{"report_id":"323ae5e2-482c-4dfe-a26e-cd21c9a46da1","version":6,"status":"done","tags":[],"date":"2026-01-04T05:12:57Z","url":{"schema":"http","addr":"www.flux-kraegh.com/","fqdn":"www.flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":0,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"final":{"url":{"schema":"https","addr":"flux-kraegh.com/","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"title":"Flux Kraegh | Officiële website Nederland 2025","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"www.flux-kraegh.com/","fqdn":"www.flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":0,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-08T05:12:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-04T05:12:35Z","timestamp":1767503555,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":57122,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2026-01-04T05:12:35.887505+0000\",\"flow_id\":1245763699152189,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":57122,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":911,\"bytes_toclient\":1606,\"start\":\"2026-01-04T05:12:35.857405+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-04T05:12:35Z","timestamp":1767503555,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.11","port":57114,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2026-01-04T05:12:35.909245+0000\",\"flow_id\":30000191573146,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.11\",\"src_port\":57114,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":911,\"bytes_toclient\":3425,\"start\":\"2026-01-04T05:12:35.855194+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"www.flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"www.flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"flux-kraegh.com","ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":118,"request_count":59,"received_data":2098735,"sent_data":26126,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}]},{"fqdn":"ipinfo.io","ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-04-23","domain_rank":1327,"first_seen":"2013-12-16T07:25:53Z","last_seen":"2025-12-29T10:05:07.357482Z","alert_count":0,"request_count":3,"received_data":1950,"sent_data":1293,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"www.flux-kraegh.com","ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":2,"request_count":1,"received_data":44394,"sent_data":488,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"flux-kraegh.com/js/menu.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"0d6eb1e39fa7735889cf0f8b75acb3f2","sha1":"b08044b873f5f67bab1e213acd05a1f7972c63b2","sha256":"8db61b38db945eb47dc8eb4d6dd9be37793b7531937e874e2457e3ac788982a1","sha512":"a102845cd14b780d5b1196e90204eda56cb5ee6eb063eb6d7a62f550033ad6c2e3e79642f64fd3a9124ed2b7957df017bff735c29bf0e20b869204f10446ecee","ssdeep":"192:Uj5IhkTXWRrnJSZK1O9F/28oDCrASi/BvvIGvML0srG2pD1l5RWPVz+2sEmE9guC:jkTXWRrnJSZK1GF/28o+MzJvAGvMIqGK","tlshash":"a4024484727f133986ef339a517c869af62c8892e443889fb87c5acc18b155153f1abd","size":8945,"data":"","first_seen":"2024-12-28T11:23:31.668216Z","last_seen":"2026-04-04T08:19:30.893956Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/scroll.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"34db16e6fec27a1266d7975128810589","sha1":"fce555b5bd705212018eee4a1684cd76f68034cd","sha256":"c97c62cc2975c2dddd7f8aa63cf6081b99070674fdcef1f73aa2bd32c280923d","sha512":"b3f03231149737aea438502d679d62475c36f08047d274a369a912cbb13b9cf64bd6b320b5813654a9e1d58b89799cb192e8582a89370018a17dfe189f579799","ssdeep":"","tlshash":"67310268318b293983d5874dd13f2f847db94073b581a12da05d6c2f3f50bb9877608e","size":1553,"data":"","first_seen":"2024-12-28T11:23:31.672837Z","last_seen":"2026-04-04T08:19:30.895085Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/formsHandlers.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"2a3b569ff7900d7067fd3dca741c2ef1","sha1":"219a823d5991d601838a30597cd991428e07fe89","sha256":"1f63c3eed801f24cbc83236e1e1456ffedfec06a92a44ef2a5b2024b974559ef","sha512":"476f35d13a2f811d957d4f5e818ad9c55302aaad4a4a08e4711ddc5ad7d351fced58bb020de016b390a0d6a01db180247bae9a8f8532bd71569c65c5f7c3239a","ssdeep":"96:SVRP4ZvN4f1wvNTpw7Hdw7HdzvNv6hw7HMNmMHMf1hFEURFuVIkcuWdl9Mn:IJqvef6vseVv1vQGftEURFumkcuWdl9o","tlshash":"9ab11249d7bd1e1905eb205ebc8d3e8d343510367818b02fb19c46fd27acba996d6bb0","size":5373,"data":"","first_seen":"2025-04-17T18:26:42.807912Z","last_seen":"2026-04-04T08:19:30.902301Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/intlTelInput.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c9bacd626f8da329cfd17986468b921","sha1":"b8ef112f4c44f07c914363756792e9baff14be34","sha256":"a5bd18c50d0bedc08c05eec31019f087887e4454a02b2f8959dbdfbebba8ffb9","sha512":"09e7d0ad1436136919ddd67933ebb806ec1dff914f3139af7b11f513064f54e02d82a8c7d35b511b0cd9ab18bb570dcd18d50f1722ea0a2ab64e2510536e78cd","ssdeep":"768:IY03Xlqn/kiIzOT9FSRo/6mCIQkjMdt24vD8B:ItiIzU/6YjMdo","tlshash":"55d2e7ae63655b37a6fcc2a270e54503ae6f79444a44083d7cacdece0288ed271f5b34","size":29519,"data":"","first_seen":"2024-12-28T11:23:31.679776Z","last_seen":"2026-04-04T08:19:30.901066Z","times_seen":997,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":true,"md5":"0dffc5f4d46b7789516ecffca2f21bb9","sha1":"a32dd53a6e234508c87c503bcfff412cc4ce1fb6","sha256":"a20459c09a851a9a22558e36adc9acac2cc9a4bdf2068a128b590ae70e7b648b","sha512":"7c003a4274dc518b9198bbde806cdbe66eb8266ec8631ac98e3b2e45fef8a3f9a263b53e5608575ad1ad03113018c790c9156d15b238e145419a5ebea660266f","ssdeep":"","tlshash":"179002860d3d2505479da9db2431520680c258767c569c84043d052404f30d45125001","size":51,"data":"","first_seen":"2025-12-04T17:30:48.931447Z","last_seen":"2026-01-04T05:13:09.04196Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/cookies.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc418bb6dcb10c9c6fa2ec3f504c56ba","sha1":"9cd9e6f4f8b57e0047a88457546c5480574761f4","sha256":"5684597477e4a4dd05ac5e983cf6726fda4704896b1d642878cf5913fcde8d19","sha512":"9b0a78d7bb255afeee28b6d3baee485c3fd584fd6362a31809ea0d905b3a999b8e849fa6c50527f4bcbecd8bf22a88bd708409bc404328d13f34e9c4cd9c237b","ssdeep":"","tlshash":"c741456a3844242a05f327e5a59a625dff30a32272ab5406f0dda1f05f11d13cd9bcfe","size":2068,"data":"","first_seen":"2024-12-28T11:23:31.680731Z","last_seen":"2026-04-04T08:19:30.930568Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/spoiler.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f68bab6de0adedcc40e1a55460abeca","sha1":"f903e75d59de14759ff231395fee9447b15f3b0b","sha256":"ba40957e0be0a2cf4aeb47388f7827eae554c1cc4e158af21629c0e722c77553","sha512":"8de304d8a53f23b463b93480a37105c41a30e37899a7b67f71934240e026f4c5c9e2de4d7de0383ccfe53333343555605219646ed0b2429a6e74a8d7aead745d","ssdeep":"192:w6t39aKgJmZmlN3ijS714hUuAcBNgGYAcfAcUAcnAcow/PvPdOfrodBC/uzVDdzS:wE9aKgJmZmfSjS714hUuAcBNgTAcfAcf","tlshash":"9dd15090711f233623e6336e5434ee566858c6fbf5420faf78a49a9da0e28405273e7c","size":6440,"data":"","first_seen":"2024-12-28T11:23:31.669519Z","last_seen":"2026-04-04T08:19:30.912616Z","times_seen":61,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/swiper.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"94b914340a274dd89291378be8c4aed3","sha1":"ebbf8701e803339f36f1057452c3cba9208d18f4","sha256":"37b1087a7fab429e8729b8552bdf931dd7667d81ee097acad724670f526e516d","sha512":"78a92be481df633ecb0961b613c5abe5f807b42055060322e447ba1a74ab81c6c67b17639b7f703b024a63166cd266e92bec350930417b36b203786b85ed870a","ssdeep":"1536:DIJIfGCcF8NkhbGd9+OzColxU8KBkiArqCvievtnS4U9ampFvfha7W5J7ifuANE3:EJgNE8VKBk91U9FpFvfsi5JeWAXe","tlshash":"c7d308896220b57646e356db93e4c261a3b50540b80ac8f470bd4c9f597ec9813feffa","size":136933,"data":"","first_seen":"2024-08-19T16:16:35.40255Z","last_seen":"2026-04-04T08:19:30.914005Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/forms.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"ded136e24ee75ba7dc3a5db9a417c303","sha1":"7d75f32ddc89e13e85ea517d932d1eaf95906d5e","sha256":"8651df8821bd9405e71bf5f6a7a1b24d086ff15cd32ce550ba3073eb22d7165b","sha512":"2d53c2fadd2c86129f2db512aab47795269af5498cf32750912b947a3f9590152b488f36548c0b5584f81d1bfec1bd81912d7efa15a63a57e2fa514e1fa6cdc6","ssdeep":"384:fM/XK+gzbIVJiNq7BwqNUn6qsv5wHzO6k9bKSk109bK0eM1d5xoulfYJJbub/TyI:b3IVAN+BLIlG5wTEbKSTbK0eM1dfjlfj","tlshash":"e39252d8761f043bdae913ed70fe4441bdace66149409468b0fce40d36e6f984ab2bd9","size":20129,"data":"","first_seen":"2025-04-17T18:26:42.756382Z","last_seen":"2026-04-04T08:19:30.925661Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/intlTelInput-utils.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"4e9dfe4ff0e4f710ca4d7e095262c1b2","sha1":"e995f1c98857e950882f9ed98b1f35469635a119","sha256":"c06746a767fd8adfe37ddcfa195262649a24a04d3b50036c77899cae54c9109b","sha512":"3fd04aec489cdb4540a0b2bce6552a7ef3517a1c4b464c1155448134de0b5ad77f9799a39f29481eee08205ca24cee01af38b782f8ce4dd251f86705d86b7f58","ssdeep":"3072:PklM0F8CAJjFs3OwPss3MwPPmdV9T2xFM8Mpmxs5DyBpUsR56kmLNTg/QKWVRpFA:PklMpjBf0xFM8Mpm0/Z2","tlshash":"d944f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","size":259721,"data":"","first_seen":"2024-12-28T11:23:31.699953Z","last_seen":"2026-04-04T08:19:30.938448Z","times_seen":996,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/sliders.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"844586cf8533319dfa0786605b66a7b7","sha1":"86dd4d03cdbfe6af44068b20926b88dd83dc30a9","sha256":"0a6d76becdf93c26f3a900ea04e9205fdd3f27048abec7e77cfc416fa73f0f5b","sha512":"c81ba670d003b0fb198bc6252b47aca21c11f66bdce112d77e4880308412167ef9750b0525f4733af32d41433e9d54c7ee6f54b83419f09dc21b33d205a58d28","ssdeep":"","tlshash":"a551ef807297b0be06b157073979cf50e4978668c0cf817bf4ea8a4dc5063bb0d949ec","size":2720,"data":"","first_seen":"2025-05-12T01:13:36.966734Z","last_seen":"2026-03-19T10:21:44.218672Z","times_seen":21,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/scripts.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4b784c87e5bc6d6144218f8677c379a","sha1":"8e7c58a43f2cdd809c3017166fb20a332fde014a","sha256":"821a3a9b3b1665803d69fe10739e36e6a00a71e16e37470f9b548b9d6e7a038f","sha512":"3f6b147da0785f6a28807d24db00c69c8185429ba7bf1bc4de4a195b163ec89c7f0a9bd6f09eedab62192f9c74ada18676ec46144e8c5948c9afa83004c3cb8b","ssdeep":"","tlshash":"7ab0129160c2e3704fb3031c20e8500f8909125873015238944800c0b45a67275e100d","size":91,"data":"","first_seen":"2024-12-28T11:23:31.673933Z","last_seen":"2026-04-04T08:19:30.895644Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/justvalidate.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5999ea06cbb02d9f509d7127f581ca57","sha1":"353b584854cfb425f4da8446734b1f5557d32eb2","sha256":"29d1548e149452387bacf862a93dc3049a1f63b90cb972d6091641d477734592","sha512":"9320ce7503b230e62b4dc62a4078e802091a4a8e5fe28f7495ffec44f1bcbe6aa56e4b1ded1824e5854992e11d52319596b70a866486a74b24eb33d5a5107090","ssdeep":"768:VkW++JZ/wbtODUsl8dJorXESRAwgJMgp81UuVvwnCByfDwty0HD/h7PCByCrCagl:mCCDSXrRAwgJMg5s5Y3gk56D","tlshash":"41d2d706267149234dd94aeae08b9543b3d0375da914a4ccf73decfb8a8dec630536b6","size":29666,"data":"","first_seen":"2024-10-04T14:22:46Z","last_seen":"2026-04-04T08:19:30.9091Z","times_seen":1110,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/adapt.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"5099679a2ba7396b7a3e56e85b487bb0","sha1":"154e3dd443f80d5e594b51e0f5b624fd8d36ed8d","sha256":"19da36faf51b3d8ff867c3b0dfad881d3bb89a5c7fee2b8728bf6d62eb858c26","sha512":"7073bfd421c49f632e3f709a51aad248ff6407ba38d50d47a67ec2114449b70667296139d92848aa91d90d3ccbf377d4f130f0938ccdff29fb11d1b4fa7461f5","ssdeep":"","tlshash":"915104e1b50f6d9b56db13bf7037150afabed81190007aeaf8e4c5c861529410bf55f4","size":2999,"data":"","first_seen":"2024-12-28T11:23:31.667362Z","last_seen":"2026-04-04T08:19:30.911754Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/functions.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"6abf7365821683c0c1981bd99ae9685b","sha1":"2cf8423432918648835bea93501317fb39690737","sha256":"f64e469125b3baa723c1670bdf8eedc8ad6a7c52439e86f3053dec1754948152","sha512":"33b9d06f4717f5e625e33dbc0d0847a9e85ae8010f2f3f285c0f61113bca126feda92c6100fdc05f68b32f26567b78e9947afeb8b1d99e4c95e9dc54cb63c7cf","ssdeep":"96:5daAQkSmLA9vYal206WwPSpdPeBfVL4WC557zwKHBoa:5HQ9mA1dv2w+zK1","tlshash":"929132b5702bd07606fa138fb1b6878cf87cb4e728435059a88c45883860f9566a15df","size":4274,"data":"","first_seen":"2024-12-28T11:23:31.670829Z","last_seen":"2026-04-04T08:19:30.918556Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/inputmask.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"f869249af176bf7f8f843b134cf34b98","sha1":"5133b8dcd2286552f2e6f422261e8f74741f8f02","sha256":"5b8e6af2eac6dc224477bcc4aab896c15eb8ade3d4f3117190a2d61ef4d006d5","sha512":"69ce9c2514b7ed063a36fef0f153d81fa9b0453968fc4158f83693c81a8d810d4ad5c3defde3acd0475ba4f8c2f74b285749e4b88fd21c7ac881de4913fdcbff","ssdeep":"768:+da8SCVCBLTRtVSCDEVHnbbfeKy3ps4iwrIMKvnCFDVYbEc92eCcQUqSCAnUdVuF:+gRptulbbfhMInCF5YbEeFU6bS0JAe","tlshash":"4ba319d43552b16287e371f440bf840aa23beb29a4999040b25af4d0797decb07b7f75","size":107018,"data":"","first_seen":"2024-12-28T11:23:31.683914Z","last_seen":"2026-04-04T08:19:30.925147Z","times_seen":151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/localization.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"introduction_type":"scriptElement","is_inline":false,"md5":"a46b97962c5aa9aa5929ced368cb3ce7","sha1":"a7d157e0f3bb4fc650a009460bb69e4e780a5b58","sha256":"d61622b433bec7b7b5548e24f4cd0f8828917beb007210dc1dc7d48eb128bf3a","sha512":"9b619fef2c8dcb1a5d5fe0b1ce148456f85abad0e4ed36075fb68a2e4bf9e64f5090c1a9e09d81ac1c1a087554e249691b7a8de080c7bf5224a5e49995cc944f","ssdeep":"768:VZWSnv3Lq5fvd57+AoLFHuc0mE4g4udnB4LN/5Y9bXL94Mwm:VsELq5f8Oc0H4inB4LNkbbKtm","tlshash":"4523091de2cc24d80740e2e7d92d34c567ed9caebffa95dad099c07121ee16f8418a87","size":46742,"data":"","first_seen":"2025-05-29T18:08:06.773584Z","last_seen":"2026-03-06T18:08:22.354217Z","times_seen":11,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"flux-kraegh.com/img/partners/1.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/partners/1.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-f8a\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3978,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ed8c0d61dd92ad206d395939a2274d2f","sha1":"84a14ed6c32abd4a7640e9e4c2e3e2694e4cda3e","sha256":"ef502ac7f7f34d826c5c63f8896345e86e5b7994619936c462dcbadc676aba78","sha512":"44ed1d9ec65230272a48ede80db2e877770bbb609c18751c724fa35e229ad21fb024cc41769be8a08dc2853436a82abb70758625675c3f397bfab27507438828","ssdeep":"","tlshash":"3281c7de37f893e8f541f5efbb238424b85a40dab1484740d7b72e546a0a429d9e0cc7","first_seen":"2025-05-12T01:13:36.959068Z","last_seen":"2026-04-04T04:03:43.86155Z","times_seen":216,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/slides/6.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/slides/6.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5250\r\netag: \"680a8ee3-1482\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5250,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a358f278bfcecac3ce3425eec1654209","sha1":"ad27152a04d01ed8e51508204cb2f58f0af61729","sha256":"22c1ac5934c8cc2821d7a2f7e4890b921726d7f9f3089b3dcc4888ff8b91f92c","sha512":"8d8b63faf50e8032502228c6e0d2f13e21fa6ed23dc134d188c0f5da3a80460dfcc1ac8c0e8f4488e0781f2495da7e68219a7aba10d6161a26508cf3cce7bd72","ssdeep":"96:6xh+d2g1Vp1uRNDmC5/0CsdgtRquOsDiykDImBx1KqTxtUozd6SEUPzy:ussEURNDmxdgt4CDAD7ZdTxx6AG","tlshash":"9cb18f605ac54fda8776eae6d4643341b6990e8a7cc3588cc41ffe77dec0568cc09052","first_seen":"2025-05-12T01:13:36.96029Z","last_seen":"2026-03-19T10:21:44.223771Z","times_seen":13,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/quotes/2.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/quotes/2.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 66896\r\netag: \"680a8ee3-10550\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66896,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 972x943, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f35cf9fd068b54ab1880848690deff55","sha1":"0f38dd6f6a564460582408b74bda316d7e507320","sha256":"a25d6af2dbceab2c5a8b4d62ee9fe1de4dbccbd1665ec3915e7b9dc2089c84fa","sha512":"c7169329677d4f42bc04ad96867234276b0acd36a93f33794fe941f642c44e9c38bd96d193bc4acf8847570c570791a9558e34c816204a0fa9727f124a6270cf","ssdeep":"1536:jEswc4AzQEI5iw3zYSy5+v8d3+pFvXUNdWisAaq56mX2b1A3zGY:Yswc4dmwZy5+Y3GvkNbUq4ma1OGY","tlshash":"3e6302b0cd056ab931c4fb15f5a7e28230fd92b1aa94c98c8884d90f1553d379eaceb1","first_seen":"2024-12-28T11:23:31.688915Z","last_seen":"2026-04-04T08:19:30.931176Z","times_seen":67,"resource_available":false,"data":null}},"time_used":477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/quotes/3.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/quotes/3.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 42860\r\netag: \"680a8ee3-a76c\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42860,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x960, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"f6b913c6a90281c612441184b5d054b2","sha1":"76e1ae5fb9a6d78785db8c6e3f3026d3a233e1e1","sha256":"e33aa13866d146c0346087460c5d372b6894ebb51b8ee5df2bf05792327eb70d","sha512":"b7b6947d0ba2a82772152ae7b77dc85a3161fabb81d667cdf29cc98ab08f81d46531baedb1c8fb6ded055c79a7c7752375f7cee0b5943418521be3eb68d3cbea","ssdeep":"768:BZzxQ6SVavwJk9le1eTMQvYxBjkQAFzUcfD8z7XIyaMs5ZFCl7nwPUfTSKOQ2Ag3:BaaP9ZMQvcAFzDfD8fXOZFClVTSKONAy","tlshash":"2013028f8a5d9319590dc8c9f356cc0c54a5ec7fb9ec78e5e87a0a66e00b7d342110c7","first_seen":"2024-12-28T11:23:31.682934Z","last_seen":"2026-04-04T08:19:30.924561Z","times_seen":68,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":191,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/intlTelInput.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/intlTelInput.min.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee2-734f\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29519,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (29164)","md5":"6c9bacd626f8da329cfd17986468b921","sha1":"b8ef112f4c44f07c914363756792e9baff14be34","sha256":"a5bd18c50d0bedc08c05eec31019f087887e4454a02b2f8959dbdfbebba8ffb9","sha512":"09e7d0ad1436136919ddd67933ebb806ec1dff914f3139af7b11f513064f54e02d82a8c7d35b511b0cd9ab18bb570dcd18d50f1722ea0a2ab64e2510536e78cd","ssdeep":"768:IY03Xlqn/kiIzOT9FSRo/6mCIQkjMdt24vD8B:ItiIzU/6YjMdo","tlshash":"55d2e7ae63655b37a6fcc2a270e54503ae6f79444a44083d7cacdece0288ed271f5b34","first_seen":"2024-12-28T11:23:31.679776Z","last_seen":"2026-04-04T08:19:30.901066Z","times_seen":997,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/scripts.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/scripts.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 91\r\netag: \"680a8ee2-5b\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":91,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"d4b784c87e5bc6d6144218f8677c379a","sha1":"8e7c58a43f2cdd809c3017166fb20a332fde014a","sha256":"821a3a9b3b1665803d69fe10739e36e6a00a71e16e37470f9b548b9d6e7a038f","sha512":"3f6b147da0785f6a28807d24db00c69c8185429ba7bf1bc4de4a195b163ec89c7f0a9bd6f09eedab62192f9c74ada18676ec46144e8c5948c9afa83004c3cb8b","ssdeep":"","tlshash":"7ab0129160c2e3704fb3031c20e8500f8909125873015238944800c0b45a67275e100d","first_seen":"2024-12-28T11:23:31.673933Z","last_seen":"2026-04-04T08:19:30.895644Z","times_seen":60,"resource_available":true,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/partners/2.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/partners/2.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-11a6\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4518,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cdadf4da300afd7bb83c66c224d073bd","sha1":"b29e36e91f1d36596a19bad69876f266820c8a8c","sha256":"0a17afde2e5231958996f8015cbef0efedd7c5772b10b59824aa9a5e9d7be659","sha512":"f33dc5fbe34f5e61750fb273041d74e1895a8d57aa00ee883a1cf562159b54c67d373e85c92c6e3a736a339610ddf0a0f6badf292ffd2338ca7a13d064b99a45","ssdeep":"96:GDkFFSSJSYOgs7jSlSQFd1Ko/4GwCsvQGY:RFF74YplSEdb/4GmY","tlshash":"dd91d8c833fd11facc42eda2ff26a47a345f11ee62590d60c3656f0928688e95e268c0","first_seen":"2025-05-12T01:13:37.000993Z","last_seen":"2026-04-04T04:03:43.882843Z","times_seen":215,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/partners/3.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/partners/3.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-1a1c\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6684,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"79d2cc00fd6b6a83ab6d23f59e32c2d8","sha1":"a71dc52ded53af8984cf0c792e2a3588edfdae44","sha256":"354810d0931ca7dd5b645c4993e5813d47343fca780ab8904f7942ac42b6db2d","sha512":"aba2ab6abc2f9cc20ef639f003bdc0c3e7d256c8b3a77e7e5fc76e78d75f858139463b5889e169089d3ac341220a8d59087dd67b2d6433878233f6b5070d81ec","ssdeep":"192:ro3oZoI5MvItL+vtBB+WmaBW9p4q7zsRjIh39DjMY:M3oZoIevIt6lOwQpSY39DjMY","tlshash":"3bd1c7c423b545f8f408e4fb973a607a780361ee3a054858d7395f4c708a5ae6d5bacb","first_seen":"2025-05-12T01:13:36.980812Z","last_seen":"2026-04-04T04:03:43.893509Z","times_seen":209,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/partners/7.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/partners/7.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-2c2a\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11306,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7e472ad387b40cde9b874a9006741b03","sha1":"10107615957cf6e758852c7d04bc7ad7ef14c3ec","sha256":"aaf11f8e528d3a2813f33f83427a9007ad4ba74ce340886505dedeb1113f52a9","sha512":"ce4ace02239ea3bbb275add3741660a7b50508bc69437938bc9eda11b61d03c5d02df28ff77c880063fa1998891a92671f5d1d8d76a439db523d1079436e64fc","ssdeep":"192:HmCFvbY/oLhTK5DU8XWx+0Dsa+1TzRd2BqwNlWPli2YN7lXgU2JUtnBP6LFCFMsp:GovApZ9WxNIAqRLYrgz3OMiNdn","tlshash":"c432c6fc1fb183e9f911f2fabe3244d97c4621faba8c8935c3795d0871825645e069e1","first_seen":"2025-05-12T01:13:36.970821Z","last_seen":"2026-04-04T04:03:43.882364Z","times_seen":208,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/grid/1.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/grid/1.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11778\r\netag: \"680a8ee2-2e02\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11778,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"81be556e8ed76fe38341e97e5c88ece6","sha1":"4787f119bfc45888c7611a80cbbc337536103c57","sha256":"7e23b727e3792f50b55e362987430c3e862ffd4d33d7345be9ac467e1b53797b","sha512":"a176e4cab634444dcfbe958392cf01d1d8af1f9dd2938b8e343513e2e20d3cc66aab59a417cec6e7931785cca8e3eef128cadf751ef48de1c035a6eeb9e2adc9","ssdeep":"192:LWxWn/XycmlYhgVsubnEo250yZlC4VKvnBqITNgOOzH9d8/iOkpuS+wxQdUyRQZ:L/n/X7ml1sWno50yy4V68ICvv8hS+w6M","tlshash":"f432c1ed612865412736f79058367737121084e6e2c1b39803faed9769b0e635116e5e","first_seen":"2025-05-12T01:13:36.975362Z","last_seen":"2026-03-19T10:21:44.178875Z","times_seen":13,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/slides/3.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.341Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/slides/3.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3084\r\netag: \"680a8ee3-c0c\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3084,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f631d1042f96cce2ed7dd887e86d256e","sha1":"372af155b0b9c4c98f2f5249d7022fff35d14420","sha256":"3a1fb8495b49c7a1faa9f21d4558635e163beea4e4d6f3e0436dab8ae13cf24f","sha512":"2d37468fc27f39f6a5c85851bca013650571416ea55e71743eb99c0c03c60c95383884e858d0cb40b0a084a292b0dc53cf41f0787d6faa0555c1b21a618ab576","ssdeep":"","tlshash":"1e514b448fb1a7aaf400a68f56eca2021b27f5c50b2b38bbf609941647b83971f01f11","first_seen":"2025-05-12T01:13:37.001933Z","last_seen":"2026-03-19T10:21:44.206558Z","times_seen":13,"resource_available":false,"data":null}},"time_used":419,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/functions.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/functions.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee1-10b2\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":4274,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"6abf7365821683c0c1981bd99ae9685b","sha1":"2cf8423432918648835bea93501317fb39690737","sha256":"f64e469125b3baa723c1670bdf8eedc8ad6a7c52439e86f3053dec1754948152","sha512":"33b9d06f4717f5e625e33dbc0d0847a9e85ae8010f2f3f285c0f61113bca126feda92c6100fdc05f68b32f26567b78e9947afeb8b1d99e4c95e9dc54cb63c7cf","ssdeep":"96:5daAQkSmLA9vYal206WwPSpdPeBfVL4WC557zwKHBoa:5HQ9mA1dv2w+zK1","tlshash":"929132b5702bd07606fa138fb1b6878cf87cb4e728435059a88c45883860f9566a15df","first_seen":"2024-12-28T11:23:31.670829Z","last_seen":"2026-04-04T08:19:30.918556Z","times_seen":60,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/fonts/Montserrat-Regular.woff","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.763Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /fonts/Montserrat-Regular.woff HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: font/woff\r\ncontent-length: 95056\r\netag: \"680a8ee4-17350\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95056,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 95056, version 0.0","md5":"4f412e70a5339443b9238c14152d17d2","sha1":"f6d39b8a482a26300a098cfdcc846aeb8b351394","sha256":"c97ac39e9f4b285870e0c90f5877cdbf6f545de2685ec000a4dea3b31691ba07","sha512":"be3b18f2a83aa7317380d3724f062cf67551b97adfcce0536ccb96ef5b99708695a270193fbfaed7a68d52fc2aeea31c054724225db04c5f123ec45407a5ae91","ssdeep":"1536:f5ihn1wN6xY4gWFHAtxiqi6oux7tm4yD8SO/EaxWG0J7yUmsxyyH02G2/KSISQco:f5iD7Ve/iqG81jvEedUm1Y06KStQ1","tlshash":"bb930213a6fe3b4ef6a427b82721af5b079638de15c65bcc80d4266c440ea305fdac0d","first_seen":"2025-04-16T02:18:32.186015Z","last_seen":"2026-03-30T00:20:02.517012Z","times_seen":48,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":140,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/partners/5.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/partners/5.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-11b2\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":4530,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"abedbdb69413293eb5405bc1764b2291","sha1":"d5f699be91f1e73dd9430c0de8750018f21b353b","sha256":"90f911755d37cab3d81ea3ef9803f51ce66e12e63ed5d9559e8f36f41dcec65c","sha512":"8e86456629677c9a690985c7da2afc06d10b18957e907d111031d2e35bf1c5bfa7f9c2f80196f41e719ece575f99c8b1da8b95b1f00004ce55aef7f4bec989a8","ssdeep":"96:2uyIy3j35MjWNYOXtY5zrctQcH5jZ+Ca6qRnsFe6yoPHIo4GY:213kWtSz2H566qu3yPEY","tlshash":"f39194e92ff646fea540bfef9b215158ee9610f1b7480518d3389f2829574b0bd128c9","first_seen":"2025-05-12T01:13:36.954372Z","last_seen":"2026-04-04T04:03:43.871327Z","times_seen":208,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/deco/deco-2.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.343Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/deco/deco-2.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 33632\r\netag: \"680a8ee2-8360\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33632,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7011dd057d62a66dc03df71a9c44b384","sha1":"f7dbd0ccbbf442766b80522ae276b5bb2cca3b4c","sha256":"98a74ee0a2b74d71b6c98d3b7aceb00ead5d3860a2cde7c9c12b918248dd1ed5","sha512":"63bfa10d311cdcb7bda149feeb9f337c7890ad437de7cb3435e3880cf881a8fccd66a0642b2fc788dbaa174ccb31d119ced40c577c5045b52fd025fe223dc27e","ssdeep":"768:D7hcwGMic+2qB3vFmz5a5gBPFkVwH8n9uhrxL56gs:1Tix26FmjFkVA8n9upx9","tlshash":"cae2f10ea10f7b59e51c05764fcb7ccce4260a4de8a153ac3643be71228e9acbf154c6","first_seen":"2025-05-12T01:13:36.990699Z","last_seen":"2026-03-19T10:21:44.224491Z","times_seen":13,"resource_available":false,"data":null}},"time_used":477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":190,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/deco/deco-3.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/deco/deco-3.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 22048\r\netag: \"680a8ee3-5620\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22048,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"51b6f0602142ad085a016f10fd855ae4","sha1":"c4f8860425629e491558c592775328d41b7009d6","sha256":"5d052fbbc082b5135467d3cace6305f7fdfd8584c5ee69c998e1f3079fd28407","sha512":"f9c1becb9b321062c8f5cfb12e7b01e74b1983fa4cc4e0f95e854c055bc1841d899ef2edc43fb6a5657aff3c867561a6464541bdd561f74bfaff8183c08ed8df","ssdeep":"384:KCdn/0iqq0/pJb/M7T0aIBTt4isOwEthKtqmRYmwrFCGrf9nEzQYaBr7q:Kc+qiJI7oDxtnhKvpwJCuf9E","tlshash":"4da2f12e6128752fbedcd4edf481d82ab4d25c3d2fa667f21552e4886e8cd703c44287","first_seen":"2025-05-12T01:13:36.961833Z","last_seen":"2026-03-19T10:21:44.176954Z","times_seen":13,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":283,"receive":134,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/grid/2.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/grid/2.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10146\r\netag: \"680a8ee2-27a2\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10146,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"63d9f72303cbdcad96b38046be0d3758","sha1":"cf7ce70245a306fd750b1a84d9689c7b631a2766","sha256":"d4de41fce4d3703f416492c078c8f055837acfd47318939e2cdb9369ec726b10","sha512":"5d768e7eb745ad89d9406400b7f1d231bb7c3d3fabd645815d1ed50521e52abd3ff3308c0c399e36d9721841fad08fea2176a6c8e9a291a24db6acc4082b718d","ssdeep":"192:TMXbH66MMwdZ7tyemAndCPPSKiyiFK1KiRHPxXefTsGTK+VnAEwcwaEmheNDozAi:TMGBqemcdePHi5E17xXefBTK+VscKozJ","tlshash":"6f22bf0c09876f127eac05e54a67c0506e8bb2f6d5aefc2bc561308f0e923fd06c5642","first_seen":"2025-05-12T01:13:36.981749Z","last_seen":"2026-03-19T10:21:44.215732Z","times_seen":13,"resource_available":false,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":292,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/cards/4.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/cards/4.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-2475\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f674e9e565dd9e10ee5839314ca32762","sha1":"110abd304e1a6ecdad7e989a172afdc10270ea6a","sha256":"1d58d6c356a6bcee4968365c6e1e9ed8c8edc240b40ab8a32ef3c93dd8fd2398","sha512":"637b1a7f00646c368de39448b94b9abc05fb250848412884943f43466b92873a4018919575aaabdeb3419af9cf744f056f44d311ba10a90af4c42d2f63d53773","ssdeep":"192:git15I5GKbR7IaAkKH5IWlqdDgTHVkidbBKjKgONUA:nrizIh/ygNngs","tlshash":"d912c6d43b75d7e8f905b2fcca2964d2be9724ddfb0584a0c3602d25ac02125ee9a9d3","first_seen":"2024-12-28T11:23:31.66147Z","last_seen":"2026-04-04T08:19:30.922747Z","times_seen":62,"resource_available":false,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/inputmask.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/inputmask.min.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee2-1a20a\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107018,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65358)","md5":"f869249af176bf7f8f843b134cf34b98","sha1":"5133b8dcd2286552f2e6f422261e8f74741f8f02","sha256":"5b8e6af2eac6dc224477bcc4aab896c15eb8ade3d4f3117190a2d61ef4d006d5","sha512":"69ce9c2514b7ed063a36fef0f153d81fa9b0453968fc4158f83693c81a8d810d4ad5c3defde3acd0475ba4f8c2f74b285749e4b88fd21c7ac881de4913fdcbff","ssdeep":"768:+da8SCVCBLTRtVSCDEVHnbbfeKy3ps4iwrIMKvnCFDVYbEc92eCcQUqSCAnUdVuF:+gRptulbbfhMInCF5YbEeFU6bS0JAe","tlshash":"4ba319d43552b16287e371f440bf840aa23beb29a4999040b25af4d0797decb07b7f75","first_seen":"2024-12-28T11:23:31.683914Z","last_seen":"2026-04-04T08:19:30.925147Z","times_seen":151,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/slides/1.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/slides/1.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2022\r\netag: \"680a8ee3-7e6\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2022,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f1a263cb4bd5673aead534e282adcf7f","sha1":"31877b1bf68f429e7d1b35eccf0fb760a8c8d356","sha256":"c362181167b434d49a040a7a6ec84f616b3b5780314a94142480251b2c52e01d","sha512":"83acd96df34b2af0e9a695bda29f2af99f1b8a759c4115e85146f8bd855b7d560cd267b0ee3fd2d2e6043fce9a70b73289e849453b4372b713c193a70f8e9415","ssdeep":"","tlshash":"4a412a75cda9e250cc182d0e776c6064a68381fdc218ec89808d99aaa7332484526f8d","first_seen":"2025-05-12T01:13:36.99455Z","last_seen":"2026-03-19T10:21:44.197235Z","times_seen":13,"resource_available":false,"data":null}},"time_used":417,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/quotes/1.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/quotes/1.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 64356\r\netag: \"680a8ee3-fb64\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":64356,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x956, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"83bb560655a7ba2fad752705a50497ca","sha1":"579fea4c4c30401784e90d3cd1aa5ae94b3a7cc3","sha256":"09f1190dccd5f0abd59aa1acfefc8a2ce53c69ea9f59d094390f1c5221709f4d","sha512":"511575466b4c769511e0726b2ad0c43f2254a6444eba94ee5537fa4ee4d85b992dae3483b25a135d4a99a52ded82aec70bf596ba4f9b2a94889f4a9fe01c4857","ssdeep":"1536:mdGuWQBeCyRttjM8hzqIVD2yiFdbXDkPWR7VlFn:mtverRttF9a1FtDkPclFn","tlshash":"9f5302a033e5e6667b52164f5d9e08ac0119e12fc4938294e6123fbfe9b43d2512fa35","first_seen":"2024-12-28T11:23:31.68694Z","last_seen":"2026-04-04T08:19:30.915875Z","times_seen":68,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":202,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 19:31:13 GMT","end":"Thu, 19 Mar 2026 19:31:12 GMT"},"fingerprint":{"sha1":"FD:43:17:F6:FC:F9:5E:2B:53:FD:34:62:25:32:FF:41:EC:72:38:91","sha256":"8D:5B:FC:11:FC:AF:23:2A:87:1C:7B:4B:8D:AD:0B:AB:BB:D9:D3:7D:C7:9E:49:C6:11:1F:78:3D:E2:1A:49:DC"}}},"request":{"raw":"GET /json HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://flux-kraegh.com/\r\nOrigin: https://flux-kraegh.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":280,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-04-04T17:24:50.839518Z","times_seen":46599,"resource_available":false,"data":null}},"time_used":248,"timings":{"blocked":49,"dns":13,"connect":13,"send":0,"wait":152,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 19:31:13 GMT","end":"Thu, 19 Mar 2026 19:31:12 GMT"},"fingerprint":{"sha1":"FD:43:17:F6:FC:F9:5E:2B:53:FD:34:62:25:32:FF:41:EC:72:38:91","sha256":"8D:5B:FC:11:FC:AF:23:2A:87:1C:7B:4B:8D:AD:0B:AB:BB:D9:D3:7D:C7:9E:49:C6:11:1F:78:3D:E2:1A:49:DC"}}},"request":{"raw":"GET /json HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://flux-kraegh.com/\r\nOrigin: https://flux-kraegh.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":280,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-04-04T17:24:50.839518Z","times_seen":46599,"resource_available":false,"data":null}},"time_used":233,"timings":{"blocked":56,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T05:12:34.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 8485\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]}],"data":{"size":44150,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (473)","md5":"d724605f9cf470d402a37999783c97f6","sha1":"696b10ccfe696fe6cf7b9e55e7a35ec71c6d12b4","sha256":"f93e0f5e80eba1a6930840609b9c3b33b088ea70becd54802c1ebe9df87b95d4","sha512":"f18e1b53d15cff8aa7c13c687b21df97f0948fcbdd8b8157caf31743263933f7f79eaeca45469f24f67b751d16cc22391e53e7d4cd9dbdbfefdc89bda6045ed8","ssdeep":"768:PAbBgUP8xQYYi0VD4WP8xQltY0aWT/qpVe/7/zzEwvP8xQUc:3YhVD4gY/zV27rzEwkc","tlshash":"2d133020a49d3cbb121353da6565a75ab2dfce31c126c4f5f2fbc10943d6d8aaa532c3","first_seen":"2026-01-04T05:13:09.004545Z","last_seen":"2026-01-04T05:13:09.004545Z","times_seen":1,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":269,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/deco/deco-6.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/deco/deco-6.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 49290\r\netag: \"680a8ee3-c08a\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":49290,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 671x1226, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"34bd9d80a9705aac8bf8d8cb01555dd6","sha1":"add3275bb464ec45d8caeb11e7e9004ac3086370","sha256":"e471a7cc3d54695c203c1ffd9ffa0ae3195ee6fa8732cec10130df2daad6e2ad","sha512":"7aeea64c3e8b36576b27e30bc4a607cf85537a74411d5740984119e0999b920730d2cf2b9eb58178904f05ebd29e0975f861721bf1db2d66e49fbcf4ea49a1f4","ssdeep":"1536:YdBxlF0l8JvhClvM/oqRE/E2grz2T5WSvMjv:YdBbxvhqF/yH2TNMjv","tlshash":"572302f4de04f51cd095f27e7397bc35978ead673d292968b868d2028c22027bc54de6","first_seen":"2025-05-12T01:13:36.982591Z","last_seen":"2026-03-19T10:21:44.22724Z","times_seen":13,"resource_available":false,"data":null}},"time_used":482,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":281,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/spoiler.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.358Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/spoiler.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee2-1928\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6440,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"5f68bab6de0adedcc40e1a55460abeca","sha1":"f903e75d59de14759ff231395fee9447b15f3b0b","sha256":"ba40957e0be0a2cf4aeb47388f7827eae554c1cc4e158af21629c0e722c77553","sha512":"8de304d8a53f23b463b93480a37105c41a30e37899a7b67f71934240e026f4c5c9e2de4d7de0383ccfe53333343555605219646ed0b2429a6e74a8d7aead745d","ssdeep":"192:w6t39aKgJmZmlN3ijS714hUuAcBNgGYAcfAcUAcnAcow/PvPdOfrodBC/uzVDdzS:wE9aKgJmZmfSjS714hUuAcBNgTAcfAcf","tlshash":"9dd15090711f233623e6336e5434ee566858c6fbf5420faf78a49a9da0e28405273e7c","first_seen":"2024-12-28T11:23:31.669519Z","last_seen":"2026-04-04T08:19:30.912616Z","times_seen":61,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/cards/2.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/cards/2.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 882\r\netag: \"680a8ee2-372\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":882,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"57258ca40cc39c7888cc7a110ccb30eb","sha1":"1cb7e11c60a69fc3164c6e6e8748a6ec0719aab2","sha256":"e0df1bf572d3b536485f841610b9e3d5f7114651e209adfcfd6b4d4a3934ee49","sha512":"1ee2c51345bdcde0341e8625cc573d03abb0b6ffcf25b3a4f600d4808e695110e349c89007a5e5e2cfb73426b07fa4d097060230b011ff8b7f0a60807b2144d2","ssdeep":"","tlshash":"271152c0a31c46a5d1025a71c11f74256ceb60f66208e59ece4a291fef526fd2c10bdd","first_seen":"2024-12-28T11:23:31.663919Z","last_seen":"2026-04-04T08:19:30.929265Z","times_seen":62,"resource_available":false,"data":null}},"time_used":409,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/formsHandlers.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.364Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/formsHandlers.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee2-14fd\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":5373,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"C++ source, ASCII text","md5":"2a3b569ff7900d7067fd3dca741c2ef1","sha1":"219a823d5991d601838a30597cd991428e07fe89","sha256":"1f63c3eed801f24cbc83236e1e1456ffedfec06a92a44ef2a5b2024b974559ef","sha512":"476f35d13a2f811d957d4f5e818ad9c55302aaad4a4a08e4711ddc5ad7d351fced58bb020de016b390a0d6a01db180247bae9a8f8532bd71569c65c5f7c3239a","ssdeep":"96:SVRP4ZvN4f1wvNTpw7Hdw7HdzvNv6hw7HMNmMHMf1hFEURFuVIkcuWdl9Mn:IJqvef6vseVv1vQGftEURFumkcuWdl9o","tlshash":"9ab11249d7bd1e1905eb205ebc8d3e8d343510367818b02fb19c46fd27acba996d6bb0","first_seen":"2025-04-17T18:26:42.807912Z","last_seen":"2026-04-04T08:19:30.902301Z","times_seen":58,"resource_available":true,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/css/style.css","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: text/css\r\netag: W/\"680a8ee2-3ee11\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":257553,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (329)","md5":"b71179a4157ce35d71622b93b6011d65","sha1":"d9afc33c652c597b88ec4717bade02b0248bce2e","sha256":"aa494f316e63a259189cbf201d2251f4e6b3c025f7f50d47f903b02c99c18968","sha512":"8081e571218fec8ac1a75f45efa59a8e03b109de79241502e455b796979b0d4b1380b86f15e82379702aab20f3d340a89aecf6bed248211cba5c4d9b4051745f","ssdeep":"1536:HysXbTtPOafF6DhpwhMdaQSvGgYIGPS7Du67lbz7doI79ic7lvr7xdp7Nma7p8yP:JPO4JhMdYCzWRoL5zG","tlshash":"0844437a32661504792bc61927cf4b64333ca013991ac8a9ffde2445cfc6ee461e3f96","first_seen":"2025-05-12T01:13:37.000028Z","last_seen":"2026-03-19T10:21:44.213464Z","times_seen":13,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/scroll.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/scroll.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee1-611\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1553,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"34db16e6fec27a1266d7975128810589","sha1":"fce555b5bd705212018eee4a1684cd76f68034cd","sha256":"c97c62cc2975c2dddd7f8aa63cf6081b99070674fdcef1f73aa2bd32c280923d","sha512":"b3f03231149737aea438502d679d62475c36f08047d274a369a912cbb13b9cf64bd6b320b5813654a9e1d58b89799cb192e8582a89370018a17dfe189f579799","ssdeep":"","tlshash":"67310268318b293983d5874dd13f2f847db94073b581a12da05d6c2f3f50bb9877608e","first_seen":"2024-12-28T11:23:31.672837Z","last_seen":"2026-04-04T08:19:30.895085Z","times_seen":60,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/fonts/PlusJakartaSans-ExtraBold.woff","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /fonts/PlusJakartaSans-ExtraBold.woff HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: font/woff\r\ncontent-length: 49528\r\netag: \"680a8ee4-c178\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49528,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 49528, version 0.0","md5":"4b44ec109e9e0fd495d62a105a66756f","sha1":"a460bec0ab6f4ad9c8ff38ce5a22911f29420fd0","sha256":"89ae2a229fd6ef3b7f9008fd92051360d809dce25a3be19c58430819525af1bd","sha512":"791115d01512ac7b79180690645431a4ff0cb36ba6734845bcd2fd2ed87440521e0b96dbc99fa47ee2ac5259618529fb5d920b59523c7a53ef0028ee5212be19","ssdeep":"768:7GyvxcmrYImu4/hKuvbbl7yQk2B2G7psMOy816VKxfO0GcQHTyy6VEUzSCsTfE:7ZRYwkDDblW4Ympb0+IOZZzytyuuM","tlshash":"ab23f10d7134ae1ce3bd5636cdb052760abc6fbe188f4d8a5cba631f95e30c16167889","first_seen":"2025-05-12T01:13:36.983537Z","last_seen":"2026-03-19T10:21:44.220109Z","times_seen":22,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/favicon.png","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:36.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/favicon.png HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:36 GMT\r\ncontent-type: image/png\r\ncontent-length: 14491\r\netag: \"680a8ee2-389b\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69444\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":14491,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"e74327a585db022ce9349b818b890c2c","sha1":"4fe609a73d5221d321146ff3e123ed10027acebb","sha256":"860a045963953db511f76564a55d2c1df832164f59847d53c3a2a78724673874","sha512":"2f8c14b84a5abc60c92d2529ff8236364d7e422b733e6484fbada8a074626dab8b4f2ae40bf63a593f3742764fecedb54d8a4ff8f07b30e5ccf26e027f3a40f9","ssdeep":"384:KpH/yDLqE15g9iplQK/Rmax2Hj4dN/hNwH26T:KV/y/qMmI4K5makkoHJT","tlshash":"5e52c0032e3926f787d9239fca71dde248498c84503f62da2db64063152165b55eeff0","first_seen":"2024-12-28T11:23:31.700789Z","last_seen":"2026-03-20T11:22:17.791884Z","times_seen":33,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/cards/1.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/cards/1.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-713\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1811,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cec3c9ef62fdc8bd334d52acd9b00f02","sha1":"071bc0f887a52b588e6a64ede29c80479b0ecac0","sha256":"97c9463f996afdc10dd82de0d490d2f7a655f75237d28e3263d367e1227aac11","sha512":"d60bce849683ca9022af5a0c6e239fcc814b4de3a127103bdd3f9e326e836554b389fac47220c79b7fc49fa1b44103f57b5614f80aa0897656a6a6c89cd9b3ff","ssdeep":"","tlshash":"ac3151d0af38c3a4a800f279cb1a76e47e6768c677011034c2682d08a9d47665e99afb","first_seen":"2024-12-28T11:23:31.678845Z","last_seen":"2026-04-04T08:19:30.897913Z","times_seen":62,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/quotes/5.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/quotes/5.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 56962\r\netag: \"680a8ee3-de82\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":56962,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x962, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"05f21881518e9038ead58681f96a6945","sha1":"ccafe0cb2a504d3550c0ec869797163526e71c9f","sha256":"e46552163f5b69d3e06ec4d106aacaed4f97bac46129edc9bf0723193f17ce69","sha512":"f3fd23c4949538128e6d99bb73650ea1cb154f695ca2fc060e6ead92e461f02596dfb8148964e9f4d643df87b2ebb7d457d9a38fb4eb34b1823c039fdaae2987","ssdeep":"1536:9Qxa7Dqj1RdD9H89QfHW8nR9E79Ml31ZMYjihG:VDqj3RyKHW8R9yc317wG","tlshash":"2343023686ef468a8391e09df74bfcaa681d68bcd902ce64b166405df1c791c3077e1e","first_seen":"2024-12-28T11:23:31.688013Z","last_seen":"2026-04-04T08:19:30.904987Z","times_seen":68,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/fonts/icons.ttf","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /fonts/icons.ttf HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 2004\r\netag: \"680a8ee4-7d4\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2004,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, icons      ","md5":"bf5ce7392c40d352166c2d5201022cae","sha1":"bbe09f5fa91dd5df463e8fbaecceb7ef35477dd9","sha256":"69e0579c296b1c156822d90ef908542c650f9cdf33763d224065d044f991a0d2","sha512":"e5f4884aec502b7bf5b3e7a499011c3311090f493b6385f404428eede376f94037e422f73bc9560818ccf938867fb4aace63081b923466f89b5402d81c79a858","ssdeep":"","tlshash":"9b4163519b74decbd82203344898d7256bf1ed21ea97d34b80d96e825c665ec0c387ba","first_seen":"2025-05-12T01:13:36.968802Z","last_seen":"2026-04-04T04:03:43.878422Z","times_seen":861,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.flux-kraegh.com/","fqdn":"www.flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T05:12:34.484Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:34 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-length: 232\r\nlocation: https://flux-kraegh.com/\r\nx-served-by: www.flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":44150,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T17:46:17.157563Z","times_seen":13340936,"resource_available":true,"data":null}},"time_used":528,"timings":{"blocked":183,"dns":37,"connect":65,"send":0,"wait":162,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"www.flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"www.flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/deco/deco-1.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/deco/deco-1.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 44222\r\netag: \"680a8ee3-acbe\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44222,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"29429c27ece84b635a0f501dac1e232b","sha1":"8972001466059b72591e0a8faf5db9151942350b","sha256":"60db9b4c1eb1b894f8276b3db816d55fdc6b921ebe34f4da528aa98eef035b25","sha512":"b198c68c3f2b0fe9e041eb053efa1f9f48158befac5cea1c34cc659692323f65b7a25d185bdb17b7b21d91316fcf0895fd10d4d8dbec2587ab03c8c80550129e","ssdeep":"768:SsAGyBe097fEZVj1FLtcgYNTGmW+j8EGDn8+PVI2AwoHo4sMTU6DUj4/Rr:71Oe0RMfBcgYdynhuwSdFUoF/1","tlshash":"c513015285822630c3b0b4dd90f5efba895a4b9e35834e37ff66819ac8df3151a91373","first_seen":"2025-05-12T01:13:36.974354Z","last_seen":"2026-03-19T10:21:44.196592Z","times_seen":13,"resource_available":false,"data":null}},"time_used":487,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/swiper.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/swiper.min.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee2-216e5\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":136933,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65267), with CRLF line terminators","md5":"94b914340a274dd89291378be8c4aed3","sha1":"ebbf8701e803339f36f1057452c3cba9208d18f4","sha256":"37b1087a7fab429e8729b8552bdf931dd7667d81ee097acad724670f526e516d","sha512":"78a92be481df633ecb0961b613c5abe5f807b42055060322e447ba1a74ab81c6c67b17639b7f703b024a63166cd266e92bec350930417b36b203786b85ed870a","ssdeep":"1536:DIJIfGCcF8NkhbGd9+OzColxU8KBkiArqCvievtnS4U9ampFvfha7W5J7ifuANE3:EJgNE8VKBk91U9FpFvfsi5JeWAXe","tlshash":"c7d308896220b57646e356db93e4c261a3b50540b80ac8f470bd4c9f597ec9813feffa","first_seen":"2024-08-19T16:16:35.40255Z","last_seen":"2026-04-04T08:19:30.914005Z","times_seen":81,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/adapt.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/adapt.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee1-bb7\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2999,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"5099679a2ba7396b7a3e56e85b487bb0","sha1":"154e3dd443f80d5e594b51e0f5b624fd8d36ed8d","sha256":"19da36faf51b3d8ff867c3b0dfad881d3bb89a5c7fee2b8728bf6d62eb858c26","sha512":"7073bfd421c49f632e3f709a51aad248ff6407ba38d50d47a67ec2114449b70667296139d92848aa91d90d3ccbf377d4f130f0938ccdff29fb11d1b4fa7461f5","ssdeep":"","tlshash":"915104e1b50f6d9b56db13bf7037150afabed81190007aeaf8e4c5c861529410bf55f4","first_seen":"2024-12-28T11:23:31.667362Z","last_seen":"2026-04-04T08:19:30.911754Z","times_seen":60,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/menu.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/menu.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee1-22f1\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":8945,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"0d6eb1e39fa7735889cf0f8b75acb3f2","sha1":"b08044b873f5f67bab1e213acd05a1f7972c63b2","sha256":"8db61b38db945eb47dc8eb4d6dd9be37793b7531937e874e2457e3ac788982a1","sha512":"a102845cd14b780d5b1196e90204eda56cb5ee6eb063eb6d7a62f550033ad6c2e3e79642f64fd3a9124ed2b7957df017bff735c29bf0e20b869204f10446ecee","ssdeep":"192:Uj5IhkTXWRrnJSZK1O9F/28oDCrASi/BvvIGvML0srG2pD1l5RWPVz+2sEmE9guC:jkTXWRrnJSZK1GF/28o+MzJvAGvMIqGK","tlshash":"a4024484727f133986ef339a517c869af62c8892e443889fb87c5acc18b155153f1abd","first_seen":"2024-12-28T11:23:31.668216Z","last_seen":"2026-04-04T08:19:30.893956Z","times_seen":60,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":276,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/bg-1.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/bg-1.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29842\r\netag: \"680a8ee2-7492\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":29842,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3bebad825eb0875d1c05d1578c0474c6","sha1":"0a37e63284b8fe16ffbc0a221d8cab52cd29a52c","sha256":"b32910aca62616b24b31c8f7d6b6e62c0fe1bd8466f1cd64162c558e8ecbb4d4","sha512":"e46eb7ad923ffc42899ebca0d45e683fdff4dd57ae20c348ce3516ea51a36532f6bab5870acc36d310490a9c4ac89efe9e99881fe1e104c95bd2d1dc09e0b9cf","ssdeep":"768:pImfzfZ0ItvLWd7Wy7S6dWsrg9x2MD33KcLPyXjGp97xP:pImfzhDLWdQeWsrgv2cn7Qj4b","tlshash":"c7d2f1b84f97e477f3c25974a9cb6070f045184ead2723ef77a8c5840280718fac9999","first_seen":"2025-05-12T01:13:36.928248Z","last_seen":"2026-03-19T10:21:44.203832Z","times_seen":17,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":294,"receive":133,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/grid/3.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/grid/3.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8852\r\netag: \"680a8ee2-2294\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8852,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0b4a1b13799f8a5c741968c8b0eec6b3","sha1":"219a70ce2c8250fafc909cb644b33c062d1e438a","sha256":"0beb92f9cd3b9106874a2a9231f9d2aff25c211415b02c6edff2ee13d7f35034","sha512":"f63162b80605cf4fadf3964407ff4e425eb650921a47dfd100a0b80ce30657d3563f0eba1c470b4d08db909b98d60c4f9906a2378c669bedb741ef9b7bcb3b90","ssdeep":"192:CW8eVXgLwUUpPyj1dI7AVMbBsSf3RQ2pnhXfv+Ky18oCMMgO5+bIoG:C/WXgM/q2/FHXn+Ky18oDhzPG","tlshash":"0602aeb079420ae39b60793e7cc7c498cfd6ad2a522569b07df08419f2845a4db34b0c","first_seen":"2025-05-12T01:13:36.993304Z","last_seen":"2026-03-19T10:21:44.175669Z","times_seen":13,"resource_available":false,"data":null}},"time_used":421,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":291,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/fonts/Montserrat-Medium.woff","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.760Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /fonts/Montserrat-Medium.woff HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: font/woff\r\ncontent-length: 95212\r\netag: \"680a8ee4-173ec\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":95212,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 95212, version 0.0","md5":"9caca854597c1d6846e82387305aaf7b","sha1":"b30d3740da2145f0f9242540dbf5c73d96bfa9fc","sha256":"e61d0ad9b20e57c1ebe4557d12799b11ecd07a1955a769a54e4fe3b73982f006","sha512":"24233db7d9175afec3a4f42244e8d7483b450f22076d567a75db15577ce1deab66192e5c69fcbc68605bd7e49cb757b735f8a2877815ca9817683f5aa97ce9d0","ssdeep":"1536:CueUazXxBjhtAxG3H2xtvNZe8O9OyD8SO/EaxWG0J7yBPd+DBOp/IvSlxueieJ3l:CuEzXxlhtAxG3H2xrZ8OjvEedBPdi0th","tlshash":"189312ebefbcb20dfd9c83b346656f25222a801ba14316bd75ef003da51f511a029e57","first_seen":"2025-05-12T01:13:36.984569Z","last_seen":"2026-03-30T00:20:02.535206Z","times_seen":51,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":106,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/flags.png?1","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/flags.png?1 HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/png\r\ncontent-length: 70325\r\netag: \"680a8ee2-112b5\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70325,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 5762 x 15, 8-bit/color RGBA, non-interlaced","md5":"0b1ca148890222235a0f9903636ca21a","sha1":"b451b4db431749cc40cc2a5f271f9807ca21f1d3","sha256":"54dc5bc49fbe41359681fa0af8add039fa1383a4f4eade34f7a0a5a257dd1caa","sha512":"37553ab4cecdb30b631d883dc0a1afe4b5e81b921fa2fb8054a63fa054c2f57954dddebfee1a5b676f97a392b954aaa553a803e6e9abeedd56f87da0b58a8475","ssdeep":"1536:3Cc3jdCcCx1zjonyR5/Gm5mwoKVehnITl1G/Ghdfal4pMy9c:SczdzCx9jonyT5mwo1hIp1hQ4pMOc","tlshash":"966302b241c2a627f87cb972b955522b673bfb30d280780a00cf15b6979517f04e3a3a","first_seen":"2023-09-16T21:00:24Z","last_seen":"2026-04-04T18:04:53.349495Z","times_seen":5037,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":111,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/partners/8.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/partners/8.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-76aa\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":30378,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7bd0b6cbde80d56d2fa127ec594bef9e","sha1":"826fd52c586ef16f229048a77a1fc7ee19b95ccf","sha256":"8a4bc00ce38b651df38d93d917977cf9176db723292e3cdb4d626ba4b9beafc1","sha512":"da1c6e48159a929ffb4d5432e157726abb54dcade3e79e19192d11e222856f85abcbd828f438d9039789365260ce97a3015359d84fafccbd739a0c7338bfab11","ssdeep":"768:BXhUJYmWWUkWhMnEED38PJtr0YeZEAFCNFbx:BXhUJT4M5D30JHemAFsFbx","tlshash":"24d248622883cfbeefe50c24f656edf6ed6628ddc09b9148db1515614ba6240d6c0ff0","first_seen":"2025-04-17T18:26:42.776775Z","last_seen":"2026-04-04T08:19:30.93932Z","times_seen":227,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/deco/deco-4.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/deco/deco-4.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 108930\r\netag: \"680a8ee3-1a982\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":108930,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4f9970c8eced76ca5481198a8910c2b9","sha1":"6f43daaaf3608af87df93c9f7cab68d7c9113381","sha256":"b53c1a26e5af4b019757258bc5ad8f53b2e4b9216dca9937b21b5b5fd18f718a","sha512":"dccc1af349e629e2b32149839b44da5e5cf12daa852fbdc1d75eb1fbce671e1da4d9081ddb7e61ea216dcc7a23b8ddcb68ac8683e368f88c45233d518a9803fe","ssdeep":"3072:kEKEA1nlqhuq89+QbhjK4BkKhJoCIlmm54TOHs:kQuEuqBQlYK3oCmeTR","tlshash":"abb302691e67dc80f2babb792280e5522d5cdd809c4e0edf14694d4b27854e8c27cf6e","first_seen":"2025-05-12T01:13:36.97779Z","last_seen":"2026-03-19T10:21:44.197995Z","times_seen":13,"resource_available":false,"data":null}},"time_used":491,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":209,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/cards/3.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/cards/3.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-1b5c\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7004,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8afbcb71ce13655ea4bf6eb3f085935b","sha1":"bb99a7e5065ed25660678acc6307c1b6f01a709d","sha256":"72d9fbdba5ff424121b5cf64622cf3b8cc9a5f3d8323c6b0790aa922db181f10","sha512":"f4cb9f0f971d06679c3f3abbdea2ed28ef6477ed35e4c20b590c24c8a2f2ce728a8bfff80482f87467a734554ec05758e19215786763b7420e10a0c7d2bd2105","ssdeep":"192:eIjHrAqe/9JgzSsP529LsOCclMhtXF15Fg95bCVW:eXESovh1F15ypCVW","tlshash":"4ce195c43376e7f4e489f2fdca3975e6392e24ec7a4068a9c3911c04b91617d9d8c4e6","first_seen":"2024-12-28T11:23:31.665003Z","last_seen":"2026-04-04T08:19:30.906447Z","times_seen":62,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/localization.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/localization.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee2-b711\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46865,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"a46b97962c5aa9aa5929ced368cb3ce7","sha1":"a7d157e0f3bb4fc650a009460bb69e4e780a5b58","sha256":"d61622b433bec7b7b5548e24f4cd0f8828917beb007210dc1dc7d48eb128bf3a","sha512":"9b619fef2c8dcb1a5d5fe0b1ce148456f85abad0e4ed36075fb68a2e4bf9e64f5090c1a9e09d81ac1c1a087554e249691b7a8de080c7bf5224a5e49995cc944f","ssdeep":"768:VZWSnv3Lq5fvd57+AoLFHuc0mE4g4udnB4LN/5Y9bXL94Mwm:VsELq5f8Oc0H4inB4LNkbbKtm","tlshash":"4523091de2cc24d80740e2e7d92d34c567ed9caebffa95dad099c07121ee16f8418a87","first_seen":"2025-05-29T18:08:06.773584Z","last_seen":"2026-03-06T18:08:22.354217Z","times_seen":11,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/sliders.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/sliders.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee2-aa0\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2720,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"844586cf8533319dfa0786605b66a7b7","sha1":"86dd4d03cdbfe6af44068b20926b88dd83dc30a9","sha256":"0a6d76becdf93c26f3a900ea04e9205fdd3f27048abec7e77cfc416fa73f0f5b","sha512":"c81ba670d003b0fb198bc6252b47aca21c11f66bdce112d77e4880308412167ef9750b0525f4733af32d41433e9d54c7ee6f54b83419f09dc21b33d205a58d28","ssdeep":"","tlshash":"a551ef807297b0be06b157073979cf50e4978668c0cf817bf4ea8a4dc5063bb0d949ec","first_seen":"2025-05-12T01:13:36.966734Z","last_seen":"2026-03-19T10:21:44.218672Z","times_seen":21,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/deco/main-slide.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/deco/main-slide.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 36668\r\netag: \"680a8ee3-8f3c\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36668,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"baf998c2c4b812cabc9fc014c24bfe8c","sha1":"d3c53741e2cbd1f861a83e7fc0d97f921c8754ee","sha256":"fbaa32c0cc7e89347c26c08fdc919c6d828bc546fca54bbca853ad0ffae16dd2","sha512":"90c4cf8a0212b870cf99555967e64f606ccbc4952c845c17963d58ac0a1ef335ce22cab0a287855d5989fe1b9031df9e95cda366c72434f9ddb8bb71b1b06f34","ssdeep":"768:aJIJ4nMMS5eI7oHES8OoI7IVcTid4mJ3TwkspBg9efkPkC+CMai1UHb:+ib3ETU2TimmdkLpaeih+1VWb","tlshash":"3df2e1eb2ca6aba5358b142b89bf90775fb8113cb1159a6029b909f8c05631fce1f305","first_seen":"2025-05-12T01:13:36.940014Z","last_seen":"2026-03-19T10:21:44.21424Z","times_seen":14,"resource_available":false,"data":null}},"time_used":366,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/partners/6.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/partners/6.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-e10\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3600,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"572030612ac6d0e67a763159c6736834","sha1":"379bb38795dd888d85bf70b3c61598c3ef8a660d","sha256":"6aa47eb18a4f9428b377ff71a1dae8cc79e9d4e827997ee939ec8e958c6f4fd0","sha512":"d3a55895a71d5e65f198687f9bce8dbb632b9472aa8556cd5f900529f54ce8daec07ffc3775621dae551169aa907a45ee9e14f08a9169dbc18c1966e99d1c320","ssdeep":"","tlshash":"f971a6fc3b3147f89a5570fb776115a4381761f57b8da228e3184f88348e8512963edb","first_seen":"2025-05-12T01:13:36.9413Z","last_seen":"2026-04-04T04:03:43.869853Z","times_seen":208,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/slides/4.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/slides/4.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2200\r\netag: \"680a8ee3-898\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2200,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8e4aa46ef2feafa19c5f78e85529150f","sha1":"86dbbfb1bef220edf5e1915b6b8f05ae42957b1b","sha256":"499f1f70af35b5b6ce4eac6b4d162e6470690e680c6905026383e0358fcc14b1","sha512":"c6ea44f058379082e85bfbe3e98fa9312995cdf00e4e36e48be79ce7239e45d531621eb4628924367d383fe979eb680073d41fa37b0d34f573eec8618d54ebdb","ssdeep":"","tlshash":"07413a3b17bf943181b2676774e3242b21b403787a9bf94b702bb1b78009401ad07fb8","first_seen":"2025-05-12T01:13:36.97674Z","last_seen":"2026-03-19T10:21:44.195307Z","times_seen":13,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/deco/deco-5.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/deco/deco-5.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 45288\r\netag: \"680a8ee3-b0e8\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45288,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b69f1ba04b761dab45db4fd886331e39","sha1":"6afb14d0a46d1b17ec67148f543407ce311adec2","sha256":"497dbd1e1a194fc2a1f65f639eb98c3590b93312125438122d25659a2403a60e","sha512":"4190145d523e2b828fa94cb154510bf3eead7641716e3b42bd575c35a84cc4dd3ef5eb4bae42ffaa5246f1cee0ae0cd3fe5a3d130412b8eb406fe7a42ede7071","ssdeep":"768:eSG3zLhJzTHKrNkIKCNRpTBcPWnvl5rUGUFsnuW3tY9oA0bmVR:eSG3zPXKNnKApTBLnvlVUTadzbAR","tlshash":"7d13f13e4f9f2a0e6a6d3b82063db197e51e8b704f0da98d27654f019e796241b1c1f3","first_seen":"2025-05-12T01:13:36.985602Z","last_seen":"2026-03-19T10:21:44.179702Z","times_seen":13,"resource_available":false,"data":null}},"time_used":483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":282,"receive":201,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/justvalidate.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/justvalidate.min.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee2-73e2\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29666,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (29666), with no line terminators","md5":"5999ea06cbb02d9f509d7127f581ca57","sha1":"353b584854cfb425f4da8446734b1f5557d32eb2","sha256":"29d1548e149452387bacf862a93dc3049a1f63b90cb972d6091641d477734592","sha512":"9320ce7503b230e62b4dc62a4078e802091a4a8e5fe28f7495ffec44f1bcbe6aa56e4b1ded1824e5854992e11d52319596b70a866486a74b24eb33d5a5107090","ssdeep":"768:VkW++JZ/wbtODUsl8dJorXESRAwgJMgp81UuVvwnCByfDwty0HD/h7PCByCrCagl:mCCDSXrRAwgJMg5s5Y3gk56D","tlshash":"41d2d706267149234dd94aeae08b9543b3d0375da914a4ccf73decfb8a8dec630536b6","first_seen":"2024-10-04T14:22:46Z","last_seen":"2026-04-04T08:19:30.9091Z","times_seen":1110,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/cookies.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.360Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/cookies.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee2-814\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2068,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with CRLF line terminators","md5":"bc418bb6dcb10c9c6fa2ec3f504c56ba","sha1":"9cd9e6f4f8b57e0047a88457546c5480574761f4","sha256":"5684597477e4a4dd05ac5e983cf6726fda4704896b1d642878cf5913fcde8d19","sha512":"9b0a78d7bb255afeee28b6d3baee485c3fd584fd6362a31809ea0d905b3a999b8e849fa6c50527f4bcbecd8bf22a88bd708409bc404328d13f34e9c4cd9c237b","ssdeep":"","tlshash":"c741456a3844242a05f327e5a59a625dff30a32272ab5406f0dda1f05f11d13cd9bcfe","first_seen":"2024-12-28T11:23:31.680731Z","last_seen":"2026-04-04T08:19:30.930568Z","times_seen":60,"resource_available":true,"data":null}},"time_used":274,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":274,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/forms.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/forms.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee1-4ea1\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20129,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"ded136e24ee75ba7dc3a5db9a417c303","sha1":"7d75f32ddc89e13e85ea517d932d1eaf95906d5e","sha256":"8651df8821bd9405e71bf5f6a7a1b24d086ff15cd32ce550ba3073eb22d7165b","sha512":"2d53c2fadd2c86129f2db512aab47795269af5498cf32750912b947a3f9590152b488f36548c0b5584f81d1bfec1bd81912d7efa15a63a57e2fa514e1fa6cdc6","ssdeep":"384:fM/XK+gzbIVJiNq7BwqNUn6qsv5wHzO6k9bKSk109bK0eM1d5xoulfYJJbub/TyI:b3IVAN+BLIlG5wTEbKSTbK0eM1dfjlfj","tlshash":"e39252d8761f043bdae913ed70fe4441bdace66149409468b0fce40d36e6f984ab2bd9","first_seen":"2025-04-17T18:26:42.756382Z","last_seen":"2026-04-04T08:19:30.925661Z","times_seen":46,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/fonts/PlusJakartaSans-Bold.woff","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.759Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /fonts/PlusJakartaSans-Bold.woff HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/css/style.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: font/woff\r\ncontent-length: 50340\r\netag: \"680a8ee4-c4a4\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50340,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 50340, version 0.0","md5":"e1ec8afa61433725d4ae0849885bd085","sha1":"26c666fb3fab7365489bc2f73b1849f0ca856525","sha256":"29a25631383af69bc0dfb935acad827097e863102994f4dab3b12d5779f6a838","sha512":"36875d1cea698077d399e1a28365918142d49632151dd1bb0e22b8866d383bc0fb299c8d1ee828c711ebdd4281b9545f21f84147ed660d27a91841db00ad6d74","ssdeep":"1536:C4Z5BS/+IxLAtM8me86sobv3EIWZZznqRvUmMRf:zX0+IxcMVhYv3tWZZORv/g","tlshash":"bb33f17a6eafe78dc56a0b29cb1aa7f35f187bbad02e40340025134f35dd506c49a987","first_seen":"2024-09-28T07:08:10.117038Z","last_seen":"2026-03-19T10:21:44.193794Z","times_seen":33,"resource_available":false,"data":null}},"time_used":266,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":102,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/partners/4.svg","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/partners/4.svg HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/svg+xml\r\netag: W/\"680a8ee2-f44\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3908,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f8f096360e5c3640ff6bae89ef544c0e","sha1":"3f745629c9d987f880c5aef653b49833907762c4","sha256":"a800ee814ff2df9fbcd65c29f7df3ef4192d0f385b86d5028818a44e6f6d1c4b","sha512":"4052abe9c55260293e2fa00fa776e22374938a29a53706f094d5d3ebce2fdd48d6681861e5a3be5d09f440a5975fcb8d0d00fd7ffed3f8137f2b6b3fabc2648d","ssdeep":"","tlshash":"66814fd97bf89bedb40ac6f662011e0e740751e7b9cac94ac31f9e09b9828005d0bcdd","first_seen":"2025-05-12T01:13:36.969778Z","last_seen":"2026-04-04T04:03:43.897175Z","times_seen":208,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/slides/2.webp","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/slides/2.webp HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2288\r\netag: \"680a8ee3-8f0\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":2288,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"310e8e45c7aa0704b23728ec1450a343","sha1":"6f41f5d60f9bcc93bac176d7695b4249b041290a","sha256":"08be4d4973e003f339b6c4f41645e257b62b94eee487d75549e1f891238c3331","sha512":"0d677676584cc7a4be1c88cc5e7664f0c202f2abd7c631322050b51851cd39ee93d771762d6ee0030ece00dafd7e8f57c171d8b0fcb6dc5bc1335e8ff8a10ef4","ssdeep":"","tlshash":"a4412deefb29aa268d0036775f1577c0ce22e25f501cf7d687865883b303901a9c5c8c","first_seen":"2025-05-12T01:13:36.942592Z","last_seen":"2026-03-19T10:21:44.207292Z","times_seen":13,"resource_available":false,"data":null}},"time_used":416,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":129,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/loading.gif","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/loading.gif HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/gif\r\ncontent-length: 4133\r\netag: \"680a8ee2-1025\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":4133,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 32 x 32","md5":"87776ebd3eb7c2685c351a391de60b7b","sha1":"e8c6ea89a991b64f31ba3df3926552bd91e1be32","sha256":"82fcc4feff16864505ac2f138d9e22bfd673d81f20c57480af7c84cb56660a5f","sha512":"ea0fcb320d4493bc25244a10526e418fa9eca0a7ad5ff7aab234d13c25db14ee9f531f8074ec2fcbd0a5745033d13456918a583194029d4a1709d8439e08446a","ssdeep":"96:3HW7PK0nO0EIPozO7TuTbwkwRSZ6Ts7pZbSblUPZkbXrjfl0un:aK0nODi7qT0cZ6Tsz++ZkvTHn","tlshash":"d4813b1814c08d29e9e96a7bddf8101d0db15b8d6d799bab14a33616dc332f2091dbbc","first_seen":"2024-12-28T11:23:31.691696Z","last_seen":"2026-04-04T08:19:30.932448Z","times_seen":818,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/img/scope.png","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /img/scope.png HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\ncontent-type: image/png\r\ncontent-length: 268\r\netag: \"680a8ee2-10c\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncache-control: max-age=69445\r\nx-served-by: flux-kraegh.com\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":268,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 29 x 22, 8-bit colormap, non-interlaced","md5":"dda1b0325c85d6ccef230fc50871d84e","sha1":"c41cdfd15e4a0c926fcad995acaf71766d18be98","sha256":"9b62249df348b6a19d8128b0712aefb34f6315110abbc090feb86db767aa48d0","sha512":"4744a29dd911b421d53b03148db7ee596f3242c5c1da2f942076f8263dbc226eda3e3197c15ba974b27edeed7d0f6894b38ac3f2f6dafeca4fa2ea133d44cf4a","ssdeep":"","tlshash":"19d02be592407c67880d6953ef2d0013c55d45141611a24944816e3c6674527c369b02","first_seen":"2025-05-12T01:13:36.955701Z","last_seen":"2026-03-19T10:21:44.191296Z","times_seen":14,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/json","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:35.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 19 Dec 2025 19:31:13 GMT","end":"Thu, 19 Mar 2026 19:31:12 GMT"},"fingerprint":{"sha1":"FD:43:17:F6:FC:F9:5E:2B:53:FD:34:62:25:32:FF:41:EC:72:38:91","sha256":"8D:5B:FC:11:FC:AF:23:2A:87:1C:7B:4B:8D:AD:0B:AB:BB:D9:D3:7D:C7:9E:49:C6:11:1F:78:3D:E2:1A:49:DC"}}},"request":{"raw":"GET /json HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://flux-kraegh.com/\r\nOrigin: https://flux-kraegh.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-content-type-options: nosniff\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Sun, 04 Jan 2026 05:12:35 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":280,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adf22d9a8ca3a97a9ff78909b8702358","sha1":"f5046826566a7e98d6b5e5c7b0a65677c3bde708","sha256":"756edd1454b049c1370e83c864bc93dfdd82f44d8f9752b3068e5a11867a5de3","sha512":"182391c8c01e54481853a09aa4cf8072496850e45863b198721d0d572e3aa93d8fe11a90bfb24cf97fa64cc132f1594c379474db65db5a1d2207694f770443b9","ssdeep":"","tlshash":"c3d02b6621341b37aeed455c8406960622656e1f1642369f0fe72b0c100c87334f03ae","first_seen":"2023-04-17T17:28:07Z","last_seen":"2026-04-04T17:24:50.839518Z","times_seen":46599,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":149,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flux-kraegh.com/js/intlTelInput-utils.min.js","fqdn":"flux-kraegh.com","domain":"flux-kraegh.com","tld":"com"},"ip":{"addr":"94.26.38.9","port":443,"asn":48452,"as":"Traffic Broadband Communications Ltd.","country":"Bulgaria","country_code":"BG"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://flux-kraegh.com/","date":"2026-01-04T05:12:36.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"flux-kraegh.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Dec 2025 11:26:31 GMT","end":"Sat, 14 Mar 2026 11:26:30 GMT"},"fingerprint":{"sha1":"40:27:43:63:EC:35:40:E3:A7:B6:8A:D6:BC:55:B0:4F:89:F0:B1:89","sha256":"CA:92:8E:09:46:DF:F6:C9:F6:C5:4F:FF:99:8F:68:FC:8C:55:B5:CA:20:68:E5:E1:B8:7D:66:3D:44:CC:BF:66"}}},"request":{"raw":"GET /js/intlTelInput-utils.min.js HTTP/1.1\r\nHost: flux-kraegh.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://flux-kraegh.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Sun, 04 Jan 2026 05:12:36 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\netag: W/\"680a8ee1-3f689\"\r\nexpires: Mon, 05 Jan 2026 00:30:00 GMT\r\ncontent-encoding: gzip\r\ncache-control: max-age=69444\r\nx-served-by: flux-kraegh.com\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":259721,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1903)","md5":"4e9dfe4ff0e4f710ca4d7e095262c1b2","sha1":"e995f1c98857e950882f9ed98b1f35469635a119","sha256":"c06746a767fd8adfe37ddcfa195262649a24a04d3b50036c77899cae54c9109b","sha512":"3fd04aec489cdb4540a0b2bce6552a7ef3517a1c4b464c1155448134de0b5ad77f9799a39f29481eee08205ca24cee01af38b782f8ce4dd251f86705d86b7f58","ssdeep":"3072:PklM0F8CAJjFs3OwPss3MwPPmdV9T2xFM8Mpmxs5DyBpUsR56kmLNTg/QKWVRpFA:PklMpjBf0xFM8Mpm0/Z2","tlshash":"d944f1ebd63c9737a1e97b35968eb3cd5a8cbca3c848567826c3b54f52784e0706c205","first_seen":"2024-12-28T11:23:31.699953Z","last_seen":"2026-04-04T08:19:30.938448Z","times_seen":996,"resource_available":true,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"flux-kraegh.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}