{"report_id":"f88203bf-7ffb-42de-9a9a-a00e4eee5637","version":6,"status":"done","tags":[],"date":"2025-10-09T22:52:52Z","url":{"schema":"http","addr":"bdquickshop.com","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"bdquickshop.com/Login","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"title":"- Login Page"},"submit":{"url":{"schema":"http","addr":"bdquickshop.com","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-13T22:52:52Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-10-05T22:15:09.164871Z","alert_count":0,"request_count":2,"received_data":139570,"sent_data":1021,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bdquickshop.com","ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":18,"request_count":9,"received_data":278476,"sent_data":4643,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:2.1.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"CodeIgniter","description":"","website":"https://codeigniter.com","common_platform_enumeration":"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*","icon":"CodeIgniter.png","categories":["Web frameworks"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-05T22:12:06.373682Z","alert_count":0,"request_count":1,"received_data":7880,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":3,"received_data":26134,"sent_data":1613,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bdquickshop.com/assets/js/jquery-2.1.4.min.js","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-04T15:58:35.802253Z","times_seen":10387,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/assets/js/toastr.min.js","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b36f28de584845317de40a7219c82b1c","sha1":"6de8657c8782561bc023478ab708179ed846db1a","sha256":"ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09","sha512":"54477e9eadb90a447aefa3bea4b0670d6d3d47b5505fd31d8a28f4e768150a9e72547de31ad1fbd07a3f514bf89890ec11d4efa91085660d0d2868a88c69d40b","ssdeep":"96:LozfdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrI:Mzf4BtcvvRqIQcNa74ccrI","tlshash":"f7b19384b220bb8b5b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","size":5537,"data":"","first_seen":"2023-03-07T01:28:39Z","last_seen":"2026-04-04T13:59:49.783183Z","times_seen":4586,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/Login","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"85a4d2d197eddcfab882ee9535fd500b","sha1":"b660b2d47f632ed17122187ce80fb92b91792473","sha256":"26fa6ad36405d8f96e2641894e086a85c9e1cee84054e21cdf60cdf87217b77c","sha512":"2cc37d05692caf9351af0c17295cece454636f843db6ae54cd506f1ef05b03292a7182704d343e19cc77140cf6d0007abcba4ce998b7fffba7f02674f7184199","ssdeep":"","tlshash":"b8211e41a73c5e960276c13f189c05c4217da0b7c40b00a6feeabb3c25b9677a734223","size":1382,"data":"","first_seen":"2025-10-09T22:52:57.253629Z","last_seen":"2025-10-09T22:52:57.253629Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"bdquickshop.com/Login","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-09T22:52:29.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bdquickshop.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:4E:D1:84:A6:36:41:14:3D:31:F0:2C:51:52:E5:D1:FC:AF:47:90","sha256":"3D:32:60:BC:ED:3E:C7:F6:C3:42:57:70:2C:DC:6F:7C:AD:45:06:9B:3C:33:C1:CC:58:80:48:4B:2B:2F:F0:A9"}}},"request":{"raw":"GET /Login HTTP/1.1\r\nHost: bdquickshop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ci_session=440f5784026aee3691f24ec92a1be263a791a5dc\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/7.3.33\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 1358\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 09 Oct 2025 22:52:29 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery:2.1.4","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":3726,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"47de88a0f8cf4ae21e8b0e4302a33158","sha1":"eaa2ff02ec396da36e4e2298dc30d7c32878cfe3","sha256":"854e8fe2a53bc2903e825a1159250df12227dc723b0221573dc472acfc2ea2fb","sha512":"c08c6fb848125abc6c6df31edec63a5c81232e13ec7728f01dff4b20fe4f5f6ede070b98ff5b1eddd184835491a91babc709d991f7d8ba73cb61e74205acb420","ssdeep":"","tlshash":"9f716002304c8d6b0262c3a7a071a65470afce36c2134555f7fa777b72e6e67aa21157","first_seen":"2025-10-09T22:52:57.240747Z","last_seen":"2025-10-09T22:52:57.240747Z","times_seen":1,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/assets/login/css/style.css","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bdquickshop.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:4E:D1:84:A6:36:41:14:3D:31:F0:2C:51:52:E5:D1:FC:AF:47:90","sha256":"3D:32:60:BC:ED:3E:C7:F6:C3:42:57:70:2C:DC:6F:7C:AD:45:06:9B:3C:33:C1:CC:58:80:48:4B:2B:2F:F0:A9"}}},"request":{"raw":"GET /assets/login/css/style.css HTTP/1.1\r\nHost: bdquickshop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bdquickshop.com/Login\r\nCookie: ci_session=440f5784026aee3691f24ec92a1be263a791a5dc\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Oct 2025 22:52:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 24 Sep 2025 10:45:53 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1122\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":5146,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"91316dc29f875c656fee1fe787cd6e64","sha1":"44823df9479d4d063e720c2becf00f7dd7e5d69d","sha256":"304284091ff9ae2167feacff39fed6deb9dd958a4f7e6ef38a176e35a22a9b42","sha512":"17441007c59f55238a8c6af1cb29930a749f1e3cbeb5cb9527331c154fc94bb5d5357be694532747673163d8c15ecd137741c93d87749d3dda563ec8c983c394","ssdeep":"96:YlxPDYA9Bqa6gxwIIi9YL0sxImK+0zN4idZg+:YjPDpea6gxw+mL0xmHqmUO+","tlshash":"adb1ff6c9a1a1142b233de682bf2675ce61d8073da4650ec7be462858ff9b345271fcc","first_seen":"2025-10-09T22:52:57.242047Z","last_seen":"2025-10-09T22:52:57.242047Z","times_seen":1,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"216.58.211.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Sep 2025 08:36:13 GMT","end":"Mon, 08 Dec 2025 08:36:12 GMT"},"fingerprint":{"sha1":"54:09:EF:2E:96:03:5C:86:DF:F0:DA:AC:A6:7A:0D:35:49:4E:68:90","sha256":"0E:84:83:07:1D:C1:46:17:EB:EA:2F:15:CE:88:56:D2:FF:9E:AE:31:D2:C3:FC:DA:00:24:46:48:43:CD:11:1F"}}},"request":{"raw":"GET /css2?family=Poppins:wght@200;300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bdquickshop.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 09 Oct 2025 22:52:30 GMT\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7194,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"c296663b40cee186ca04a40340440a19","sha1":"ed447c48b66fe190b15adfa6ab26e4825b1f9122","sha256":"bb915ab58fe67dc9c99703858743476223ff8c5c74eac015a2d18e8e42c07980","sha512":"c97ca46d874cbc700ca80f25c0dc8578a20842f128dd1a625ed03cd64c5240ff417c7a645a75d24a9ee0e22f5ac5ee150113457fd4f1651cb6f2f6dcb724bc2f","ssdeep":"96:SO6aKO6ayJc+ukO6aVN3O1arO1aTJc+ukO1aaN3OEanOEaCJc+ukOEauN3OXa3Om:/HaedhHdPgKQcXr3lVwa3RzJZ","tlshash":"8ce19dd1087be114ab831cc123ce7d36ee1e9255b810e5786bfd0c98adabc654372b2d","first_seen":"2025-09-19T15:09:59.324821Z","last_seen":"2026-04-04T02:41:18.546482Z","times_seen":261,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":60,"dns":1,"connect":7,"send":0,"wait":18,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/assets/login/images/loginbg.jpg","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.416Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bdquickshop.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:4E:D1:84:A6:36:41:14:3D:31:F0:2C:51:52:E5:D1:FC:AF:47:90","sha256":"3D:32:60:BC:ED:3E:C7:F6:C3:42:57:70:2C:DC:6F:7C:AD:45:06:9B:3C:33:C1:CC:58:80:48:4B:2B:2F:F0:A9"}}},"request":{"raw":"GET /assets/login/images/loginbg.jpg HTTP/1.1\r\nHost: bdquickshop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bdquickshop.com/assets/login/css/style.css\r\nCookie: ci_session=440f5784026aee3691f24ec92a1be263a791a5dc\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Oct 2025 22:52:30 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 24 Sep 2025 10:45:53 GMT\r\naccept-ranges: bytes\r\ncontent-length: 83058\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":83058,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Picasa], progressive, precision 8, 861x404, components 3","md5":"019ecb219198b0a44f422db230063103","sha1":"25d242df23389f8bda6837866038b0a7b72bf5f9","sha256":"7039b362d6e784eb455aa4b99b79e37652a5c5f07508dfce64190918268b8648","sha512":"c71054ba3fa93fcf9b0973f9476146916e4cf4f4b726c5608adfa84492daee4df6572903aeb7e3947b6dc4eedb33287ccf9d275d2a94edc44d5a924fb8da016f","ssdeep":"1536:+iONqq9AEFiWzcm4JEbykv59hLLFj9HJ2Kh2UmNfVEeS49o/QoaUgw4P1M:+rNqq9XFiicm4q+k/Zj9gNfPS48Q9UgG","tlshash":"dc8302a3753ef941f4bd33e1e01836f16e089b8922d34a1e76976cdd95ad6b037090a2","first_seen":"2025-10-09T22:52:57.243957Z","last_seen":"2025-10-09T22:52:57.243957Z","times_seen":1,"resource_available":false,"data":null}},"time_used":352,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":191,"receive":161,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.424Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bdquickshop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7748\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 08 Oct 2025 00:02:47 GMT\r\nexpires: Thu, 08 Oct 2026 00:02:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 168583\r\nlast-modified: Mon, 15 Sep 2025 16:36:26 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7748,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7748, version 1.0","md5":"a09f2fccfee35b7247b08a1a266f0328","sha1":"0da2d17e738f46d2a09e6fb7969da451719a9820","sha256":"cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446","sha512":"5e3f9a298003b84250ec6801e08ad2a4ff8845d4c3e13ea61bec37da24d26ede13b436257882124cc0c27e9a323ba92e7d23c6ad3f48a7b75535f5ed98813a0e","ssdeep":"96:0g6vAF/FXh6MmoI56TEwosGU/DbVF/QBT1gaHEYT6u/w3hXLbJPAS772+6haAftj:zp6x6TYpoDYBJg8TRkbJPAS/2+CzQa7","tlshash":"f3f19de65d1e5e8980f0102f6f6efce767950d88141dadf9a9e72f884c6ba1b04c90cd","first_seen":"2023-04-05T13:48:05Z","last_seen":"2026-04-04T15:48:54.499955Z","times_seen":192765,"resource_available":false,"data":null}},"time_used":274,"timings":{"blocked":128,"dns":1,"connect":28,"send":0,"wait":14,"receive":2,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/poppins/v24/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bdquickshop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8000\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 08 Oct 2025 00:02:46 GMT\r\nexpires: Thu, 08 Oct 2026 00:02:46 GMT\r\ncache-control: public, max-age=31536000\r\nage: 168584\r\nlast-modified: Mon, 15 Sep 2025 16:33:57 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8000,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 8000, version 1.0","md5":"72993dddf88a63e8f226656f7de88e57","sha1":"179f97ec0275f09603a8db94d4380eb584d81cd5","sha256":"f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149","sha512":"7c20165f9d22a86341e841fd58526209017dcde2afe2d0d2a89fe853d95dc69f658d25cf798c71f452dab09843fc808c1ae87a60b1284134163abf5a1d93e50a","ssdeep":"192:GDonmfrEdXT8WrxzRXwyQo3zGEOM7Y2hOMgWnsfYSjv4ENFGwrlKJ:8onPxTzjgyQSzLPXOTIYHJAJ","tlshash":"08f1b0ffa92456c4df692475a5044f27623652b4dd35cb2f496f3e12d2d74224bcc4c1","first_seen":"2023-04-05T18:53:14Z","last_seen":"2026-04-04T15:50:47.111437Z","times_seen":203505,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":81,"dns":2,"connect":28,"send":0,"wait":15,"receive":2,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.15.3/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bdquickshop.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 10482\r\ncf-ray: 98c172e05d4b712d-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6599bda5-28f2\"\r\nlast-modified: Sat, 06 Jan 2024 21:52:53 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 190191\r\nexpires: Tue, 29 Sep 2026 22:52:30 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=yj7FmEmYc4vvvqQMSQqdc2%2BPqS0MEHR3RGQZ%2BZchHGZyFNlwymdzTVyWOaH84YDU2WVkAZiDvib6P%2FCXO%2BADyroKQkK5K2TM%2FBzzzdVQ96KUIFMSnQ5Ah4YwzqAyXIdtsu4eajXD\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59344,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (59158)","md5":"74bab4578692993514e7f882cc15c218","sha1":"b6293bcfd851f963edbe859498570c4c0c7eaae4","sha256":"d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386","sha512":"8810579bc7d6f74fa7b8b7122a56e6acf70b6b4393f76c4ed4122c67ecb00d6642beab1681c715de0168441bf4cfef1d2c9832007221477e5565cda833f808d7","ssdeep":"768:0Eh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bft6VSzl:0E0PxXE4YXJgndFTfy9lt5B","tlshash":"0a43fbb8e54c01c9b731c44bef82b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-04-05T04:00:29Z","last_seen":"2026-04-04T15:48:54.563895Z","times_seen":80145,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":10,"dns":1,"connect":1,"send":0,"wait":73,"receive":1,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/uploads/login_img3.jpg","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bdquickshop.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:4E:D1:84:A6:36:41:14:3D:31:F0:2C:51:52:E5:D1:FC:AF:47:90","sha256":"3D:32:60:BC:ED:3E:C7:F6:C3:42:57:70:2C:DC:6F:7C:AD:45:06:9B:3C:33:C1:CC:58:80:48:4B:2B:2F:F0:A9"}}},"request":{"raw":"GET /uploads/login_img3.jpg HTTP/1.1\r\nHost: bdquickshop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bdquickshop.com/Login\r\nCookie: ci_session=440f5784026aee3691f24ec92a1be263a791a5dc\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Oct 2025 22:52:30 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 02 Sep 2025 11:06:59 GMT\r\naccept-ranges: bytes\r\ncontent-length: 19318\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":19318,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 670x402, components 3","md5":"fb943299cba4113828e33344b7956248","sha1":"fa837c29a7dce70c5368ba52f44138a31a78771d","sha256":"abe927a73ba6d77f1dc2e7a22a99e8af822f3feb5cd9015a0e4e857e929059ef","sha512":"cce5c5700496aa31a66fa4bb5948a192ac5270b180b01a58785b37d1f126913975a9f9c61bc3549b7ab2ea8ebd13cf76f8a2dc3c35438c4900f05c2659765b16","ssdeep":"384:9wJM4pw6vOXRqeB04yOSR/Zt0WpPMyS2FS6bgQwUdF3U:CJM4x84lOO/Zt00PMyk68QwUL3U","tlshash":"d982d1ec7bd071b0df380bb690add266a608fd1515b571bec8c57bca96540ce988c423","first_seen":"2025-10-09T22:52:57.246886Z","last_seen":"2025-10-09T22:52:57.246886Z","times_seen":1,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":159,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/assets/js/jquery-2.1.4.min.js","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.136Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bdquickshop.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:4E:D1:84:A6:36:41:14:3D:31:F0:2C:51:52:E5:D1:FC:AF:47:90","sha256":"3D:32:60:BC:ED:3E:C7:F6:C3:42:57:70:2C:DC:6F:7C:AD:45:06:9B:3C:33:C1:CC:58:80:48:4B:2B:2F:F0:A9"}}},"request":{"raw":"GET /assets/js/jquery-2.1.4.min.js HTTP/1.1\r\nHost: bdquickshop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bdquickshop.com/Login\r\nCookie: ci_session=440f5784026aee3691f24ec92a1be263a791a5dc\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Wed, 24 Sep 2025 10:45:53 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 28822\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-04-04T15:58:35.802253Z","times_seen":10387,"resource_available":true,"data":null}},"time_used":480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":324,"receive":156,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:58 GMT","end":"Mon, 15 Dec 2025 08:41:57 GMT"},"fingerprint":{"sha1":"01:8A:1A:53:EB:C1:22:A3:A0:69:16:42:30:E0:DF:75:70:19:84:BA","sha256":"A0:39:D8:8F:4E:08:6C:CC:FB:5E:20:98:FA:7C:2B:9F:6F:D6:F3:10:BF:EF:02:93:42:E4:94:E6:FD:A4:8D:35"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bdquickshop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 08 Oct 2025 00:01:35 GMT\r\nexpires: Thu, 08 Oct 2026 00:01:35 GMT\r\ncache-control: public, max-age=31536000\r\nage: 168655\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-04T15:48:54.503372Z","times_seen":295541,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":82,"dns":1,"connect":14,"send":0,"wait":15,"receive":1,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-09T22:52:29.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bdquickshop.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:4E:D1:84:A6:36:41:14:3D:31:F0:2C:51:52:E5:D1:FC:AF:47:90","sha256":"3D:32:60:BC:ED:3E:C7:F6:C3:42:57:70:2C:DC:6F:7C:AD:45:06:9B:3C:33:C1:CC:58:80:48:4B:2B:2F:F0:A9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bdquickshop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\nx-powered-by: PHP/7.3.33\r\nset-cookie: ci_session=440f5784026aee3691f24ec92a1be263a791a5dc; expires=Fri, 10-Oct-2025 10:52:29 GMT; Max-Age=43200; path=/; HttpOnly; secure\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nlocation: /Login\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\ndate: Thu, 09 Oct 2025 22:52:29 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"CodeIgniter","description":"","website":"https://codeigniter.com","common_platform_enumeration":"cpe:2.3:a:codeigniter:codeigniter:*:*:*:*:*:*:*:*","icon":"CodeIgniter.png","categories":["Web frameworks"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3726,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1135,"timings":{"blocked":416,"dns":5,"connect":159,"send":0,"wait":303,"receive":0,"ssl":248},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/uploads/company_profile_org/company_logo.jpg","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.757Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bdquickshop.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:4E:D1:84:A6:36:41:14:3D:31:F0:2C:51:52:E5:D1:FC:AF:47:90","sha256":"3D:32:60:BC:ED:3E:C7:F6:C3:42:57:70:2C:DC:6F:7C:AD:45:06:9B:3C:33:C1:CC:58:80:48:4B:2B:2F:F0:A9"}}},"request":{"raw":"GET /uploads/company_profile_org/company_logo.jpg HTTP/1.1\r\nHost: bdquickshop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bdquickshop.com/Login\r\nCookie: ci_session=440f5784026aee3691f24ec92a1be263a791a5dc\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Oct 2025 22:52:30 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 04 Oct 2025 11:27:10 GMT\r\naccept-ranges: bytes\r\ncontent-length: 62564\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":62564,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1131x1600, components 3","md5":"1044881a2e651b7a52caad859d5e2dfa","sha1":"f08afe63d154002736169e549f92781580e044b8","sha256":"2a759608b3578ccf6048e0819059c0d46d343d54860e10110a06ab36eb6a4ca3","sha512":"85dfc0513d565649010a193cf504ecdadb404f26c30884176184072c07d6f9e66f8898eb2cc3899383eff67976b3fce5c34a94071e45860a060d4c358a291c87","ssdeep":"1536:RJTwpf/kbOsVuakvVOcy8ObCwZKBKx7oP8P:3TwpnkqAuJxy8ObKByUkP","tlshash":"0c53f1660b591c6deda5073e301b0b743b33cbb722949e076a106570b9db76cbe6b306","first_seen":"2025-10-09T22:52:57.249982Z","last_seen":"2025-10-09T22:52:57.249982Z","times_seen":1,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/assets/css/toastr.min.css","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bdquickshop.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:4E:D1:84:A6:36:41:14:3D:31:F0:2C:51:52:E5:D1:FC:AF:47:90","sha256":"3D:32:60:BC:ED:3E:C7:F6:C3:42:57:70:2C:DC:6F:7C:AD:45:06:9B:3C:33:C1:CC:58:80:48:4B:2B:2F:F0:A9"}}},"request":{"raw":"GET /assets/css/toastr.min.css HTTP/1.1\r\nHost: bdquickshop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bdquickshop.com/Login\r\nCookie: ci_session=440f5784026aee3691f24ec92a1be263a791a5dc\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 16 Oct 2025 22:52:30 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 24 Sep 2025 10:45:53 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 3033\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":7887,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (821)","md5":"f27622173a257fc94f6842e8a1b4fc7e","sha1":"a14674d43524e8fd10e299e7f43ecfa7b024ddc6","sha256":"7ad7e0b57b3289c9cb870374511133facc3db029b7f0c9b4d9383f6635b7e95c","sha512":"d33bb7bcd0c9591aa803cba30dacd06286ecbc45b5fc10cec937f308eeb405aa0f0d168c711f18a6c65a24de858ee8897dad5f094c463538ce5c91c3d9960b8d","ssdeep":"96:Lozba77HyKQXqrB4KkKk66wMIiobmQTWQ78GhJZCjtC8TWP+zLmlDDxTWKG8Czyb:MzRqrBw66wIzY8sywttMGqVM3","tlshash":"f2f175259be22608bd8540adb51926073b2aa003d7ddecb96ddfa16cebc7bd09c71344","first_seen":"2025-10-09T22:52:57.25127Z","last_seen":"2025-10-09T22:52:57.25127Z","times_seen":1,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bdquickshop.com/assets/js/toastr.min.js","fqdn":"bdquickshop.com","domain":"bdquickshop.com","tld":"com"},"ip":{"addr":"162.0.235.139","port":443,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bdquickshop.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 30 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"01:4E:D1:84:A6:36:41:14:3D:31:F0:2C:51:52:E5:D1:FC:AF:47:90","sha256":"3D:32:60:BC:ED:3E:C7:F6:C3:42:57:70:2C:DC:6F:7C:AD:45:06:9B:3C:33:C1:CC:58:80:48:4B:2B:2F:F0:A9"}}},"request":{"raw":"GET /assets/js/toastr.min.js HTTP/1.1\r\nHost: bdquickshop.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bdquickshop.com/Login\r\nCookie: ci_session=440f5784026aee3691f24ec92a1be263a791a5dc\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\nlast-modified: Wed, 24 Sep 2025 10:45:53 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2024\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":5537,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5215)","md5":"b36f28de584845317de40a7219c82b1c","sha1":"6de8657c8782561bc023478ab708179ed846db1a","sha256":"ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09","sha512":"54477e9eadb90a447aefa3bea4b0670d6d3d47b5505fd31d8a28f4e768150a9e72547de31ad1fbd07a3f514bf89890ec11d4efa91085660d0d2868a88c69d40b","ssdeep":"96:LozfdCZR1JHduRv75dR+FIEHXX9oxNDP9mA1UZsEyHGJAcCwV02UfrI:Mzf4BtcvvRqIQcNa74ccrI","tlshash":"f7b19384b220bb8b5b731169919f144b937673b2ccce55007639a5987e7082c97b7fdc","first_seen":"2023-03-07T01:28:39Z","last_seen":"2026-04-04T13:59:49.783183Z","times_seen":4586,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":323,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-09","alert":"Sinkholed","trigger":"bdquickshop.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://bdquickshop.com/Login","date":"2025-10-09T22:52:30.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://bdquickshop.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 09 Oct 2025 22:52:30 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 78196\r\ncf-ray: 98c172e24f7b0883-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6599bdc3-13174\"\r\nlast-modified: Sat, 06 Jan 2024 21:53:23 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 187496\r\nexpires: Tue, 29 Sep 2026 22:52:30 GMT\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=Ff%2ByEEleBcSHkyH%2BUTaYCBsF2CnmNUUENoJlA5gfBuJTw04PrZ4g4ZaYUbp%2BA1qj0WEFiMXmJOsfjBSVLPL8VTIUsURLbfyHOkVbqVf9bAeqzQ1iyAnjwUzmrrh5waLkHolXYT9e\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78196,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261","md5":"e8a427e15cc502bef99cfd722b37ea98","sha1":"a9922842a120a7f1eaced667480c5e185a106d69","sha256":"d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef","sha512":"113775748a4166c07e58c26cf6db7fed473732dc6124b8ee0f0dcc0d6439eb2ab2c5d9e01c67324fdf9de4105349cf30cc5796a0b0e0ce9a08f337b9d4e10b7b","ssdeep":"1536:1iGQV8Q8UOUMUd5UY3qyCkHQCCz2LL1F+u3MHLGxe3U:QVWuF33qy7HQchFz8HnU","tlshash":"3273121cf567643ef6a8e05f3c38256d4fd5c724e2e68a06748db808c4ce71d90879b6","first_seen":"2023-04-05T08:37:56Z","last_seen":"2026-04-04T15:48:54.454996Z","times_seen":119687,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":14,"dns":1,"connect":0,"send":0,"wait":9,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}