{"report_id":"2fe722b8-31eb-4dd5-878f-785107235659","version":6,"status":"done","tags":["suspicious"],"date":"2026-06-01T12:19:55Z","url":{"schema":"http","addr":"hcxr-42552.wasmer.app","fqdn":"hcxr-42552.wasmer.app","domain":"hcxr-42552.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"hcxr-42552.wasmer.app/","fqdn":"hcxr-42552.wasmer.app","domain":"hcxr-42552.wasmer.app","tld":"wasmer.app"},"title":"Navy Federal Credit Union - Our Members are the MissionĀ®","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hcxr-42552.wasmer.app","fqdn":"hcxr-42552.wasmer.app","domain":"hcxr-42552.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-06T12:19:55Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-01","alert":"Detects file containing Telegram Bot API","trigger":"javascript.write.md5:2e9440220a29d22262014a3e064b8c89","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"hcxr-42552.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"hcxr-42552.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"hcxr-42552.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"hcxr-42552.wasmer.app","ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2018-10-16","domain_rank":0,"first_seen":"2026-06-01T12:19:58.111366Z","last_seen":"2026-06-01T12:19:58.111366Z","alert_count":10,"request_count":3,"received_data":3783042,"sent_data":1486,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.3.21","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-05-31T22:37:14.287473Z","alert_count":0,"request_count":1,"received_data":31959,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"digitalapps.navyfederal.org","ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"1997-03-24","domain_rank":93913,"first_seen":"2020-08-13T16:50:55Z","last_seen":"2026-05-31T15:17:00.746532Z","alert_count":0,"request_count":4,"received_data":4983,"sent_data":1937,"comment":"","tags":null,"fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"md5":"2e9440220a29d22262014a3e064b8c89","sha1":"4d4dc2f4ed9e5d3d4f53aacf99137d7d524c859c","sha256":"68a25e5a37f84fa6509f2951dac3397abe5612aa89811a96ab26e1b35c511c00","sha512":"f980cbb255be1e0e23b27eeb7604c0eff53e803216a9e12679636eab9b68974914ce22199cbaeeef7b375283f92dae4a79ea4fdb175e4213548c169beb082d48","size":104683,"token":"8927109451:AAHG37V5V9w6U0iqJD-NHGnX2xXId8PJaOU","is_revoked":false,"bot":{"token":"8927109451:AAHG37V5V9w6U0iqJD-NHGnX2xXId8PJaOU","user_id":"8927109451","username":"Jgvdbdgbm_bot","first_name":"Jgvdbdgbm","last_name":"","chat":{"chat_id":"8682359469","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"hcxr-42552.wasmer.app/","fqdn":"hcxr-42552.wasmer.app","domain":"hcxr-42552.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e0a0d4198a0ae509943c257720c2d88b","sha1":"a44592c1bd13911ebb10cca083497080c9f938c9","sha256":"d1bb83176d38eb7305f89a1ebff9109aea5f924cd25ca1a4e0fef5d88e48700b","sha512":"0826b12657849d0f170c9c842ca312cf4099658a0cd4f75d16ecab1f95ff14476101163d7d9cafc3ac0e68c7a2796e386c9a3a1bf1318c9f4d4eb5555a250638","ssdeep":"768:YWUfJLQeYPdJxIPdHoHoaDjGNNBTMPz2eYCqHmY6xIGv052bCSYu9E+uLqj+Ctjf:jL5","tlshash":"fc64b23cf323c44d99b35abbfcbc1a14a144aec7e9dda6c80c5d42462fe0d6a35186e5","size":314109,"data":"","first_seen":"2026-06-01T12:20:01.258165Z","last_seen":"2026-06-01T12:21:14.858844Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hcxr-42552.wasmer.app/","fqdn":"hcxr-42552.wasmer.app","domain":"hcxr-42552.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"072f25ad6976a8e221a904b8997b895b","sha1":"ce400a248c067a2cda2f36e43ab1959bae2a631a","sha256":"c9ebbb8bacc34a570bc8549544c5687049ca5c36541f70f89229c56c232192a8","sha512":"a957d3d6c21d8868bd0eeb37ab993686f09c5fa6efdd563988eb17a02ea33558f3189ffa69899391440448d2ae9daf2553945999eee6fa15c43962eacd48a19f","ssdeep":"1536:/lgQ/Jxo1wNz8ikMO3cRwc4ek7HFcOxSEaiI5xddSvbAWOO+e+n6l6l66Hjp65r8:T","tlshash":"5d069d7fa203ec3d7a6398fff96c2ed18051de4beccd5683018c845e6bd24aa7518586","size":3781579,"data":"","first_seen":"2026-06-01T12:20:01.259734Z","last_seen":"2026-06-01T12:21:14.863445Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"bf0edab49db76354d2d326b7e724a839","sha1":"077a43dc9a18dcf4a0a7225841768ae9cc81042c","sha256":"2a2295b1c7e76806ecfafc305c472d73bd65f73505b85826c809bf0db7777061","sha512":"59c03a1b2971a60c5befc2b487a3d62f15167897c57476e70c2f12b0ee4c8fe90c87ab3a0b8b0888a9a316adb66a10a5925039cc3a6d8c61158e6177961834ee","ssdeep":"12288:F0SZthg6wLMLHej3en2b27iPQ23CtDoW8jqCyYdTUD4W8jSm:ZZng7w+j4OR/jqHil/jN","tlshash":"ea45f83ce663d84c9d73167bfcac1a106e189d83d9ddaee83c1d46450fd0aa57a18bc8","size":1261033,"data":"","first_seen":"2026-06-01T12:20:01.260984Z","last_seen":"2026-06-01T12:21:14.866179Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"2e9440220a29d22262014a3e064b8c89","sha1":"4d4dc2f4ed9e5d3d4f53aacf99137d7d524c859c","sha256":"68a25e5a37f84fa6509f2951dac3397abe5612aa89811a96ab26e1b35c511c00","sha512":"f980cbb255be1e0e23b27eeb7604c0eff53e803216a9e12679636eab9b68974914ce22199cbaeeef7b375283f92dae4a79ea4fdb175e4213548c169beb082d48","ssdeep":"1536:BV4eoZzx46xJ9DZ3VFqCvH800RU+S95QKDOM:N0zx4iRFqCvH800RU+S95QKDOM","tlshash":"02a3e9e262606c3d00178bdff7e26680727e912fe2961480b1bc55b45bbbc99b70b51f","size":104683,"data":"","first_seen":"2026-06-01T12:20:01.261949Z","last_seen":"2026-06-01T12:21:14.86826Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-06-01","alert":"Detects file containing Telegram Bot API","trigger":"javascript.write.md5:2e9440220a29d22262014a3e064b8c89","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/static/media/bubbles.9f2a1919448e1d79ac6b.svg","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hcxr-42552.wasmer.app/","date":"2026-06-01T12:19:32.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 May 2026 00:00:00 GMT","end":"Sun, 29 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"27:BE:E4:91:4D:E9:18:1E:57:1D:DC:46:05:BE:25:6B:37:B6:18:FC","sha256":"57:78:C2:89:73:4C:23:52:DB:27:90:88:63:E7:5C:40:E0:27:C2:56:51:43:BF:D8:6A:C4:86:97:8A:B2:BC:65"}}},"request":{"raw":"GET /signin/static/media/bubbles.9f2a1919448e1d79ac6b.svg HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hcxr-42552.wasmer.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: application/json\r\ncontent-length: 54\r\nx-edgeconnect-midmile-rtt: 76\r\nx-edgeconnect-origin-mex-latency: 12\r\ncache-control: max-age=86400\r\nexpires: Tue, 02 Jun 2026 12:19:33 GMT\r\ndate: Mon, 01 Jun 2026 12:19:33 GMT\r\nset-cookie: ApplicationGatewayAffinityCORS=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/; SameSite=None; Secure\nApplicationGatewayAffinity=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/\nakaalb_Digital_ALB=~op=~rv=55~m=~os=~id=5457bdd346720d44d676438e9b4383e2; path=/; Secure; SameSite=None\nak_bmsc=D9855EE543A630C520CAC84B77C737C7~000000000000000000000000000000~YAAQJ08kF1+Y9HWeAQAAuwEggwCSRjAYcAUc/XrH5dhK8taVnzHk+9eIf/5Tgl5NO5LC/6xMhJmSaxbT9b8PpbXXhrkUPpJfMN4nzvIvsXz6W9u6W4gihnmyQK6zTSCTeOncUrZ/zM80emMtdaQuXd+rA1VHxCS4f040x8goZb0+AaiT8ypAzDSffpnfJF1xOtco+ZRKwSSA0/1JbrrT/Fow3pGqbrWmDR01U04uVrw53nD+SfWolCMTOsDkx//KVDLg7UKt6R8f8AEtQp6883Q45avca4oa274XfjYv/xyuW4LnjqlFJ4BzcJnP5Fk51+QA2ZQ5aQEOEyGu4+Oaw/o+FqTVBPrNiQ7xDySX4uXYd6uYmZ2wxai61itn+u57wV3+TCf1Ei+AbAERYC66; Domain=.navyfederal.org; Path=/; Expires=Mon, 01 Jun 2026 14:19:33 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T15:09:47.269258Z","times_seen":16181626,"resource_available":true,"data":null}},"time_used":619,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":450,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/apple-touch-icon.png","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hcxr-42552.wasmer.app/","date":"2026-06-01T12:19:33.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 May 2026 00:00:00 GMT","end":"Sun, 29 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"27:BE:E4:91:4D:E9:18:1E:57:1D:DC:46:05:BE:25:6B:37:B6:18:FC","sha256":"57:78:C2:89:73:4C:23:52:DB:27:90:88:63:E7:5C:40:E0:27:C2:56:51:43:BF:D8:6A:C4:86:97:8A:B2:BC:65"}}},"request":{"raw":"GET /signin/apple-touch-icon.png HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hcxr-42552.wasmer.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: application/json\r\ncontent-length: 54\r\nx-edgeconnect-midmile-rtt: 76\r\nx-edgeconnect-origin-mex-latency: 11\r\ncache-control: max-age=86400\r\nexpires: Tue, 02 Jun 2026 12:19:33 GMT\r\ndate: Mon, 01 Jun 2026 12:19:33 GMT\r\nset-cookie: ApplicationGatewayAffinityCORS=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/; SameSite=None; Secure\nApplicationGatewayAffinity=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/\nakaalb_Digital_ALB=~op=~rv=92~m=~os=~id=2072bd967f817007be8aee264f25c2e1; path=/; Secure; SameSite=None\nak_bmsc=EF6B38E704C785679E270757D8FA9B56~000000000000000000000000000000~YAAQJ08kF2yY9HWeAQAAPQIggwBtq1Wa1o4Mk9B+cEqWK09s+Td+cgGUIA3kaG+rxyCJZB0Rn5UAfFwcVio15Uz36TKn/rADOofTfJC8/W5OK6XIYXTPMH9Ms03X9Dc/MBsxn79cXjccB3MVq/pq499gJ1AGiL22AlKRwKJ3MhV+C7xnOuCqYAEApdMPVwKU0bhhYBDpU1Yr3GY2tEaiGO05OquU0jjsYtd2Q1nWRnyJIf3HTo9uV9ZpCUT3rZ9MLHpD4skI4OMd9Mtqwp0uXZe4ydXj044YAmYVNsGMK/tcU7NSJpNmFboco05xuoqlPhCKtIOS7BUPvxPVX2xW2EIJefg810hEjZZkPXlxmq4PAIPzMO6ibB89zoVY2u85XUXOwww97os0kbrdxFNv; Domain=.navyfederal.org; Path=/; Expires=Mon, 01 Jun 2026 14:19:33 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T15:09:47.269258Z","times_seen":16181626,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/favicon-16x16.png","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hcxr-42552.wasmer.app/","date":"2026-06-01T12:19:33.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 May 2026 00:00:00 GMT","end":"Sun, 29 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"27:BE:E4:91:4D:E9:18:1E:57:1D:DC:46:05:BE:25:6B:37:B6:18:FC","sha256":"57:78:C2:89:73:4C:23:52:DB:27:90:88:63:E7:5C:40:E0:27:C2:56:51:43:BF:D8:6A:C4:86:97:8A:B2:BC:65"}}},"request":{"raw":"GET /signin/favicon-16x16.png HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hcxr-42552.wasmer.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: application/json\r\ncontent-length: 54\r\nx-edgeconnect-midmile-rtt: 76\r\nx-edgeconnect-origin-mex-latency: 12\r\ncache-control: max-age=86400\r\nexpires: Tue, 02 Jun 2026 12:19:33 GMT\r\ndate: Mon, 01 Jun 2026 12:19:33 GMT\r\nset-cookie: ApplicationGatewayAffinityCORS=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/; SameSite=None; Secure\nApplicationGatewayAffinity=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/\nakaalb_Digital_ALB=~op=~rv=31~m=~os=~id=3ce891bec4ddc03c9332c4cc021fb686; path=/; Secure; SameSite=None\nak_bmsc=608D9F989FDFC38F4622EAEDC044F6DA~000000000000000000000000000000~YAAQJ08kF22Y9HWeAQAAPgIggwDAtt1oY10WnhrWDASUzuytAhTArvJ4oG6kX2OO143NsP1cfx5h8P7rUIn8I9tlOw69DZRHC9kbLAbqp+ECWyB5vwFRcpQw2oGBbRU+qjPDivt0IvMwYi7HieB5fmYO60MwUA4N/aqQKK9RcqEXawwEMhOZvJeH+KlqlGJetkege9nJ1aLhuQlZjpyCNZmDVa+iQkQsTadiDTQKJlpZkRhGOW06SY6FJSZJO6xt8zI/xA73eiqrv9rkfc7MZfYkV7kUQscYczK1Rcq6cKexDXQMb+AsJLCuVjM0MB+gXbbmdz1VS0Uwsuderl4CohdAxV5aXoRf5T8LCSdNd9wb9H7m49xis0oBM0JSydunVat/1/Vm5yCCv/6SPMDE; Domain=.navyfederal.org; Path=/; Expires=Mon, 01 Jun 2026 14:19:33 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T15:09:47.269258Z","times_seen":16181626,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":317,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hcxr-42552.wasmer.app/","fqdn":"hcxr-42552.wasmer.app","domain":"hcxr-42552.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-01T12:19:31.919Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 15:04:39 GMT","end":"Wed, 15 Jul 2026 15:04:38 GMT"},"fingerprint":{"sha1":"FC:2E:CC:CF:17:11:62:09:49:F9:2C:CD:FA:5C:6A:56:31:D5:D6:9E","sha256":"20:90:3A:BF:BF:97:9E:DC:D3:28:D1:0E:2B:A6:C1:60:AD:76:68:57:DD:5D:26:A7:1E:58:71:E8:A8:5F:61:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hcxr-42552.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 12:19:32 GMT\r\nx-edge-region: de-falkenstein\r\nx-powered-by: PHP/8.3.21\r\ncontent-type: text/html; charset=UTF-8\r\nx-edge-app-version-id: dav_2OPIqtEuVAMv\r\nx-wasmer-request-id: 58fa7b92-1b27-4aff-90a9-30aa0da2c6df\r\nx-edge-rty: w\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.21","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":3781617,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"f4da14999ac202f0ae76f7d4d5b853e8","sha1":"ec208d5740e771cd9676d7a50c7122c584b08cc3","sha256":"d3d66db39a430df1bf018fc6d15d64d48fe1ea8a1ebddee9a3c538875294c2bf","sha512":"b86f3de04b6e0cb0a2916cca21c7507156d3adf9269f7dc5f47c2f37d7e1831a0fec88e9cd73f4e83f93adb409aa25ad0d956c06356de34311cf95ae5d11be65","ssdeep":"1536:GlgQ/Jxo1wNz8ikMO3cRwc4ek7HFcOxSEaiI5xddSvbAWOO+e+n6l6l66Hjp65rR:T","tlshash":"c025657e6200ec4d6d2399bffdac3ee09064de5fedc9ab840059841fafd18a975085c6","first_seen":"2026-05-24T12:27:22.043124Z","last_seen":"2026-06-04T13:55:42.676069Z","times_seen":12,"resource_available":true,"data":null}},"time_used":403,"timings":{"blocked":116,"dns":35,"connect":33,"send":0,"wait":170,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"hcxr-42552.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"hcxr-42552.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"hcxr-42552.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/static/media/img-BecomeAMember.64255d0d02ef64234628.jpg","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hcxr-42552.wasmer.app/","date":"2026-06-01T12:19:32.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 May 2026 00:00:00 GMT","end":"Sun, 29 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"27:BE:E4:91:4D:E9:18:1E:57:1D:DC:46:05:BE:25:6B:37:B6:18:FC","sha256":"57:78:C2:89:73:4C:23:52:DB:27:90:88:63:E7:5C:40:E0:27:C2:56:51:43:BF:D8:6A:C4:86:97:8A:B2:BC:65"}}},"request":{"raw":"GET /signin/static/media/img-BecomeAMember.64255d0d02ef64234628.jpg HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hcxr-42552.wasmer.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: application/json\r\ncontent-length: 54\r\nx-edgeconnect-midmile-rtt: 76\r\nx-edgeconnect-origin-mex-latency: 19\r\ncache-control: max-age=86400\r\nexpires: Tue, 02 Jun 2026 12:19:33 GMT\r\ndate: Mon, 01 Jun 2026 12:19:33 GMT\r\nset-cookie: ApplicationGatewayAffinityCORS=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/; SameSite=None; Secure\nApplicationGatewayAffinity=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/\nakaalb_Digital_ALB=~op=~rv=9~m=~os=~id=64d382801b3da1ff82effded2f636732; path=/; Secure; SameSite=None\nak_bmsc=EB71065CBC52E9783586D45411B420DE~000000000000000000000000000000~YAAQJ08kF16Y9HWeAQAAuAEggwDhAG+0tUkSmlm74RCstYbLh56TB4Tx0AZ6oGP8SJl+8mpvU5omATSJjlyIg0ymXNOCOwKg36/gTHbe3FQfkzNyP3Rk0Lt6TeN/PVrhglKjn0H+4cXCdlB5hANdyjGIpI+szwecR+61zqiI9cSYlXwEwbkIsKjtaFtgV5MwnQQ5PYfv465uAC08NdIYSaG0DSbDKLOYeVYnkD7wacFz5W2krnt5Q9mKf3trvtZEeswcf4uvFDKqHDnbM6ZAWBakq/mVa2Ccwk3lD/43IxYS5hYZ6kS+FzRVAOUWJncKToEB49vV/6E4XMXjqJsnh+exXnxU/pgekeYJ0otzgLve/bWSQQjG5+u31XIk2M279PnXqqx5LIl9AJtqQz6u; Domain=.navyfederal.org; Path=/; Expires=Mon, 01 Jun 2026 14:19:33 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T15:09:47.269258Z","times_seen":16181626,"resource_available":true,"data":null}},"time_used":1111,"timings":{"blocked":240,"dns":165,"connect":1,"send":0,"wait":630,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hcxr-42552.wasmer.app/","date":"2026-06-01T12:19:32.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hcxr-42552.wasmer.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 01 Jun 2026 12:19:32 GMT\r\ncontent-type: text/css; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\nlast-modified: Mon, 04 May 2020 16:10:07 GMT\r\nvary: Accept-Encoding\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/r2\r\nx-cdnjs-cache: HIT\r\ncf-cache-status: HIT\r\nage: 329516\r\nexpires: Sat, 22 May 2027 12:19:32 GMT\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NzHCqkgc3vB7ddHx1l%2FSxxQ8kR420le79VAbPR%2FNRodeYO2E%2BLde02Pj8QqeTI%2FvfnYJAFalchykqv7A%2BvM6EADsAzXXDyY4rNT1RsiNZ6K%2FJDIE9kJrPBtfSsPB47LUud6Q%2F4So\"}]}\r\ncf-ray: a04e2ad10c535a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31000,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-06-06T15:11:28.664941Z","times_seen":282994,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":20,"dns":1,"connect":1,"send":0,"wait":9,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hcxr-42552.wasmer.app/.11ty/reload-client.js","fqdn":"hcxr-42552.wasmer.app","domain":"hcxr-42552.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hcxr-42552.wasmer.app/","date":"2026-06-01T12:19:32.705Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 15:04:39 GMT","end":"Wed, 15 Jul 2026 15:04:38 GMT"},"fingerprint":{"sha1":"FC:2E:CC:CF:17:11:62:09:49:F9:2C:CD:FA:5C:6A:56:31:D5:D6:9E","sha256":"20:90:3A:BF:BF:97:9E:DC:D3:28:D1:0E:2B:A6:C1:60:AD:76:68:57:DD:5D:26:A7:1E:58:71:E8:A8:5F:61:43"}}},"request":{"raw":"GET /.11ty/reload-client.js HTTP/1.1\r\nHost: hcxr-42552.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hcxr-42552.wasmer.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 01 Jun 2026 12:19:32 GMT\r\nx-edge-app-version-id: dav_2OPIqtEuVAMv\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 555\r\nx-wasmer-request-id: f9d08a56-ab0c-4d8b-8dd4-af8626d96c9c\r\nx-edge-rty: w\r\nx-edge-region: de-falkenstein\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T15:09:47.269258Z","times_seen":16181626,"resource_available":true,"data":null}},"time_used":302,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":302,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"hcxr-42552.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"hcxr-42552.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"hcxr-42552.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hcxr-42552.wasmer.app/navy_files/saved_resource.html","fqdn":"hcxr-42552.wasmer.app","domain":"hcxr-42552.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://hcxr-42552.wasmer.app/","date":"2026-06-01T12:19:32.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 15:04:39 GMT","end":"Wed, 15 Jul 2026 15:04:38 GMT"},"fingerprint":{"sha1":"FC:2E:CC:CF:17:11:62:09:49:F9:2C:CD:FA:5C:6A:56:31:D5:D6:9E","sha256":"20:90:3A:BF:BF:97:9E:DC:D3:28:D1:0E:2B:A6:C1:60:AD:76:68:57:DD:5D:26:A7:1E:58:71:E8:A8:5F:61:43"}}},"request":{"raw":"GET /navy_files/saved_resource.html HTTP/1.1\r\nHost: hcxr-42552.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hcxr-42552.wasmer.app/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 01 Jun 2026 12:19:32 GMT\r\nx-edge-app-version-id: dav_2OPIqtEuVAMv\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 563\r\nx-wasmer-request-id: ddcc1058-394c-46bf-b6ef-920b0eebb711\r\nx-edge-rty: w\r\nx-edge-region: de-falkenstein\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":563,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"6fb93d93e03f47ab0462de916115ea4c","sha1":"455c85d6a73fc28069a6b57eb89c7b1118b6170c","sha256":"424f19fb6203f21d253ea011890be5fd70e4193d88f26cc6aa65bd6f323d1512","sha512":"d1f48099c8e60d649785f30d9d9faf448b5196bdaef6fb7291e573278393758c111010349c666da96bc2547658160973ac2746139939e84ecd98505d01494acf","ssdeep":"","tlshash":"d9f0eb1bc3a2210ef079a4e42dc36350731e0262f4204f38bc562e38e05c8b4287bbcd","first_seen":"2026-04-03T00:11:13.691079Z","last_seen":"2026-06-04T13:55:42.660842Z","times_seen":120,"resource_available":false,"data":null}},"time_used":259,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":259,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"hcxr-42552.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-01","alert":"Sinkholed","trigger":"hcxr-42552.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-01","alert":"Phishing Block","trigger":"hcxr-42552.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}