{"report_id":"2716b991-566f-43a3-8591-3e246c46c451","version":6,"status":"done","tags":[],"date":"2025-09-27T05:30:45Z","url":{"schema":"http","addr":"hagech.com/client?camp=s9\u0026aff_id=1261\u0026aff_sub=hot","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"hagech.com/client?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=bl\u0026camp=s9\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=1\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=1024\u0026scw=1280\u0026vph=1024\u0026vpw=1280\u0026lt=\u0026tzn=0\u0026p_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026p_camp=f168","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"title":"The most popular dating site of this month"},"submit":{"url":{"schema":"http","addr":"hagech.com/client?camp=s9\u0026aff_id=1261\u0026aff_sub=hot","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-01T05:30:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"o4508721783177216.ingest.de.sentry.io","ip":{"addr":"34.120.62.213","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2012-04-07","domain_rank":0,"first_seen":"2025-03-28T01:30:15.558612Z","last_seen":"2025-09-23T02:02:27.898603Z","alert_count":0,"request_count":2,"received_data":1749,"sent_data":1297,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-21T22:11:31.014241Z","alert_count":0,"request_count":1,"received_data":19615,"sent_data":554,"comment":"","tags":null,"fingerprints":null},{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2025-09-21T22:11:36.895165Z","alert_count":0,"request_count":1,"received_data":87562,"sent_data":443,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"js-de.sentry-cdn.com","ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2018-05-30","domain_rank":575433,"first_seen":"2024-04-30T19:24:52Z","last_seen":"2025-09-24T03:25:26.500015Z","alert_count":0,"request_count":1,"received_data":4648,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Algolia","description":"Algolia offers a hosted web search product delivering real-time results.","website":"https://www.algolia.com","common_platform_enumeration":"","icon":"Algolia.svg","categories":["Search engines"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-09-21T22:11:31.798564Z","alert_count":0,"request_count":1,"received_data":2552,"sent_data":456,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"browser.sentry-cdn.com","ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2018-05-30","domain_rank":23677,"first_seen":"2018-07-13T11:42:06Z","last_seen":"2025-09-21T22:24:32.985607Z","alert_count":0,"request_count":1,"received_data":233139,"sent_data":466,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}]},{"fqdn":"hagech.com","ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-05-20","domain_rank":512455,"first_seen":"2024-06-07T16:39:06Z","last_seen":"2025-09-14T09:06:55.992278Z","alert_count":20,"request_count":10,"received_data":1336448,"sent_data":9184,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hagech.com/lands/js/push/subscribe.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0899f5ebcf7a284be9821093bf0ba213","sha1":"2adb5e0d0cf188872bc6b66d9e5770cc4c30fec4","sha256":"69239c8e72047d3be39b73f9d677d4205ef1d1f840112fb85ef32002352b8808","sha512":"dd185e2d6d75290638d2a2e003f30f219185ae7ab2b37c0b50071cc2c6f2ac4a1969ee7bead172b788aa6b2afcfa681c7d4f02f4ccf59865f4c7491ea39e5f64","ssdeep":"","tlshash":"1d81531e1cf3ad31296338aa1f7fb508a16418073501ead9bfcdca505f917ad6b85dc4","size":3837,"data":"","first_seen":"2025-02-01T19:57:15.778599Z","last_seen":"2025-10-06T18:12:26.860573Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/adult/2cl/js/translate.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"20315b1cdbdf96f1d437395eb40cddd2","sha1":"a8afbe099272b36429785f6cf4e59fa4b87a78c3","sha256":"628cf3894f2775392587f2ced8a1ac2b4831bebc9ccbc209cc40a164dbad22ac","sha512":"9464b2f6ecf5742b955091145e7bc7266de7d8e6b2b82ed640f03e41e0bb97b5c048bb9a97184e93064b2be4e7477025da99ca054d2884cdf05c8ca1a967c69f","ssdeep":"192:DQPDONQpyoe2ml8dLv9CZFeVQARUQp0dH/gO08foSW:DQShl8dLvgZFgQ40dP0d","tlshash":"0812b5fb6ea241cd0010651ee85d7606681900ef2f1576abf86ed23c3fcd2bc69bd285","size":9362,"data":"","first_seen":"2025-09-23T02:02:29.817403Z","last_seen":"2025-12-15T06:52:46.531985Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/js/track-logic.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"367d17708903922fabecff12f01df4f7","sha1":"6d76afdd9602c0a8d5195cdf08b6a5b3a67a7492","sha256":"b75f93e5ac17b4a47999dd7365c7928aa5e2d0f3adde2e424cc7f606cd922d5d","sha512":"ba7d1b01f391aafba12766dcaac9350e980251e388425f4434c3860d0c51782e1120c043c146abedbb51c9e87fe94baf12a07000826bedbe6ca04ed06d02b571","ssdeep":"96:obQvMk4VarTAgsIARKNO17i5hMPY5hafIVPjV3lNoh2M28fBFdZ0Mk7:LQCUIARKkhkMUZVPjV3lNoh2M28fBFd0","tlshash":"8ec144897872727059e3316cc72b852432361913794de690b65d83b40f3ae1af36bade","size":5747,"data":"","first_seen":"2025-01-16T01:56:12.010626Z","last_seen":"2025-10-06T18:12:26.850528Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js-de.sentry-cdn.com/22550bf5e35173a92d12b471867df88a.min.js","fqdn":"js-de.sentry-cdn.com","domain":"sentry-cdn.com","tld":"com"},"ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7df127cd302beab585ee3f63814e366d","sha1":"e50b30ea505ec51d4c58b32144d3ee4e566c6801","sha256":"c37207fab1c5204ea8a127fa06f7dc5f1a541a65c4c72cd0b2fae368248ff8b0","sha512":"8bd497645c4a20bc4b63d19d3d5b3482f4b21976f50c2ce40238750f82ac833896620892107a69b650ba250957c6b921340bc3309352e22a49f4113f974d882b","ssdeep":"","tlshash":"5b51e7a43fcebc7307a72731407f780532b36998648ec6808606f9d42c6281937afe0c","size":2845,"data":"","first_seen":"2025-09-23T02:02:29.816281Z","last_seen":"2025-12-15T06:52:46.529192Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/adult/2cl/js/main.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a754c09630a1a847d7c69ed111eff8c","sha1":"b999c0bd637e93c118cd122631b84bc0aee6a401","sha256":"6bf3fcf8c5f4fa7a5277f39cf5d65c02e48c0e31e6dd0ca16354b1fd751cd529","sha512":"088215126ccb55442f0689e7de7aeeb5726ae68c94f4b0135cdca6ee667c6a16cbb6eb0f3390fd76f8e3011a19e1d29acc73d7226738fb4bb3d7073c4a96cbe9","ssdeep":"","tlshash":"dd21af0ba4b1755410f770ba97bb5c9c1a982403f244eb987b4d57814fa8548e6335fe","size":1351,"data":"","first_seen":"2025-09-23T02:02:29.822966Z","last_seen":"2025-12-15T06:52:46.514799Z","times_seen":56,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/js/translate.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"97e08f42000c0aa7fbbf09cf081da0fb","sha1":"dfe876ddadbed2fba244cf81017dca3ba795cf64","sha256":"526a4d6f3f928215fe324e94008aafcc6e38742c3bb166815341dc14a0af8711","sha512":"d9d76e5ee51460145d55862fccfe88c823cc0917074041b3eacc89072f0191336a62c34feb42087a170cdecd0facefa8d4f9df9badf81b29900b3204955191db","ssdeep":"","tlshash":"3e01762a72b5502a10ac0999e3cf90edbe28b3013032fca0b76caa161f64c6d734d4a5","size":669,"data":"","first_seen":"2024-12-21T16:39:40.026149Z","last_seen":"2025-12-21T21:02:02.931542Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.3.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","size":86927,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-26T16:05:15.157385Z","times_seen":123238,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"browser.sentry-cdn.com/8.55.0/bundle.tracing.replay.min.js","fqdn":"browser.sentry-cdn.com","domain":"sentry-cdn.com","tld":"com"},"ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c067d74cad61d2170676e46802e0780e","sha1":"a62c3415529f3b3030dfc6373a895894c66d3810","sha256":"38626d34bcf2227c9172259fc4969b8252148613cd1cf22ae1a652475b0cbe47","sha512":"3e5cc70bdda3c561bc423aa855fd6d9d00135bb899a37d960d00c412d0ad38b2e77048474ee8e1712fdf47ed7c37c3f8a7c4498002d499e07b5e64721939665c","ssdeep":"3072:pKLSjg/G0w230KrnxFVBJkj/+e0j/+OMXiOEkPbvRQQ+LsGH26lC:gLSkG0/txFtkjO7OEkPbvRv+Ls2C","tlshash":"8334e7d97192b03243d705a9907b0201f7395a95304b81a8f67cedeb2d7944ba2b7f3e","size":232625,"data":"","first_seen":"2025-02-13T15:53:48.277006Z","last_seen":"2026-03-29T02:40:24.420859Z","times_seen":347,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Montserrat\u0026subset=latin-ext","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:49 GMT","end":"Mon, 01 Dec 2025 08:36:48 GMT"},"fingerprint":{"sha1":"9E:38:51:02:B6:22:9C:08:6B:24:B8:A0:EB:DB:60:D9:27:B2:68:90","sha256":"67:AF:7E:56:AB:8D:96:FB:D0:75:CA:28:6D:16:B6:67:FD:7F:58:6F:CC:AA:78:B5:01:13:76:2C:AB:BE:80:4E"}}},"request":{"raw":"GET /css?family=Montserrat\u0026subset=latin-ext HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 27 Sep 2025 05:30:22 GMT\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1866,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"bd8eb785552dd14048bc05a0caeb4e53","sha1":"2e4baf02179f4413cba26cab547282e82d40ea0c","sha256":"3e4fc43d2973ddc920952f6c69750e388386b105591ae0867b600561ab37a2af","sha512":"8108e1541230f771d159544bc4cb927706064f6e6423b17aecee27ccdd236eed61d950672ccc92fba4b8cc5eee479692b98aa3970e1f52168e8b96cd952ab0ba","ssdeep":"","tlshash":"26319b411216e900a7431cca23ce7d26ce8e626275a0c47abffd5ca8ade5c261735b6d","first_seen":"2025-09-05T00:54:05.746777Z","last_seen":"2026-04-26T15:22:17.983875Z","times_seen":15359,"resource_available":true,"data":null}},"time_used":188,"timings":{"blocked":77,"dns":0,"connect":16,"send":0,"wait":34,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"browser.sentry-cdn.com/8.55.0/bundle.tracing.replay.min.js","fqdn":"browser.sentry-cdn.com","domain":"sentry-cdn.com","tld":"com"},"ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.sentry-cdn.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q1","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 07 Apr 2025 18:50:27 GMT","end":"Sat, 09 May 2026 18:50:26 GMT"},"fingerprint":{"sha1":"00:4D:2B:16:F6:29:29:D8:2F:20:48:BD:32:13:96:5D:37:EB:F8:25","sha256":"07:FA:B8:3E:6D:AC:BB:16:5C:22:49:01:30:87:B9:66:E1:FB:75:FD:50:1B:81:91:9A:06:CF:FF:A4:67:5D:F2"}}},"request":{"raw":"GET /8.55.0/bundle.tracing.replay.min.js HTTP/1.1\r\nHost: browser.sentry-cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hagech.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=31536000\r\nexpires: Thu, 12 Feb 2026 16:03:46 GMT\r\nlast-modified: Wed, 12 Feb 2025 15:17:05 GMT\r\netag: \"c9503a8859a0defa39c6c0bd0acd6687\"\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\nage: 2805759\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\nserver: Fastly\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-length: 75241\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":232625,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65411)","md5":"c067d74cad61d2170676e46802e0780e","sha1":"a62c3415529f3b3030dfc6373a895894c66d3810","sha256":"38626d34bcf2227c9172259fc4969b8252148613cd1cf22ae1a652475b0cbe47","sha512":"3e5cc70bdda3c561bc423aa855fd6d9d00135bb899a37d960d00c412d0ad38b2e77048474ee8e1712fdf47ed7c37c3f8a7c4498002d499e07b5e64721939665c","ssdeep":"3072:pKLSjg/G0w230KrnxFVBJkj/+e0j/+OMXiOEkPbvRQQ+LsGH26lC:gLSkG0/txFtkjO7OEkPbvRv+Ls2C","tlshash":"8334e7d97192b03243d705a9907b0201f7395a95304b81a8f67cedeb2d7944ba2b7f3e","first_seen":"2025-02-13T15:53:48.277006Z","last_seen":"2026-03-29T02:40:24.420859Z","times_seen":347,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/adult/2cl/assets/last.png","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /lands/adult/2cl/assets/last.png HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=\r\nCookie: browserLanguage=en; userId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; __cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: image/png\r\ncontent-length: 1289561\r\nlast-modified: Mon, 04 Aug 2025 09:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"689080c2-13ad59\"\r\ncache-control: no-store, no-cache\r\naccept-ranges: bytes\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DDstWOR7wf%2BxmVQbbsDKxi9e%2FRxvD4KW0GcabYFV1NwZM7NRCzpWojN04zq71YzoywmwoRO4nAFUYJ8oHMZEB7x5u5E3MNRN\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98589bd47fc456c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1289561,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 744 x 998, 8-bit/color RGBA, non-interlaced","md5":"16564bd42853e165416be032db6f5fb9","sha1":"51d2ad8469ac7a406ab4e92be70117d4f635320c","sha256":"1b6b02c779869114ce15e6a294ba21f0d9f5df477956c31916018c62a58e75e0","sha512":"53e7e6c5352ace62f3c89dfe53c134407894ef73ea1130aa24b628813a4e230171165b9bee7e76a77e5d18eb666da44ef5a4f992a4c2c44c6e162e4061941679","ssdeep":"24576:OdOopgp746zdTFPWz/4dwnwj9ZtUlrOnhw2q7:OwoypU6zvP24dNj9ZOAhw2g","tlshash":"af2533a9d2f1f676e10f7e2adc68088d2f523816aa13dfcf0dc5b156f23682197620d4","first_seen":"2025-09-26T16:50:22.181573Z","last_seen":"2025-10-18T08:56:03.46539Z","times_seen":9,"resource_available":false,"data":null}},"time_used":323,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":230,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"o4508721783177216.ingest.de.sentry.io/api/4508721812471888/envelope/?sentry_version=7\u0026sentry_key=22550bf5e35173a92d12b471867df88a\u0026sentry_client=sentry.javascript.browser%2F8.55.0","fqdn":"o4508721783177216.ingest.de.sentry.io","domain":"sentry.io","tld":"io"},"ip":{"addr":"34.120.62.213","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:24.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ingest.de.sentry.io","organization":"Sentry"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 24 Jul 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"88:B6:7E:84:32:D7:21:B3:BE:6F:2B:53:57:B5:0A:DF:6B:21:F8:A8","sha256":"FA:57:F8:3E:A4:0F:67:9F:A8:27:49:85:F1:73:F9:33:F5:C9:90:B9:57:B9:DF:30:F6:F0:CE:D2:29:09:9D:76"}}},"request":{"raw":"POST /api/4508721812471888/envelope/?sentry_version=7\u0026sentry_key=22550bf5e35173a92d12b471867df88a\u0026sentry_client=sentry.javascript.browser%2F8.55.0 HTTP/1.1\r\nHost: o4508721783177216.ingest.de.sentry.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hagech.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 16835\r\nOrigin: https://hagech.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\nserver: nginx\r\ndate: Sat, 27 Sep 2025 05:30:24 GMT\r\ncontent-type: application/json\r\nretry-after: 60\r\nx-sentry-rate-limits: 60:transaction;profile;transaction_indexed;span;span_indexed:organization:span_usage_exceeded\r\nvary: origin, access-control-request-method, access-control-request-headers,accept-encoding\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after\r\ncontent-encoding: br\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":198,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"478b411c59eb87249bea32cf7c7be5d2","sha1":"023907c62eb55758905bb3c0e640b5b204ae0652","sha256":"bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263","sha512":"fd5a62565a479ebe0d27a4e3891117df96bb4bac0dd13bb46dbe674d7813557f41f99b00669d4fe3959279b14f64c0738d1627bd0257a22d6103e3b713022222","ssdeep":"","tlshash":"5ad022ebc07a4e6a0ac213a953404924a932aa0a1fcacf2668dc812a0289204662d31d","first_seen":"2023-04-06T03:33:39Z","last_seen":"2026-04-26T14:48:00.310183Z","times_seen":16314,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/js/push/subscribe.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /lands/js/push/subscribe.js HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=\r\nCookie: browserLanguage=en; userId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; __cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 04 Aug 2025 09:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"689080c2-efd\"\r\nexpires: Mon, 27 Oct 2025 05:30:22 GMT\r\ncache-control: max-age=2592000, no-store, no-cache\r\ncontent-encoding: gzip\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YrZrLA7MNlr%2Bp%2FJuB91AiI9PwEwr%2F%2BoFdq6NMon3I0i6EgRhgiTv4Gpk%2FMD264nZR1Wyj7PQwXjPrktv2aAzHnDu3jnSYZNn2vY%3D\"}]}\r\ncf-ray: 98589bd2fe8a2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3837,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"0899f5ebcf7a284be9821093bf0ba213","sha1":"2adb5e0d0cf188872bc6b66d9e5770cc4c30fec4","sha256":"69239c8e72047d3be39b73f9d677d4205ef1d1f840112fb85ef32002352b8808","sha512":"dd185e2d6d75290638d2a2e003f30f219185ae7ab2b37c0b50071cc2c6f2ac4a1969ee7bead172b788aa6b2afcfa681c7d4f02f4ccf59865f4c7491ea39e5f64","ssdeep":"","tlshash":"1d81531e1cf3ad31296338aa1f7fb508a16418073501ead9bfcdca505f917ad6b85dc4","first_seen":"2025-02-01T19:57:15.778599Z","last_seen":"2025-10-06T18:12:26.860573Z","times_seen":35,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/adult/2cl/js/translate.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /lands/adult/2cl/js/translate.js HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=\r\nCookie: browserLanguage=en; userId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; __cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 04 Aug 2025 09:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"689080c2-2492\"\r\ncache-control: no-store, no-cache\r\ncontent-encoding: gzip\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=exIJVcPsNefamnCszCMwgAzfBuZVzYgW%2Bj0u4jAND78ntUF0Ev%2FipPtBanqvasijQ07%2Fdq%2FT0s1SVtqEjiod2NR1VVaXjta4rBc%3D\"}]}\r\ncf-ray: 98589bd2fe8b2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9362,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"20315b1cdbdf96f1d437395eb40cddd2","sha1":"a8afbe099272b36429785f6cf4e59fa4b87a78c3","sha256":"628cf3894f2775392587f2ced8a1ac2b4831bebc9ccbc209cc40a164dbad22ac","sha512":"9464b2f6ecf5742b955091145e7bc7266de7d8e6b2b82ed640f03e41e0bb97b5c048bb9a97184e93064b2be4e7477025da99ca054d2884cdf05c8ca1a967c69f","ssdeep":"192:DQPDONQpyoe2ml8dLv9CZFeVQARUQp0dH/gO08foSW:DQShl8dLvgZFgQ40dP0d","tlshash":"0812b5fb6ea241cd0010651ee85d7606681900ef2f1576abf86ed23c3fcd2bc69bd285","first_seen":"2025-09-23T02:02:29.817403Z","last_seen":"2025-12-15T06:52:46.531985Z","times_seen":56,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/adult/2cl/js/main.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /lands/adult/2cl/js/main.js HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=\r\nCookie: browserLanguage=en; userId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; __cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 04 Aug 2025 09:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"689080c2-547\"\r\ncache-control: no-store, no-cache\r\ncontent-encoding: gzip\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o1S6%2FveiBYeUEWdbgf%2BC6HDEX24dwxqg2T8bZ79xNsJW6DXgviECbCXJuEvKdaOmCbdrs5Ax62NEfuxMHShZrkQsdi7LU1os3EA%3D\"}]}\r\ncf-ray: 98589bd2fe8d2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1351,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"9a754c09630a1a847d7c69ed111eff8c","sha1":"b999c0bd637e93c118cd122631b84bc0aee6a401","sha256":"6bf3fcf8c5f4fa7a5277f39cf5d65c02e48c0e31e6dd0ca16354b1fd751cd529","sha512":"088215126ccb55442f0689e7de7aeeb5726ae68c94f4b0135cdca6ee667c6a16cbb6eb0f3390fd76f8e3011a19e1d29acc73d7226738fb4bb3d7073c4a96cbe9","ssdeep":"","tlshash":"dd21af0ba4b1755410f770ba97bb5c9c1a982403f244eb987b4d57814fa8548e6335fe","first_seen":"2025-09-23T02:02:29.822966Z","last_seen":"2025-12-15T06:52:46.514799Z","times_seen":56,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:36:48 GMT","end":"Mon, 01 Dec 2025 08:36:47 GMT"},"fingerprint":{"sha1":"4A:11:37:B2:B5:3D:85:04:18:76:94:C3:99:EA:8B:77:66:51:DF:D6","sha256":"6C:B3:8A:F8:58:9F:72:87:6E:B0:CF:E0:3F:D9:AB:6D:AE:6E:E0:73:B1:A3:95:3C:30:98:D3:C4:23:73:D4:33"}}},"request":{"raw":"GET /s/montserrat/v31/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hagech.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18780\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Sep 2025 22:55:54 GMT\r\nexpires: Fri, 25 Sep 2026 22:55:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 110068\r\nlast-modified: Thu, 04 Sep 2025 17:09:31 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18780,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18780, version 1.0","md5":"e7198b2dcb57c0193b0e9765353994ba","sha1":"6e2658ad73dda183d4fa2979809a73a0c29d21c9","sha256":"e66bcd2761ab6924b25ce70dafe10e57a39193c4fea1516730bd9cb5240af6c8","sha512":"01054290f69d0e4232687f67e5d2522f186f87fe833bd1b13016d0e79a1159c49e767a5c6e9c61f9b3fea0c27df2194011bf46d6f6c1ee46d1f4313ac1950f9c","ssdeep":"384:pJOL4DxNfzRV4g4Miv8HlK3z114ow92D4bH7CxPhdWS6UJ836u8K+ylyr:p5P8Mq8Hlqo92D4vOPhdWSL+qu8Kqr","tlshash":"ef82d0ec209846f9fc0a6e97dfc49bd522430cbd87166e3093ab0dc84b875a4d667693","first_seen":"2025-09-05T00:54:05.741935Z","last_seen":"2026-04-26T15:35:21.612938Z","times_seen":31270,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":76,"dns":0,"connect":15,"send":0,"wait":15,"receive":4,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/client?camp=s9\u0026aff_id=1261\u0026aff_sub=hot","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-27T05:30:22.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /client?camp=s9\u0026aff_id=1261\u0026aff_sub=hot HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\nvary: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Accept\r\ncritical-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncache-control: no-store, no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ltH0%2BS3WJwFXzjXwCFHzdh%2BOPZQhkM1XJyvD%2FHfrkt%2FGfVtCzuULbV%2FtHliYCHd4YAyb4kuK2tG8Xfn7O%2FEAI6iToTCYkjDdpJc%3D\"}]}\r\nset-cookie: browserLanguage=en; Path=/; Domain=hagech.com; Expires=Mon, 27 Oct 2025 05:30:22 GMT\nuserId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; SameSite=None; Secure; Path=/; Domain=hagech.com; Expires=Thu, 26 Sep 2030 05:30:22 GMT\n__cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp; HttpOnly; SameSite=Strict; Secure; Path=/; Expires=Sun, 28 Sep 2025 04:30:22 GMT\r\ncf-ray: 98589bd13c552efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4445,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T16:08:29.690696Z","times_seen":14235158,"resource_available":true,"data":null}},"time_used":706,"timings":{"blocked":264,"dns":0,"connect":1,"send":0,"wait":179,"receive":0,"ssl":261},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/adult/2cl/styles/styles.css","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /lands/adult/2cl/styles/styles.css HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=\r\nCookie: browserLanguage=en; userId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; __cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Mon, 04 Aug 2025 09:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncache-control: no-store, no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oUJTKYiYXt4EwsTNe93RmGFFlTElm1X%2Fsykr38zcGoEpWhnpQC%2FcvdIJ20AyX1qwMkJXCVpp6V4iUMxDOSXkS7TR6pZxhij048M%3D\"}]}\r\ncf-cache-status: BYPASS\r\netag: W/\"689080c2-2169\"\r\ncontent-encoding: br\r\ncf-ray: 98589bd2fe842efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8553,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6c790af3fa2f015d28b7a1fd2a9c594a","sha1":"21f63f66435b42be9215eb1f4b57045ef35d2dfe","sha256":"91c9dca40495e1f5abb40d0b95ffd6f89b7f0d9b35938707c193ca5eb3dbf619","sha512":"38490baae0e72ce2947ca39f021222308733736cc5e5ad9bf6573a8ae38971429a221e9b846fc9eee752a555d7175a5850cff2bc50733091a7f87c0e11a0d9c8","ssdeep":"192:hepmFf6/glrZluULXfwBWy8/y1MH5rNgoye1lk99c6ks7DbyW6wKt2Fd+czPqjve:hEF/g/4Amrg5rNg6nmD6CvjsRMK/3U","tlshash":"2d0236542eb31808b40794686beb8b9c223cc0478d0fcd7d7bdb2214df8a3a86156bdd","first_seen":"2025-09-23T02:02:29.819535Z","last_seen":"2025-12-15T06:52:46.536791Z","times_seen":56,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-3.3.1.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-3.3.1.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hagech.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1538f\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\nage: 3356660\r\nx-served-by: cache-lga21927-LGA, cache-osl6529-OSL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 37523, 96575\r\nx-timer: S1758951023.571930,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 30288\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86927,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"a09e13ee94d51c524b7e2a728c7d4039","sha1":"0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae","sha256":"160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef","sha512":"f8da8f95b6ed33542a88af19028e18ae3d9ce25350a06bfc3fbf433ed2b38fefa5e639cddfdac703fc6caa7f3313d974b92a3168276b3a016ceb28f27db0714a","ssdeep":"1536:jLiBdiaWLOczCmZx6+VWuGzQNOzdn6x2RZd9SEnk9HB96c9Yo/NWLbVj3kC6t3:5kn6x2xe9NK6nC69","tlshash":"748319dd72c6b06247ab71ba00bf550bf2361999684d4410f129e4eabc74b4e823bf7d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-26T16:05:15.157385Z","times_seen":123238,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":10,"dns":4,"connect":1,"send":0,"wait":1,"receive":1,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js-de.sentry-cdn.com/22550bf5e35173a92d12b471867df88a.min.js","fqdn":"js-de.sentry-cdn.com","domain":"sentry-cdn.com","tld":"com"},"ip":{"addr":"151.101.130.217","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.sentry-cdn.com","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q1","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 07 Apr 2025 18:50:27 GMT","end":"Sat, 09 May 2026 18:50:26 GMT"},"fingerprint":{"sha1":"00:4D:2B:16:F6:29:29:D8:2F:20:48:BD:32:13:96:5D:37:EB:F8:25","sha256":"07:FA:B8:3E:6D:AC:BB:16:5C:22:49:01:30:87:B9:66:E1:FB:75:FD:50:1B:81:91:9A:06:CF:FF:A4:67:5D:F2"}}},"request":{"raw":"GET /22550bf5e35173a92d12b471867df88a.min.js HTTP/1.1\r\nHost: js-de.sentry-cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hagech.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000\r\nreporting-endpoints: default=https://sentry.my.sentry.io/api/0/reporting-api-experiment/\r\nx-frame-options: deny\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-security-policy: base-uri 'none'; worker-src blob:; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; img-src * blob: data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io 'self'; default-src 'none'; font-src * data:; style-src * 'unsafe-inline'; object-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; media-src *; frame-ancestors 'self' *.sentry.io; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e\u0026sentry_release=9f88884b4a14803e9df4ddee778071a71b2535d9\r\nx-envoy-upstream-service-time: 15\r\ncontent-encoding: gzip\r\naccept-ranges: bytes\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\nage: 111\r\nx-served-by: cache-chi-kigq8000125-CHI, cache-osl6530-OSL\r\nvary: Accept-Encoding\r\ntiming-allow-origin: *\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-length: 1353\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Algolia","description":"Algolia offers a hosted web search product delivering real-time results.","website":"https://www.algolia.com","common_platform_enumeration":"","icon":"Algolia.svg","categories":["Search engines"]}],"data":{"size":2845,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2844)","md5":"7df127cd302beab585ee3f63814e366d","sha1":"e50b30ea505ec51d4c58b32144d3ee4e566c6801","sha256":"c37207fab1c5204ea8a127fa06f7dc5f1a541a65c4c72cd0b2fae368248ff8b0","sha512":"8bd497645c4a20bc4b63d19d3d5b3482f4b21976f50c2ce40238750f82ac833896620892107a69b650ba250957c6b921340bc3309352e22a49f4113f974d882b","ssdeep":"","tlshash":"5b51e7a43fcebc7307a72731407f780532b36998648ec6808606f9d42c6281937afe0c","first_seen":"2025-09-23T02:02:29.816281Z","last_seen":"2025-12-15T06:52:46.529192Z","times_seen":56,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":7,"dns":3,"connect":1,"send":0,"wait":2,"receive":0,"ssl":5},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o4508721783177216.ingest.de.sentry.io/api/4508721812471888/envelope/?sentry_version=7\u0026sentry_key=22550bf5e35173a92d12b471867df88a\u0026sentry_client=sentry.javascript.browser%2F8.55.0","fqdn":"o4508721783177216.ingest.de.sentry.io","domain":"sentry.io","tld":"io"},"ip":{"addr":"34.120.62.213","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ingest.de.sentry.io","organization":"Sentry"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 24 Jul 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"88:B6:7E:84:32:D7:21:B3:BE:6F:2B:53:57:B5:0A:DF:6B:21:F8:A8","sha256":"FA:57:F8:3E:A4:0F:67:9F:A8:27:49:85:F1:73:F9:33:F5:C9:90:B9:57:B9:DF:30:F6:F0:CE:D2:29:09:9D:76"}}},"request":{"raw":"POST /api/4508721812471888/envelope/?sentry_version=7\u0026sentry_key=22550bf5e35173a92d12b471867df88a\u0026sentry_client=sentry.javascript.browser%2F8.55.0 HTTP/1.1\r\nHost: o4508721783177216.ingest.de.sentry.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hagech.com/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3228\r\nOrigin: https://hagech.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 429 Too Many Requests\r\nserver: nginx\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: application/json\r\nretry-after: 60\r\nx-sentry-rate-limits: 60:default;error;security;attachment:organization:error_usage_exceeded\r\nvary: origin, access-control-request-method, access-control-request-headers,accept-encoding\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after\r\ncontent-encoding: br\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"429","status_text":"Too Many Requests","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":198,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"478b411c59eb87249bea32cf7c7be5d2","sha1":"023907c62eb55758905bb3c0e640b5b204ae0652","sha256":"bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263","sha512":"fd5a62565a479ebe0d27a4e3891117df96bb4bac0dd13bb46dbe674d7813557f41f99b00669d4fe3959279b14f64c0738d1627bd0257a22d6103e3b713022222","ssdeep":"","tlshash":"5ad022ebc07a4e6a0ac213a953404924a932aa0a1fcacf2668dc812a0289204662d31d","first_seen":"2023-04-06T03:33:39Z","last_seen":"2026-04-26T14:48:00.310183Z","times_seen":16314,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":84,"dns":22,"connect":12,"send":0,"wait":43,"receive":0,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/favicon.ico","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:23.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=\r\nCookie: browserLanguage=en; userId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; __cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Sat, 27 Sep 2025 05:30:23 GMT\r\ncontent-type: text/html\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FzdTBPvzAo%2BWgPODiuYhccledzpJnMz45iAGCNwVY%2B7YAW5acc7a%2B9ICR1izrlqYGqd2ONiXUPjWk2dbICZ6JBrNHn1P9Hpr\"}]}\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\ncf-ray: 98589bd63fd456c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-26T16:06:00.718324Z","times_seen":496435,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":75,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-27T05:30:22.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt= HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: browserLanguage=en; userId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; __cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 04 Aug 2025 09:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: no-store, no-cache\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=M%2FOhPJY%2BgH5weMrEzJIb1HxOXB%2F%2FF1DgnUxTRtjo%2FUfxje8VItG7QXb14kLoAbPQxxSoXj9wLh%2BtHigy0GGe7Nne8JkTjulVKO4%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 98589bd26dc12efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4445,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"770bc17d7e52a15d06e276c38b2f34a6","sha1":"95913f4f39fabe9c2faa2b4c1c7de8ae910a2e8d","sha256":"78fd65c2aff697b58852c98a5b044c370f74f8bb351ddc3ef10da9a618669bee","sha512":"a27bdec010b80334865de617c7f4eea6dd6964638f4bb281ecb7c1c195746a475b1a51b6677ae3aefcb6aedb2801e309592be59342671cc11e87ed5876b9c270","ssdeep":"48:168pOrL+aEyWgvsc1BP5oXp5M+RV2cQ85ic5H82a7tUdWDw:1XIrLUdcTLxceU2cQ81c2ctUdWDw","tlshash":"7b910e2518f52827109384c5eaf9be4f2f89e917911a9b4431fc4bd60fd3e99cd8b01c","first_seen":"2025-09-23T02:02:29.810191Z","last_seen":"2025-12-15T06:52:46.534116Z","times_seen":56,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/js/track-logic.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /lands/js/track-logic.js HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=\r\nCookie: browserLanguage=en; userId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; __cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 04 Aug 2025 09:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"689080c2-1673\"\r\nexpires: Mon, 27 Oct 2025 05:30:22 GMT\r\ncache-control: max-age=2592000, no-store, no-cache\r\ncontent-encoding: gzip\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R82QUWlpJB02j3Z77T9u5uv8Dsd%2FvcENUVV569A8K3qKQzlH14Z7zoycrDoWgzeULZAh81wa7De7KrfAlngdZvpBlnSqZRM7rts%3D\"}]}\r\ncf-ray: 98589bd2fe882efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5747,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"367d17708903922fabecff12f01df4f7","sha1":"6d76afdd9602c0a8d5195cdf08b6a5b3a67a7492","sha256":"b75f93e5ac17b4a47999dd7365c7928aa5e2d0f3adde2e424cc7f606cd922d5d","sha512":"ba7d1b01f391aafba12766dcaac9350e980251e388425f4434c3860d0c51782e1120c043c146abedbb51c9e87fe94baf12a07000826bedbe6ca04ed06d02b571","ssdeep":"96:obQvMk4VarTAgsIARKNO17i5hMPY5hafIVPjV3lNoh2M28fBFdZ0Mk7:LQCUIARKkhkMUZVPjV3lNoh2M28fBFd0","tlshash":"8ec144897872727059e3316cc72b852432361913794de690b65d83b40f3ae1af36bade","first_seen":"2025-01-16T01:56:12.010626Z","last_seen":"2025-10-06T18:12:26.850528Z","times_seen":38,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hagech.com/lands/js/translate.js","fqdn":"hagech.com","domain":"hagech.com","tld":"com"},"ip":{"addr":"172.67.179.71","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=","date":"2025-09-27T05:30:22.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hagech.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 04 Sep 2025 17:05:46 GMT","end":"Wed, 03 Dec 2025 18:00:48 GMT"},"fingerprint":{"sha1":"44:7C:09:92:A8:10:63:77:42:3C:FA:B8:AA:2D:9C:E0:36:10:CC:6D","sha256":"44:E6:79:57:C9:02:F3:02:53:8D:6C:8A:F4:DB:28:50:CF:C9:E6:64:3C:B3:02:8C:7D:03:F4:98:C8:45:36:FF"}}},"request":{"raw":"GET /lands/js/translate.js HTTP/1.1\r\nHost: hagech.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hagech.com/lands/adult/2cl/?img=last.png\u0026seof=true\u0026push=true\u0026split=thunt\u0026token1=d4539\u0026token10=019989a6-9f04-7005-9e65-e9ed62204938\u0026geo=NO\u0026device=Desktop\u0026os=Windows\u0026browser=Firefox\u0026aff_id=1261\u0026aff_sub=hot\u0026ttype=direct\u0026camp=f168\u0026sl_cid=019989a6-9f04-7005-9e65-e9ed62204938_e2dfddd03d9127350751fea1fb07203e\u0026bstep=\u0026sid=s9\u0026efcn=custom-unknown\u0026cntp=custom-unknown\u0026sch=\u0026scw=\u0026vph=\u0026vpw=\u0026lt=\r\nCookie: browserLanguage=en; userId=019989a6-9f03-7005-9e65-e7f0206d0f55_cf7f56298305d882d00904d60ac23b5a; __cflb=02DiuG1r78wjR3ReK8PaC8DMfKBYEDLrcvJ8zhVwGYMCp\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 27 Sep 2025 05:30:22 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Mon, 04 Aug 2025 09:43:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"689080c2-29d\"\r\nexpires: Mon, 27 Oct 2025 05:30:22 GMT\r\ncache-control: max-age=2592000, no-store, no-cache\r\ncontent-encoding: gzip\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jZvtfj6isSpavQun73Z9SG56ukOdpTVea7fsQI1fQEz43V6wK8Uj6jILgexGC%2BRDsSVNyykhxVltXykpH4bkvFXwLazY%2B72N7Pg%3D\"}]}\r\ncf-ray: 98589bd2fe8c2efa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":669,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"97e08f42000c0aa7fbbf09cf081da0fb","sha1":"dfe876ddadbed2fba244cf81017dca3ba795cf64","sha256":"526a4d6f3f928215fe324e94008aafcc6e38742c3bb166815341dc14a0af8711","sha512":"d9d76e5ee51460145d55862fccfe88c823cc0917074041b3eacc89072f0191336a62c34feb42087a170cdecd0facefa8d4f9df9badf81b29900b3204955191db","ssdeep":"","tlshash":"3e01762a72b5502a10ac0999e3cf90edbe28b3013032fca0b76caa161f64c6d734d4a5","first_seen":"2024-12-21T16:39:40.026149Z","last_seen":"2025-12-21T21:02:02.931542Z","times_seen":61,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2025-09-27","alert":"Sinkholed","trigger":"hagech.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}}]}