-04-10T14:28:36.088547Z","times_seen":53,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:38.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: D04A:28C6C7:622CCD:6BE320:6982AB17\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Fri, 06 Feb 2026 03:31:38 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410025-HEL\r\nx-cache: HIT\r\nx-cache-hits: 9\r\nx-timer: S1770348698.045301,VS0,VE0\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: eb5a165f4d5463177e03e7c8664d778c421a7af5\r\nexpires: Fri, 06 Feb 2026 03:36:38 GMT\r\nsource-age: 53\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":13116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-04-15T16:52:55.284599Z","times_seen":253,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sterlhorizonltd.com/au/?recovery_phrase=","fqdn":"sterlhorizonltd.com","domain":"sterlhorizonltd.com","tld":"com"},"ip":{"addr":"213.165.249.109","port":443,"asn":22611,"as":"INMOTION","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-06T03:31:37.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.sterlhorizonltd.com.skytrustheritage.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 03 Feb 2026 19:25:41 GMT","end":"Mon, 04 May 2026 19:25:40 GMT"},"fingerprint":{"sha1":"05:83:38:0C:D3:78:14:55:2A:D2:0A:0C:B7:BC:20:33:7E:B3:19:E9","sha256":"24:88:62:EB:C6:4F:2B:D9:94:3B:E5:31:57:64:7E:F5:42:6F:78:45:FC:D3:39:A4:B3:42:A5:E2:AC:5E:1F:AD"}}},"request":{"raw":"GET /au/?recovery_phrase= HTTP/1.1\r\nHost: sterlhorizonltd.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://sterlhorizonltd.com/au/?recovery_phrase=\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 04 Feb 2026 05:39:24 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1492802\r\ncontent-type: text/html\r\ndate: Fri, 06 Feb 2026 03:31:37 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":1492802,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (7479), with CRLF line terminators","md5":"2570b7f1dcfee8c5d6bf2bb88db0c8bc","sha1":"c9f4579a4ea4adb1d6fa8e161548ce1085103baa","sha256":"cebea53904ab15e1c984d967aeb8e9d63963210da3e334810164893bf755744f","sha512":"a5286a62a6dddc36d03cfd4efdebb1f9d145031e582dca5432da0145a19141f5751ab6a8adf32fa538ec65577317e3943adf4af76c6663801a85cf115d047f49","ssdeep":"6144:csyOvOnfQIEJ2DpTHTdgEla6b0woxlRxZR9nzjrhhpWVzPnRqzwPLL2IAuCupyCg:bDvOnYIG2DdHaEa6brRqz/","tlshash":"982562a9dd43154a26737f39d36e9520ff152877ab4e2762b9c0a01cafd47e84029ecc","first_seen":"2025-09-17T14:40:46.91789Z","last_seen":"2026-03-01T19:19:44.059894Z","times_seen":8,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":131,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:35.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Fri, 06 Feb 2026 03:31:35 GMT\r\ncontent-type: text/plain\r\ncontent-length: 109\r\nretry-after: 2885\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DkM%2FbX0EWGPAdx7QcTyOfrowxBkLnmAvXcsFVicdH3mayFsCfdRvRvoiiBlT2b6AMv9f0vEUD3b31UAaduKQQMe2dGLq\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9c979352eb6c712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"c3159f773282f6ca3a22581044699ff9","sha1":"85835e662022f3f574110238bc76a0a41756759a","sha256":"172548325ccff37cd04998aefa5ffcaaa343d1f18fc5541fc7bb229994f4d92d","sha512":"12c0f48cf84315f1c6b3c2b0b2cba3825c44705ec68624e4f462e1709bf8d10fe642a99e1ac2d493bf3b2c7e759dea3ab4d6d49314f7abfe979c941faf485e65","ssdeep":"","tlshash":"5cb0124ad1d40b2002d017fd83a9f26cfaa788343aec13b89464307e1651447375dd4c","first_seen":"2026-01-07T00:37:32.012541Z","last_seen":"2026-03-13T19:52:28.279392Z","times_seen":723,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipapi.co/json/","fqdn":"ipapi.co","domain":"ipapi.co","tld":"co"},"ip":{"addr":"104.26.8.44","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:38.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ipapi.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Dec 2025 12:14:55 GMT","end":"Thu, 19 Mar 2026 13:14:43 GMT"},"fingerprint":{"sha1":"9F:6D:86:C5:B8:42:73:79:95:D9:AD:A7:9E:37:F2:54:CF:A0:9C:90","sha256":"C1:37:01:B7:C2:DD:54:62:A0:93:A6:F0:05:9D:5A:0C:55:E4:49:78:D8:DD:C8:9D:B1:B8:6B:75:83:70:B2:28"}}},"request":{"raw":"GET /json/ HTTP/1.1\r\nHost: ipapi.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\ndate: Fri, 06 Feb 2026 03:31:38 GMT\r\ncontent-type: text/plain\r\ncontent-length: 109\r\nretry-after: 2882\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\nx-frame-options: SAMEORIGIN\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fd%2F1VNEAe7WuN3kp4yTQnYZ4ZjX69v5uRqKLSKP4HLRwep5mPhqugNKYFKshfd8WrLgh9%2FeE%2FKoEgcTZ3h2J2xGK%2Bqq0\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9c9793639e52712a-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":109,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"c3159f773282f6ca3a22581044699ff9","sha1":"85835e662022f3f574110238bc76a0a41756759a","sha256":"172548325ccff37cd04998aefa5ffcaaa343d1f18fc5541fc7bb229994f4d92d","sha512":"12c0f48cf84315f1c6b3c2b0b2cba3825c44705ec68624e4f462e1709bf8d10fe642a99e1ac2d493bf3b2c7e759dea3ab4d6d49314f7abfe979c941faf485e65","ssdeep":"","tlshash":"5cb0124ad1d40b2002d017fd83a9f26cfaa788343aec13b89464307e1651447375dd4c","first_seen":"2026-01-07T00:37:32.012541Z","last_seen":"2026-03-13T19:52:28.279392Z","times_seen":723,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/bitcoin/bips/master/bip-0039/english.txt","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:40.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /bitcoin/bips/master/bip-0039/english.txt HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://sterlhorizonltd.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"a5d1c9e8297869cdc6e48c0ac63015d54e9275e637278b67ce58154d256f4087\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: D04A:28C6C7:622CCD:6BE320:6982AB17\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Fri, 06 Feb 2026 03:31:40 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410025-HEL\r\nx-cache: HIT\r\nx-cache-hits: 10\r\nx-timer: S1770348701.699250,VS0,VE0\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: 8a6ea04788291cc9e91ea362bd7c7d34b29babc2\r\nexpires: Fri, 06 Feb 2026 03:36:40 GMT\r\nsource-age: 56\r\ncontent-length: 6246\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":13116,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"f23506956964fa69c98fa3fb5c8823b5","sha1":"b2d5241ae027a0e40f06a33d909809a190f210fe","sha256":"2f5eed53a4727b4bf8880d8f3f199efc90e58503646d9ff8eff3a2ed3b24dbda","sha512":"416c71ba30018ea292bb36cdc23c9329673485a8d8933266a9d9a7cc72153b8baed3d430f52eab4f5d3addf6583611b3777a50454599f1e42716f5f879621123","ssdeep":"192:DAvLtKog3W8jiD1/oLpsExUKqlyjn6SybkSoxIFg/7mSX30hB8OnqdE5HpF2gS2:MvLAog/I1wdsExXxigaSUvRj5r","tlshash":"e6421a78a360353bfacb5a8fdc983f51da444e336e0264e4f66d5645184bc86cb28d2b","first_seen":"2024-08-19T17:47:39.898911Z","last_seen":"2026-04-15T16:52:55.284599Z","times_seen":253,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raffleslearning.com/wp-content/plugins/wp-optimize/js/metamask-fox.svg","fqdn":"raffleslearning.com","domain":"raffleslearning.com","tld":"com"},"ip":{"addr":"52.76.211.207","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:30.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"raffleslearning.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 22 Aug 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:4B:3A:CF:72:14:6D:22:20:09:CA:45:59:43:8E:4E:CE:E0:89:07","sha256":"5D:BD:BA:E5:C5:7C:54:14:C8:3B:35:02:80:8B:CA:00:EF:6B:6C:AA:6B:5F:CC:5A:81:DC:E6:3F:FC:AF:11:11"}}},"request":{"raw":"GET /wp-content/plugins/wp-optimize/js/metamask-fox.svg HTTP/1.1\r\nHost: raffleslearning.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 03:31:30 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nPermissions-Policy: geolocation=(self), microphone=()\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nLast-Modified: Tue, 03 Feb 2026 04:29:54 GMT\r\nETag: \"ab7-649e3e42afd6c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2743\r\nKeep-Alive: timeout=5, max=99\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2743,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4996138606cfa7014efff76c2f2b00d","sha1":"5e93e9539ca90071f290d668e379f066169f1420","sha256":"63460a5753c47f2c58c3caa61921e336dd428d4cd435ce2b8ba3f099c5883fa3","sha512":"27de54ef4e56ddab16937ae960d1569e36cd149f331f55fd722b968f7d0d562cce2865cef319cc4ba13939071a39b32d1b42b3bf2c7a2235bb4a524e56768fe7","ssdeep":"","tlshash":"c451edd8b3084369dd148b6c5e5f257a20177cedb168a5c09ec6298560b8bbf8cbcdc5","first_seen":"2025-06-27T11:16:50.373223Z","last_seen":"2026-04-10T14:28:36.088547Z","times_seen":53,"resource_available":false,"data":null}},"time_used":352,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":351,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"raffleslearning.com/wp-content/plugins/wp-optimize/js/metamask-fox.svg","fqdn":"raffleslearning.com","domain":"raffleslearning.com","tld":"com"},"ip":{"addr":"52.76.211.207","port":443,"asn":16509,"as":"AMAZON-02","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://sterlhorizonltd.com/au/?recovery_phrase=","date":"2026-02-06T03:31:40.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"raffleslearning.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Fri, 22 Aug 2025 00:00:00 GMT","end":"Tue, 30 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"42:4B:3A:CF:72:14:6D:22:20:09:CA:45:59:43:8E:4E:CE:E0:89:07","sha256":"5D:BD:BA:E5:C5:7C:54:14:C8:3B:35:02:80:8B:CA:00:EF:6B:6C:AA:6B:5F:CC:5A:81:DC:E6:3F:FC:AF:11:11"}}},"request":{"raw":"GET /wp-content/plugins/wp-optimize/js/metamask-fox.svg HTTP/1.1\r\nHost: raffleslearning.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://sterlhorizonltd.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Fri, 06 Feb 2026 03:31:40 GMT\r\nServer: Apache/2.4.52 (Ubuntu)\r\nX-Frame-Options: SAMEORIGIN\r\nX-Content-Type-Options: nosniff\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nPermissions-Policy: geolocation=(self), microphone=()\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\nLast-Modified: Tue, 03 Feb 2026 04:29:54 GMT\r\nETag: \"ab7-649e3e42afd6c\"\r\nAccept-Ranges: bytes\r\nContent-Length: 2743\r\nKeep-Alive: timeout=5, max=95\r\nConnection: Keep-Alive\r\nContent-Type: image/svg+xml\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.52","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2743,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4996138606cfa7014efff76c2f2b00d","sha1":"5e93e9539ca90071f290d668e379f066169f1420","sha256":"63460a5753c47f2c58c3caa61921e336dd428d4cd435ce2b8ba3f099c5883fa3","sha512":"27de54ef4e56ddab16937ae960d1569e36cd149f331f55fd722b968f7d0d562cce2865cef319cc4ba13939071a39b32d1b42b3bf2c7a2235bb4a524e56768fe7","ssdeep":"","tlshash":"c451edd8b3084369dd148b6c5e5f257a20177cedb168a5c09ec6298560b8bbf8cbcdc5","first_seen":"2025-06-27T11:16:50.373223Z","last_seen":"2026-04-10T14:28:36.088547Z","times_seen":53,"resource_available":false,"data":null}},"time_used":351,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":351,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}