{"report_id":"6d63e739-db71-41e2-8135-1212d7c5fc1c","version":6,"status":"done","tags":[],"date":"2026-05-06T23:22:32Z","url":{"schema":"http","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.196","port":0,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"title":"Register your account | Haafedk Gsm Free هفيدك","dom":{"size":5535,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (4424)","md5":"45ad8693b57cbcb6fedfc9e9e9d3951b","sha1":"4cae9b20827abe88c4205afb30f62c22a98d279b","sha256":"e6af0c56024559ebcc6f0d6d6366448c14f72fbd3eabbe461b362577056bf9fe","sha512":"58d21e80776903727ab72d552e194494cc0b485f9ac756bd20d39cd74f3c27870ba939d0e4cc30fa3a5c7e53345df6652fac13a30ff0814f0ce4a5a9d41f2ce5","ssdeep":"96:zkelwFm+b433kDJo1gk8s6G84ISTP9J1e+GRJe:zkeluto1FC679J8+wJe","tlshash":"a3b10c6bf9d220400107829c65a7b7bdbfbe911187054d7675ad33bcaf8edf309a1288","dom_hash":"domhash5128625ecf67ad91d375a42e49456f5b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.196","port":0,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-10T23:22:32Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"jmosl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"haafedk2.com","ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"domain_registered":"2021-07-11","domain_rank":567011,"first_seen":"2022-09-25T04:27:13Z","last_seen":"2026-02-17T01:37:50.034482Z","alert_count":76,"request_count":38,"received_data":1059896,"sent_data":20526,"comment":"","tags":null,"fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"FancyBox","description":"FancyBox is a tool for displaying images, html content and multi-media in a Mac-style 'lightbox' that floats overtop of web page.","website":"https://fancyapps.com/fancybox","common_platform_enumeration":"","icon":"FancyBox.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"auqot.com","ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-04-12","domain_rank":0,"first_seen":"2026-03-12T22:00:34.33826Z","last_seen":"2026-05-02T22:03:39.627949Z","alert_count":0,"request_count":9,"received_data":100544,"sent_data":4388,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"6opo.com","ip":{"addr":"139.45.197.246","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2018-07-06","domain_rank":0,"first_seen":"2025-12-05T13:38:16.183631Z","last_seen":"2026-05-03T11:25:39.02818Z","alert_count":0,"request_count":3,"received_data":6670,"sent_data":2381,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"jmosl.com","ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2016-09-12","domain_rank":0,"first_seen":"2025-11-20T19:16:38.671473Z","last_seen":"2026-05-02T22:03:39.549156Z","alert_count":5,"request_count":5,"received_data":175806,"sent_data":4381,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-05-03T22:17:40.953609Z","alert_count":0,"request_count":6,"received_data":256798,"sent_data":3302,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fleraprt.com","ip":{"addr":"139.45.195.252","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-01-14","domain_rank":17838,"first_seen":"2022-01-14T22:55:14Z","last_seen":"2026-05-03T11:25:39.226186Z","alert_count":0,"request_count":2,"received_data":902,"sent_data":1159,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-05-03T22:20:33.622142Z","alert_count":0,"request_count":2,"received_data":57257,"sent_data":891,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"quge5.com","ip":{"addr":"139.45.197.114","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-04-06","domain_rank":0,"first_seen":"2025-09-23T00:56:31.907088Z","last_seen":"2026-05-06T13:14:56.045195Z","alert_count":0,"request_count":1,"received_data":108172,"sent_data":408,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"094kk.com","ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2022-09-13","domain_rank":0,"first_seen":"2025-11-20T19:16:38.677253Z","last_seen":"2026-05-02T22:03:39.565502Z","alert_count":0,"request_count":8,"received_data":176500,"sent_data":7752,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bobapsoabauns.com","ip":{"addr":"172.67.166.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-23","domain_rank":16239,"first_seen":"2025-03-26T18:52:40.148632Z","last_seen":"2026-05-02T15:58:34.696531Z","alert_count":0,"request_count":3,"received_data":24875,"sent_data":1381,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tzegilo.com","ip":{"addr":"104.21.11.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-14","domain_rank":18163,"first_seen":"2022-01-14T15:27:15Z","last_seen":"2026-05-03T00:27:56.004221Z","alert_count":0,"request_count":1,"received_data":18655,"sent_data":407,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"my.rtmark.net","ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-10-29","domain_rank":43911,"first_seen":"2015-02-04T09:54:57Z","last_seen":"2026-05-06T18:34:40.342222Z","alert_count":0,"request_count":1,"received_data":835,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"094kk.com/400/10479302","fqdn":"094kk.com","domain":"094kk.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"abc6ff75c967d180dbc07e4a90a074c1","sha1":"337eb3ded8b7332c9da8fb03b14c9ead7a0c44e4","sha256":"dd6b199e1c5d34878b2dd42a025fcf6fdcda117663052b3f1fcc11fc87776911","sha512":"c42b1436ee8c15fb55d4de6a1a1f6c0cf487f9b69c31d301cd52b36de54733649a87646cffb3d2d255825ddcef62bb99e044064853f0af9e54e48f2921860d6d","ssdeep":"3072:Z6yx63n5Hic+nV9y6ZBgK/u3DOTa06iIblqh3l4u9Sb29zsDDgAUr62:jx6X5Hic6V9dgIyOTahiIblqVlhcbog0","tlshash":"43f3f6ac729270d92a7755a1423f9e5eb67f9890688ec590e017e1fc3d3410ac7e3de8","size":163560,"data":"","first_seen":"2026-05-06T13:15:04.38097Z","last_seen":"2026-05-07T03:34:49.03726Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/components/fancybox/jquery.fancybox.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"b92d47642e3247c8999d6ecfac00079d","sha1":"cfb927ca23e6a13aa6940b18c5aa4ec7da4a638b","sha256":"0be343e16013271de06180a331f15d2467b411a8d6e4689279a0bbe3a8aa6b1d","sha512":"e898f89fbec61a8c3ab3481a9705f08ef71ffb3d38880ef9acbf34971a3d437edc425107e2555e4a3ab462a969304c8cfc5af8e05114d65d68a67f4ffb805d68","ssdeep":"768:NDKE0WZGkYqqV/UtUA1hFFuuJ1SKg87qJ9Tygbrq1dxQv9ylX6cdLjLp8lABHhuq:3NZG0dZ7/uuNDqJtygSFGnZ63Lwfe","tlshash":"be43199f7710747586bb16a4a30f520ed437681af10284b274bcd8d516e5fc822ebfea","size":59714,"data":"","first_seen":"2023-03-07T01:14:46Z","last_seen":"2026-06-15T16:10:35.140253Z","times_seen":801,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"afa2347e81533438b5c6943ad95fa759","sha1":"6d01f4b4f21a50aef0bb772309b2edd0b3595437","sha256":"c8b3681866422bba43f85b6269b9f94585c3a32bb482e2eb3c3c2b2964fc5c3f","sha512":"82c9c2a4d9e77ddef3684dd5578735a1d979e24c8701e82f93911f100317b8cfe547f692b2f37d14916bb341a0e5888dfbd24c0e5b5e4d4cc0c61ef9b84adf9f","ssdeep":"","tlshash":"ca01735e0b6f04731e73e615d39b3966e9f11c036044eea8355f47004fd251666a56e1","size":669,"data":"","first_seen":"2025-11-01T22:37:11.539774Z","last_seen":"2026-05-06T23:22:37.765367Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/jquery.easing-1.3.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"79c606ae5e3562d73359347e4197f7a1","sha1":"1b18d89d65ad729ba09689596b5401cecabbaddf","sha256":"9a00005aa976aa45dd03d0ae2aba6bf9abf741f57d2b45e34a30b7c142302851","sha512":"fe3ff4ec4101ba685b0002b3bab2cd86ea826daa8cdddc32c62a46451e30bc8121a1ce63d47eb5bfbeff48644c9d33d2d80a7accd40db84e56f6dc45127512f0","ssdeep":"192:pl+Or8ur83V33R3hq6+uwLv2Or8ur83V33R3hqo:zZr8ur83VHBhtwhr8ur83VHBhL","tlshash":"34e1438a71f17719539133f0117a204b729deca9271e6804e8b9a9897c7b27cc77bc6c","size":7044,"data":"","first_seen":"2023-03-08T00:58:02Z","last_seen":"2026-06-14T10:17:08.92711Z","times_seen":262,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/jquery.raty.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"86a847667db14615f2250f7e514c8c66","sha1":"7b308dedd78e158b1dc55f215909336b830c6749","sha256":"95e661e05ce7526f3a5527278e565ad71cda9dca5b80d72a0ce76bad97353a9f","sha512":"46cd8d256492da4123f776c2745cc8f4521ef4fc6c020d8b583e9052aa764c9c9fbcf75e1fdf89fc5cf7c0313fc2e9e2770d3bbc8dc84edc0633532259c0b906","ssdeep":"192:vdlRLpMwO35XNARENbYnPP3wGCGGtQ//iuX8:vdlXMt3HgENM3w7Q//iuX8","tlshash":"c1021fc8b38571069de33370249e674ee333ed8b9642402d783dc6d5ef6988995b2e78","size":8273,"data":"","first_seen":"2023-03-07T12:03:44Z","last_seen":"2026-06-15T08:57:30.421907Z","times_seen":422,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/echo.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"046ea20e950ce65464b0a3627f2fcec9","sha1":"c984f621ab86e4b94c9da5271f435ab3d554b06f","sha256":"28474fd0989f56bcd1822eb9eb34f25662c897ed216f02ea808e259b91795993","sha512":"1d54f7b5749b52ec8e8bcb37f29bcf8b9ccb7fc0ba97e7ebccc7cc93afb639ddf8dd4a2582cedf00a249015a211881a611e1aea5226e1a3a5ec5595ba40081a5","ssdeep":"","tlshash":"4131e1997605a5b30993e2f4956eaa462a3321b3680bb840801e9cb04878cec6537f98","size":1583,"data":"","first_seen":"2023-03-08T00:58:02Z","last_seen":"2026-06-14T10:17:08.945149Z","times_seen":243,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/bootstrap-hover-dropdown.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"63679500485c6948d4b5d635f55367f1","sha1":"a5316482853c57d711a76cf19e0fb197a399d956","sha256":"dc421913074ba8a3401230cd1f9f980f84b26c198557e6608c6f76d76a954ce0","sha512":"0d7f0e2b9e216406b1d6008ac29dc244d4b0f7ad5c41f1ba4bc596c4579a69b6f246727abb4172939aa41cd548e3ff88705ff907d76b86b126116cde8b349561","ssdeep":"","tlshash":"3a31129cf78c206313bf267491bb811756677b15e10a8061b83f01b91e9e51a3753f6c","size":1467,"data":"","first_seen":"2023-03-07T21:52:56Z","last_seen":"2026-06-01T13:31:18.220997Z","times_seen":107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/wow.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ca2644d1da30f25f9391d2436e4f26b","sha1":"726770317740c2f772c62967ab11460cdc38624b","sha256":"ff8c1eeaabf27111c1f4a10651da1e10917e912db6a54cdc7a753d27bedde956","sha512":"60b456b4784ddb185c2e05fe4a0b0278113683ed43e49af79c957e09184891e0a1c775d92c3388940b43e9e7f250ce46da35eb9057e38c84b3ef44d1f8b97a9d","ssdeep":"96:tGqKWTAs5kF/suCJ5waOVEE1FnePgJqg4SImYadsQ:43s5EsuCJ5fOVEE7ne4JqgpIwdf","tlshash":"6ac175c9b7867035c79ba1f6873f0105a23a19acb418447cb6f984e57d348a99237f7c","size":6139,"data":"","first_seen":"2023-03-07T12:58:05Z","last_seen":"2026-06-16T16:28:41.019123Z","times_seen":629,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/css_browser_selector.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c90e8b1a59df8f373e37995c4c27fb0","sha1":"37d1cb1fa2358b4c530636096d926f7b803b3d12","sha256":"bbb9094e86986d381014be7eb58488fe3d9d27c8a0df191e2254cc8d0c1113e9","sha512":"d175666302c66ca78f02d31a1309a2d473d65aff3b74a7f4d236ce9b53373c20e92be77d0f2db859241e94cdd832eb958c4b3a14e0bb7582346171fe1825c4a0","ssdeep":"","tlshash":"8b21f0ac519ef3240d1f77d928e63482d17d9536cdf40b06c61f8424b5a9fcd83a4719","size":1321,"data":"","first_seen":"2023-03-08T00:58:02Z","last_seen":"2026-06-11T07:02:38.910498Z","times_seen":354,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"quge5.com/88/tag.min.js","fqdn":"quge5.com","domain":"quge5.com","tld":"com"},"ip":{"addr":"139.45.197.114","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"fb3c9e4a9314160cfcfb0a1407560b5b","sha1":"3ad2a3638eaec277148a16c83fb02e1a71ada756","sha256":"0041c4d412978e06fffe965e742c5355612030ac285ded8326c3c2830b873681","sha512":"3ae33273223cd0666ccbb3160b5442648f3ece029017ca352f1950e3359918867da6f6a926af72e932c33674065b19e117dbc9dc4fbba0954135fa09cc82de2e","ssdeep":"1536:/n+BxqgVhMxToKkhoKzZYSBQ5G0eNGsoc0rxNRxeZrgfgPBFwx2QgKG+fiE+10ji:fyVmhKUolpB02Zcfgf2G+fAMoui","tlshash":"0fa31af572c2b1ae03e7a8de806e7592f66f2cd0064c4154f0a8a5663875d1ec2f6f78","size":107264,"data":"","first_seen":"2026-05-06T13:15:04.378269Z","last_seen":"2026-05-07T03:34:49.067109Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/bootstrap-slider.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"06ec2bfd492d03f581c0c8c5f634bb8d","sha1":"285eef130307bcd21b20f0c56fdc3800c2294bf1","sha256":"e2fd0fd3e49325d9e15cc5de7340596685a5d71cfbf08feba5107a478025b81f","sha512":"f2e74f0783e294c8f107c01f7a9ffd39f750073e1c8c777c70bb8ece5726589d91c845f476ab075b295981efbcaad8bc8109e198c1decaa72dcf2e62d60ebfb2","ssdeep":"192:aGLPHGBoa3mQe6F97hPuzuCOX8Wok7pVOI17PMCRPoVWF97cvcVIn:aGL+le6FdhPuzu3MT0VOI17Pr5Fdcvce","tlshash":"d702009335a6353650eac27230096795e372f21d42820abcbdfc41dbad7ef0921b9779","size":8259,"data":"","first_seen":"2023-03-08T00:58:01Z","last_seen":"2026-06-01T13:31:18.235394Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"27fbfec5c745d050e78a57f4c92fc226","sha1":"e25e7acb20a37ae82629ddad2fcf9b3ff133899e","sha256":"f3228007b988cb6c320edac5aa901113f95c5a76ea4652f47146f6a329511d2c","sha512":"c3cab4f5eb0cb3ea847deb5ac8adb117623e89628df190dee008b9fd9e8d25e6b8764d148289416595df8eaee89ad4ec2b30cf833ef99d2ec8479594a0bfd506","ssdeep":"","tlshash":"69117a396973192a126794a60fbf82483431506f6342e9457ebd8e684f95c53a423992","size":954,"data":"","first_seen":"2025-11-01T22:37:11.563209Z","last_seen":"2026-05-06T23:22:37.766573Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/pfe/current/tag.min.js?z=10479304","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"817e93cf8047aa6976d8cb049a266227","sha1":"f7375f6bb7f11c483f9508ca0f5493c062eca92c","sha256":"11b8e2b9af65ec7320596f5f3df22c42f23bc0543ba7bd4b2a88da8b8e276c99","sha512":"21b98c4399b1279f27bfe8799f41eb412a6744a2e2022b9f1ed1420aec0c629fa740e88c3bc782b49642f87f02e8519954596f042a27c620bc9fd7ab778beee6","ssdeep":"768:K8Dyxcwel2z/8nZKHIMfDSXEWtRPl8hEcTet/pUH5d5i5sBa0+GMSkiHxa5apHJW:+d/zR2XEWLd8cQxAt8pHJYqcyUR","tlshash":"86d2c7813fb7645127d127c3d07fd16a93a6960534aef5e3a40e659228720ca8fb3f63","size":29347,"data":"","first_seen":"2026-02-20T14:20:13.318306Z","last_seen":"2026-06-16T15:32:44.351642Z","times_seen":390,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tzegilo.com/stattag.js","fqdn":"tzegilo.com","domain":"tzegilo.com","tld":"com"},"ip":{"addr":"104.21.11.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"01227f5edc20e0ff4ed643b27cb8bb68","sha1":"d71a88f7341f2b1bdaa7deb9a66888607bd52598","sha256":"75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2","sha512":"88046b07c07ff6de47ef7d1e0d7ca281fc48e91fc6a292cdf611457b96ac92bb0068971cfd55c0cc3e6179d7335e77a6a14b15fa502bbae7b2233546da6c0f98","ssdeep":"384:WDWdyJ+TJTwWV+6RUL2qq8L6jW4+QL1zWAWvVRIDiei:7so1V+g+d+j4pJ5","tlshash":"8d82094a72d525ee82a3a1d10cef612ffb664e86a97e1785e381b49c187404ec3d7f90","size":17879,"data":"","first_seen":"2024-07-11T16:28:55Z","last_seen":"2026-06-16T15:11:14.644926Z","times_seen":7058,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/jquery.customSelect.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"0212de77848bab70b670586c782a2f4f","sha1":"ea9861b8b61802f05acf92b18609a3eb4c5be4d4","sha256":"94eb062f034d9c0a3631943344065bc2e07d520367312378b596f2b1f2a65109","sha512":"5a91558457aa1db34182e8d79e8d6ff7748ae9ae5eb5ec652d8531a4a8059afadb2bf76bd5ef13282bbef8f4f5c70ff1a18857016b12d1b91b0450ea20dc6971","ssdeep":"","tlshash":"8951f01c363472b48cff5d5238eb810fd463d87a96468b624cb240596db984d7257e1f","size":2543,"data":"","first_seen":"2023-03-08T00:58:01Z","last_seen":"2026-06-15T15:20:21.229172Z","times_seen":259,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/jsoft-custom.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0336978a1815139f2318169cd629495","sha1":"e4d3a80a69b1af6230577063e650a25a9372e24a","sha256":"f3f767703a1e23320540cdc4c41c4fe40de2a261e535bfa810c9468c9053bff2","sha512":"9ecce55f35f77c41668154d0fee768223b606bc9f80da4ca74193d3d890c0149e1dd916250553a174d448fd03b19d72685ab17706be5e5dabc0e7ec93f382b26","ssdeep":"","tlshash":"66d0a726b21a1d3f98f373021ab7c7308bbfd0287a2651573b49644e3521bdc052bb85","size":247,"data":"","first_seen":"2025-04-22T11:15:07.735137Z","last_seen":"2026-06-01T13:31:18.228011Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/owl.carousel.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"2fec2de7cc7d2d9a66130311f52b5db8","sha1":"5cfc389925bd8200ee1e0fb224434ded9cae3f15","sha256":"4b18105a346260a3e8359cd02633fd5f8bb244f2d5f43e4375a1efd10e5c865a","sha512":"2c65ad232d52605402fe3c61104ca6e19be96dd89eb072e8554c3019b549c1af260a6fd16ab7c007b4ddc24e9c0bec770aba5cc4d1cff2fb7a9a241699d8a04c","ssdeep":"384:XWxb9XXAhOfMSelTARgzoSC0Z4eAchzD/DM5F:8b9uTARgz5C0ZVDL2","tlshash":"1962183a2152321653b261af157c818213e548023ec7b464f9e6f8edebb6161117bbff","size":14916,"data":"","first_seen":"2023-03-07T01:34:34Z","last_seen":"2026-06-16T12:21:46.811381Z","times_seen":3746,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/components/jquery/dist/jquery.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","size":86659,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-16T17:32:06.114976Z","times_seen":94223,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/jquery.prettyPhoto.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"51d2c2977e3dbb58e8ee5a5f52673aa0","sha1":"81e3ee36772fe61b742073a973be1fb840a5cafa","sha256":"7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6","sha512":"fc6b71b2fa9529b80e5bd7a11e0eef3e01991889eea54750ba0498da12c455cf3d9662e94910bf13695800a9e5e2179a992453c17fbf8a92c91b3e5aeca6c82c","ssdeep":"384:A8MVMTvI9NsdEYKbuvafP3l+CBb3+8rBEpiijfIj7lU+glBj8nneyspL0NeuakTj:nIL+aHl+Cp3+gxq+2+fwGKkoAnFN","tlshash":"a6a286386d2078afc2d3e276e4475b28d1728e33a746d464b2789c7419f4a87643afcd","size":22060,"data":"","first_seen":"2023-03-07T01:02:51Z","last_seen":"2026-06-13T23:46:32.978684Z","times_seen":1505,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"233dadca5446dd9adf0428f19ea11c19","sha1":"164697da89dc7ab08117228a40f76d8c18d26861","sha256":"575a43d9e76a5338a2209f06b83338bb5df25ffe2a2fbbb7982183ddc61e26b7","sha512":"4c79b6fcab4aa1998ea8a9d19c6b7f1aa199181dd5c0ec9bc78819b7dd921e1a892a52fe452758e385bd203a5ae66bc4336e3e3ff1bf4a6a67f24f67dc2253e1","ssdeep":"","tlshash":"6c014cff592e41a78a22048f85056dacd373b645bc9194b6f0acc9a8cbca11ca2b517d","size":688,"data":"","first_seen":"2026-05-06T23:22:37.767619Z","last_seen":"2026-05-06T23:22:37.767619Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/scripts.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4c0f4de02bc359c852a5be3db9aac7eb","sha1":"416f834c9cbf72f3f8eaac790c28eec31e49d798","sha256":"7887086b2802a150b7e954bb5dc8f473fd9af57458bdbad17b58cff934dfc5d3","sha512":"c0925a1d6e8933d8e28dcfaf4c13e23acbfdc33062d6e9e6300099b37ab80f6096c5f8b2bd2218d1f1e04d522cba754d36460c6f3e876b9a344aba8a2fe81202","ssdeep":"192:9ED1jy5DyKBye/yh/yy3fDV5yEZn3kgaW/ap28C0Tfk3CYvBtgrEkTECl/6x4M:kEpzOlxD","tlshash":"76921019b4b6213081bbb4bf1b6f96082e314067d8c7ce107d4d96944f687ecd7a7b98","size":20376,"data":"","first_seen":"2025-04-22T11:15:07.716619Z","last_seen":"2026-06-01T13:31:18.245413Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/jsoft-scripts.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"1395db4ed4a1ffc6febb4e5a4e04246f","sha1":"93dbb16c1d8ec911ec39e4d01fe12577a0f834c2","sha256":"d274cd90c232f3a36078d53040e72c4a059c1688568bfa4f8fb8b8d2c43ea061","sha512":"e290e39e72a06eda5aebd15d91b3a2873c1af0a183dbae812a07089ffd0066b6c9a4d2baa0c17bb44263e3ab6c813d100ef2506c2f03e64b11f8ad527d58318e","ssdeep":"192:jHWsyHggAnt7oci5T7SWwEfQ9m5aSIWSNUrYH8V4vsdg4gMktzjcsfPLC3zX97+o:jH/yAgG7oAmzjZ/mjC3zXVSjfFuZhSQ","tlshash":"aab23658bdb9202021bf30af19efd9013165d427428acd51f99c9cb44fe4a6872a7be9","size":24054,"data":"","first_seen":"2025-04-22T11:15:07.736002Z","last_seen":"2026-06-01T13:31:18.22234Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9e31d64f51ae8755a764923b0475d37","sha1":"a8329479317ceb489c249662abf9233160a49b8c","sha256":"a995cb39a06239ddc3e18a62f3894eec4b6c245cea6868c02071a25e003f8433","sha512":"a2dd4e3363e2d5d3cfe90908a5db991a3f2ee6a0513f78e77cd919dfd9affd5f1c1eec84571ae752ab8f6548147fe3879880913a392a44f7bb5919ca2d5e06ed","ssdeep":"1536:3i+dDRL6pjQ8gPDWWsWOI5Xj5+22A9UZI3+Mat:3iGpkI5N+JqcIud","tlshash":"4f53da922f75ec9513f5a7c3d01fa612d361c940b8a6f4a0a51ee5e214210d9cfebee3","size":66142,"data":"","first_seen":"2026-02-20T14:20:13.28327Z","last_seen":"2026-06-15T03:29:54.225628Z","times_seen":424,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/jsoft-functions.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"06cca952fca06bb6f49ea596cf94af14","sha1":"448ec6f6faf5c140ccd47cea0c0e1d07c4cfbbf6","sha256":"4458019ac160eb69eb50a23750bf90c89f9231434a8ba2e2d69283a36a5cb980","sha512":"94ed2b407058d6f4a5e04746148879a5c41a5e7d6d435e521050389ec95fdc0528c9feac38f753975a6b3ba6553753562668876b10c3d3c0301ceadc791d8b39","ssdeep":"192:jHWsyXTrq5JqHQHZ25QLvonCaL5QhC7zNxbQ9mUTbt3MiQkMjqWTQZ:jH/yF9UCvNOmEb1j","tlshash":"6bf152ccbaeb701112bb716e099fd505b0b98827158cc850f88c57f05fe286d96ebe79","size":8097,"data":"","first_seen":"2025-04-22T11:15:07.711537Z","last_seen":"2026-06-01T13:31:18.227211Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d109c744ecfc275f6c7c8dc38677f938","sha1":"15abfbdb0b695c9c77733a053ba5488f5a30fc42","sha256":"0fc56fba304860218d07e2fe45a64b1a7a702272d575de17f8d9473d582825ec","sha512":"0ef89fd06f0f1cce82a178b3194e23178448245a44120f94015b21527d9db0ef11379ab5453e98e00db95b8bb2fa48a8e2d56361d6cfd8e6abf5fa99ce9964e4","ssdeep":"","tlshash":"6701c0ad2d69c15d4833649fdc9005a8f73798cb05add652f56d09f84f143ad339b10d","size":735,"data":"","first_seen":"2026-05-06T23:22:37.768645Z","last_seen":"2026-05-06T23:22:37.768645Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"eval","is_inline":false,"md5":"129f5fd162665cd0abc0f39fea8c9e8f","sha1":"253c21387dc8055cee42777276f455c7794de3cf","sha256":"a6336811b695da7dff581c054bbcb90502e899d034ec0f26005f91236c3817b1","sha512":"c6017466dbe4147b237b174c099b386869ee7adf1c41bb7a46df29febd2ae551d7059c590b4cdd76248b7414262ce0c856deeb174e6ccdc8a45dc9d820d505a0","ssdeep":"384:jpWcj41o2t8Z75jf5E1vcNTTCD2c5cDgk:NWcj41m7av8fCD2wk","tlshash":"d0b2a5523250233482e332fe55af510d763afb74ad428169b06285eb366754ed273f3e","size":24154,"data":"","first_seen":"2023-03-07T01:33:09Z","last_seen":"2026-06-16T12:21:47.096668Z","times_seen":4696,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/bootstrap.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba847811448ef90d98d272aeccef2a95","sha1":"5814e91bb6276f4de8b7951c965f2f190a03978d","sha256":"898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1","sha512":"bced99d9331614757643273441a2b8921103382949ab0e510f386c453ec2a2359da39680d8a169e6bcbe7531844eaf5f598560f0d133d3fa3a9f6c7502b148df","ssdeep":"768:jryxMjJYkskKzykVtCb+9C8agZMdyKHfivbOCtFKH:3HbjZC7w","tlshash":"f1d26506b2303161079fb2f5515f020b733a6a7ee906907c38b99ae63d79c587167f39","size":29110,"data":"","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-06-16T17:23:42.918727Z","times_seen":28513,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jmosl.com/401/10479303","fqdn":"jmosl.com","domain":"jmosl.com","tld":"com"},"ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"9b6415c6836a9d71f1b59428b41f1769","sha1":"829689aa0d612dada18b3560336e330a89e7e998","sha256":"bde7386d451b6c794ab44248e6c10fbe8937dc53ed720535be6710f4eefe695f","sha512":"6423af48f8edba8da55964b634dad060fd2e3425ed6b565da0b71872ebd6fec4b23d11e576ae9dd47a8a0bdd8765b859688dd4c34c03229151c169c06cb2817f","ssdeep":"3072:e4gdwt2dH1rpnyMexIWBZ6rDZSny38DaDAr2DNtKGMyJHGBJVRzJgf4jZXGejUso:8H1rdJexIWCIny8DZC+y6Jb1gf4jZXGF","tlshash":"e9f3d7c876c270a41a937160417f6d1fb62b5d21b89fca14d526e5e93f3840b93a3eec","size":167160,"data":"","first_seen":"2026-05-06T13:15:04.387394Z","last_seen":"2026-05-07T03:34:49.016681Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/orange.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/orange.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 1770\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 16:05:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:36 GMT\r\netag: \"2768-696bdab0-346e5dde12dbafb3;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\nretry-after: 60\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 556786\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: ae4c25bd838a6c629a3766dedc4f4652-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":10088,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ea2a2a8cb50976500d837b761159a885","sha1":"2ccbae8bd62f005171e528f1a327f4fdaa3eb6a1","sha256":"3280f77e17dcf241a2aae53852119ab69fc86647aaef448ee6aab94b41352c27","sha512":"873aadf938aa3de4ac015102bebfd5181184ad403f2061fb0406164e7516e2d81fa807f7b85646e82b2ecddea07acf6742bfaad4a2574c5c3963b4a00e1e4d60","ssdeep":"192:2wfrTmiIdhIG2kfAkvA8GIFQYreiOSoMIagAqpXP6CqhY:RrTUhjrtFQSeiOJ7dtqhY","tlshash":"0c228cc0f3fb5966201764e86095f9f077ad02c4c4985f7c7ab950792f48b90fa3e689","first_seen":"2026-05-06T23:22:37.708003Z","last_seen":"2026-05-06T23:22:37.708003Z","times_seen":1,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"quge5.com/88/tag.min.js","fqdn":"quge5.com","domain":"quge5.com","tld":"com"},"ip":{"addr":"139.45.197.114","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"quge5.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 30 Mar 2026 05:13:52 GMT","end":"Sun, 28 Jun 2026 05:13:51 GMT"},"fingerprint":{"sha1":"5D:D1:36:04:CC:44:EA:A0:B6:01:55:5A:14:1F:C1:C4:04:32:EC:69","sha256":"08:C4:63:EF:F3:38:76:5C:50:0F:C3:AA:8B:10:82:7C:8E:8B:08:6A:89:0B:14:80:0D:DC:E6:BE:C3:63:E3:53"}}},"request":{"raw":"GET /88/tag.min.js HTTP/1.1\r\nHost: quge5.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: 36f48e58e4ee46894bc9f5434f0741ec\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107264,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65494)","md5":"fb3c9e4a9314160cfcfb0a1407560b5b","sha1":"3ad2a3638eaec277148a16c83fb02e1a71ada756","sha256":"0041c4d412978e06fffe965e742c5355612030ac285ded8326c3c2830b873681","sha512":"3ae33273223cd0666ccbb3160b5442648f3ece029017ca352f1950e3359918867da6f6a926af72e932c33674065b19e117dbc9dc4fbba0954135fa09cc82de2e","ssdeep":"1536:/n+BxqgVhMxToKkhoKzZYSBQ5G0eNGsoc0rxNRxeZrgfgPBFwx2QgKG+fiE+10ji:fyVmhKUolpB02Zcfgf2G+fAMoui","tlshash":"0fa31af572c2b1ae03e7a8de806e7592f66f2cd0064c4154f0a8a5663875d1ec2f6f78","first_seen":"2026-05-06T13:15:04.378269Z","last_seen":"2026-05-07T03:34:49.067109Z","times_seen":4,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":36,"dns":21,"connect":28,"send":0,"wait":55,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/images/payments/payment-visa.png","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.045Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/images/payments/payment-visa.png HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2698\r\ncache-control: public, max-age=604800\r\nage: 4732\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 59ef55d7ca6363fe4fa52330dea478ea-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":2698,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0bdc87e848048453cd45e40142b85501","sha1":"6cda47996d7b3fbca73f46fe3393487347903338","sha256":"4d5fe4b5fbc710a512cfed4aebacdf3298ac49d4126dcb1f84a82fa3699c56da","sha512":"3cc9b439c0ce5959a80287ffec76b8c7794cde25ba0235810f70ba9eed58b8f46af06e77080f499a9aaddedba7762477cdcaab86b616e2caa8b979d713dbea3c","ssdeep":"","tlshash":"b051fb5beae72b0add463d3dff1ac772720f0d649d06053541048538edf059658b7195","first_seen":"2026-05-06T23:22:37.710817Z","last_seen":"2026-05-06T23:22:37.710817Z","times_seen":1,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/images/payments/payment-master.png","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/images/payments/payment-master.png HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3206\r\ncache-control: public, max-age=604800\r\nage: 4732\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: a9b11873cd3ce48e5a86c039ef8e2808-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":3206,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"48e98249cadbe875e2f822962aa4816c","sha1":"7ed074f6cb5938330929eb28366a879ffb0599c4","sha256":"1f1e8535ae396f23f5b13484d9ce5c15e2c267db93a83365062240682c722db9","sha512":"0bc6fb1de80adf996bdc11f8a9f1af3eff712300a3ea51cad84a22c3a77ab4030793cd1eddb1bdda08d8bedf6f05aaabd00b09bd56a27ac738171359cdefb4e4","ssdeep":"","tlshash":"bc617cf7b013b68dd1dc94bfcba26fc916c0c9448b04e402ac17412d5ced92208e8dec","first_seen":"2026-05-06T23:22:37.711913Z","last_seen":"2026-05-06T23:22:37.711913Z","times_seen":1,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/bootstrap.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/bootstrap.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 7300\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 15:01:48 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:20 GMT\r\netag: \"71b6-696bdb18-9860d74be2192592;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 31559\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 43985d1286bf92fdaedf70312b834886-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":29110,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (28941)","md5":"ba847811448ef90d98d272aeccef2a95","sha1":"5814e91bb6276f4de8b7951c965f2f190a03978d","sha256":"898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1","sha512":"bced99d9331614757643273441a2b8921103382949ab0e510f386c453ec2a2359da39680d8a169e6bcbe7531844eaf5f598560f0d133d3fa3a9f6c7502b148df","ssdeep":"768:jryxMjJYkskKzykVtCb+9C8agZMdyKHfivbOCtFKH:3HbjZC7w","tlshash":"f1d26506b2303161079fb2f5515f020b733a6a7ee906907c38b99ae63d79c587167f39","first_seen":"2023-03-07T01:02:10Z","last_seen":"2026-06-16T17:23:42.918727Z","times_seen":28513,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/event","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.346Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auqot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:23:59 GMT","end":"Wed, 10 Jun 2026 11:23:58 GMT"},"fingerprint":{"sha1":"14:A8:2D:22:A8:09:DC:5B:43:9D:40:02:75:C3:6A:D8:21:BE:2A:B8","sha256":"06:01:25:3A:07:1E:8E:08:B6:6B:13:CA:55:0F:5A:F4:71:D1:83:4C:E5:A2:58:6C:E2:AF:88:DB:52:49:92:D1"}}},"request":{"raw":"POST /event HTTP/1.1\r\nHost: auqot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://haafedk2.com/\r\nContent-Type: application/json\r\nContent-Length: 899\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":899,"data":"{\"code\":\"custom\",\"zone_id\":10479304,\"sw_version\":\"3.1.647\",\"pub_zone_id\":10479304,\"trace_id\":\"cd890756-0ec5-41c6-b3a1-84532bccd985\",\"oaid\":\"2af4087a03144cca804f84ce65c135f6\",\"ip\":\"91.90.42.154\",\"geo\":\"no\",\"location\":\"https://haafedk2.com/index.php?a=register\",\"domain\":\"haafedk2.com\",\"install_ctx\":{\"country_code\":\"no\"},\"pub\":0,\"installer_type\":\"universal\",\"event_type\":\"page_loaded\",\"timing\":{\"connectEnd\":116,\"connectStart\":64,\"domComplete\":1327,\"domContentLoadedEventEnd\":1176,\"domContentLoadedEventStart\":1169,\"domInteractive\":1166,\"domLoading\":433,\"domainLookupEnd\":64,\"domainLookupStart\":28,\"fetchStart\":27,\"loadEventEnd\":1328,\"loadEventStart\":1327,\"navigationStart\":0,\"requestStart\":116,\"responseEnd\":333,\"responseStart\":329,\"secureConnectionStart\":89},\"timeOrigin\":1796,\"previousEvents\":[{\"ts\":1778109729248,\"event\":\"hit_page\",\"event_data\":{\"installer_type\":\"universal\",\"timeOrigin\":1790}}]}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 81\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0da7e503a74c441aeec3f007173b55e0","sha1":"13368e024b42f1f25009cb87cfc4903f710f1626","sha256":"03d9ecea5e5abfb211f1515489ccb84c4dce85fb0a2feb36abc15b408a27dd8f","sha512":"4547125b6c282a21a85fe6a2f9ec935e8fc022546e75ac1a46a4f91e87e879612ba913858cb398adbb8bd732922db88263937b650c695f47507eabd1afbf04a1","ssdeep":"","tlshash":"20a012e0004c441004849209a495ed00187c48b3a5410060463e3e24422430100800b1","first_seen":"2026-05-06T23:22:37.713734Z","last_seen":"2026-05-06T23:22:37.713734Z","times_seen":1,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/animate.min.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/animate.min.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 4427\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:33 GMT\r\netag: \"da24-696bdaad-dee002b563cda952;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 6bf851f95e071bdaa187df35c7251cc5-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":55844,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (54696)","md5":"f8d3bcf54e72acdeed51152095f5deae","sha1":"c8e21199704bd904bc1b5869f31a84fb4ded63d4","sha256":"3d1eedb6972fcfcaab179edfbabff2031d6a5cc14978916203aa52cd68b43881","sha512":"e3805d1c498de30101946a44383ca2f157a19d84a7ec90ef7e6dd98ebfa395da9fe2dc017eb1cbe6b5f2936a4d994eba2fea224871b881a7553e73b204fc568a","ssdeep":"768:FekZDiap2kLx8dvwG1ZAIkKDJ3bys5XrHeI0RTg:FekZcwG1ZAIkKDJ3bys5XrHeI0RTg","tlshash":"0f43c79a4ca1228590260e55cbdc8fa84b3cc75764b25cef33867c4b8745bed23de627","first_seen":"2023-04-07T08:06:26Z","last_seen":"2026-06-16T14:24:55.476332Z","times_seen":3763,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"094kk.com/400/10479302","fqdn":"094kk.com","domain":"094kk.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"094kk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:00 GMT","end":"Mon, 27 Jul 2026 05:10:59 GMT"},"fingerprint":{"sha1":"43:7D:6F:F8:BE:84:B1:67:0E:D0:19:51:41:B6:FE:F5:F1:AF:B5:83","sha256":"CC:96:0C:4D:D6:0C:2F:D9:57:9E:67:96:0C:E3:CB:B2:CE:8F:47:A2:3F:CF:4D:81:81:EF:B6:54:52:46:8A:42"}}},"request":{"raw":"GET /400/10479302 HTTP/1.1\r\nHost: 094kk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: 953d90b6f5d7606d386794c7f4449ded\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: max-age=86400\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=03032ee684224618e2c81b346051a999; expires=Thu, 06 May 2027 23:22:08 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":163560,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"abc6ff75c967d180dbc07e4a90a074c1","sha1":"337eb3ded8b7332c9da8fb03b14c9ead7a0c44e4","sha256":"dd6b199e1c5d34878b2dd42a025fcf6fdcda117663052b3f1fcc11fc87776911","sha512":"c42b1436ee8c15fb55d4de6a1a1f6c0cf487f9b69c31d301cd52b36de54733649a87646cffb3d2d255825ddcef62bb99e044064853f0af9e54e48f2921860d6d","ssdeep":"3072:Z6yx63n5Hic+nV9y6ZBgK/u3DOTa06iIblqh3l4u9Sb29zsDDgAUr62:jx6X5Hic6V9dgIyOTahiIblqVlhcbog0","tlshash":"43f3f6ac729270d92a7755a1423f9e5eb67f9890688ec590e017e1fc3d3410ac7e3de8","first_seen":"2026-05-06T13:15:04.38097Z","last_seen":"2026-05-07T03:34:49.03726Z","times_seen":4,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":101,"dns":19,"connect":29,"send":0,"wait":53,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/event","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auqot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:23:59 GMT","end":"Wed, 10 Jun 2026 11:23:58 GMT"},"fingerprint":{"sha1":"14:A8:2D:22:A8:09:DC:5B:43:9D:40:02:75:C3:6A:D8:21:BE:2A:B8","sha256":"06:01:25:3A:07:1E:8E:08:B6:6B:13:CA:55:0F:5A:F4:71:D1:83:4C:E5:A2:58:6C:E2:AF:88:DB:52:49:92:D1"}}},"request":{"raw":"OPTIONS /event HTTP/1.1\r\nHost: auqot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid\r\naccess-control-max-age: 86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/components/fancybox/jquery.fancybox.min.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/components/fancybox/jquery.fancybox.min.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 2905\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:01 GMT\r\netag: \"35a7-696bdb05-6279e84e2260add8;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 3566ba0f584795efddce7cd6b1a34444-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":13735,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (13734), with no line terminators","md5":"35d290afd71a6053d8195ea13170b4e9","sha1":"a64676403bb5c23f9800963b0b8f0475b532601f","sha256":"e467f75601e845da217ae845b688b227a19fbf1e8fc776a42a4905869496d2e2","sha512":"0136028681f47450835a9bd6345bb647c95f2be3e963980e5b5e355f3cdc602772313640c5d9b72ae71252bbe8099b11de5663f3fde49b71a5170e42959f7788","ssdeep":"96:tGA07/mPQRZa6f3sNGzssDH7jGSWWf8+WDJT53RjRuCicfMAJpEbyZh5fN2WdZ:tVQfXcVa7KWdMT539MCeAL55fJ","tlshash":"b0524e63a140311c903bce21d7df8948e279d55266221affe68cf919cbc7be912d62c6","first_seen":"2023-04-05T04:47:26Z","last_seen":"2026-06-16T13:42:49.453982Z","times_seen":6423,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/bootstrap-hover-dropdown.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/bootstrap-hover-dropdown.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 595\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:19 GMT\r\netag: \"5bb-696bdb17-7ad09141b907b049;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 460b1cc3becb003f63ec44d738974387-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":1467,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1115)","md5":"63679500485c6948d4b5d635f55367f1","sha1":"a5316482853c57d711a76cf19e0fb197a399d956","sha256":"dc421913074ba8a3401230cd1f9f980f84b26c198557e6608c6f76d76a954ce0","sha512":"0d7f0e2b9e216406b1d6008ac29dc244d4b0f7ad5c41f1ba4bc596c4579a69b6f246727abb4172939aa41cd548e3ff88705ff907d76b86b126116cde8b349561","ssdeep":"","tlshash":"3a31129cf78c206313bf267491bb811756677b15e10a8061b83f01b91e9e51a3753f6c","first_seen":"2023-03-07T21:52:56Z","last_seen":"2026-06-01T13:31:18.220997Z","times_seen":107,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/jquery.easing-1.3.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.060Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/jquery.easing-1.3.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 1785\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:21 GMT\r\netag: \"1b84-696bdb19-4e2c313f7b3baee8;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 511299\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: f958c0d2187c44faf802cbd93c26b405-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":7044,"size_decoded":0,"mime_type":"application/x-javascript","magic":"Unicode text, UTF-8 text, with very long lines (3601)","md5":"79c606ae5e3562d73359347e4197f7a1","sha1":"1b18d89d65ad729ba09689596b5401cecabbaddf","sha256":"9a00005aa976aa45dd03d0ae2aba6bf9abf741f57d2b45e34a30b7c142302851","sha512":"fe3ff4ec4101ba685b0002b3bab2cd86ea826daa8cdddc32c62a46451e30bc8121a1ce63d47eb5bfbeff48644c9d33d2d80a7accd40db84e56f6dc45127512f0","ssdeep":"192:pl+Or8ur83V33R3hq6+uwLv2Or8ur83V33R3hqo:zZr8ur83VHBhtwhr8ur83VHBhL","tlshash":"34e1438a71f17719539133f0117a204b729deca9271e6804e8b9a9897c7b27cc77bc6c","first_seen":"2023-03-08T00:58:02Z","last_seen":"2026-06-14T10:17:08.92711Z","times_seen":262,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/bootstrap-slider.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/bootstrap-slider.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 2102\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:20 GMT\r\netag: \"2043-696bdb18-3b75d4ded282dbec;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: ff055d37bc5d844d9d34642f1a9d0d10-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":8259,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (7399), with CRLF line terminators","md5":"06ec2bfd492d03f581c0c8c5f634bb8d","sha1":"285eef130307bcd21b20f0c56fdc3800c2294bf1","sha256":"e2fd0fd3e49325d9e15cc5de7340596685a5d71cfbf08feba5107a478025b81f","sha512":"f2e74f0783e294c8f107c01f7a9ffd39f750073e1c8c777c70bb8ece5726589d91c845f476ab075b295981efbcaad8bc8109e198c1decaa72dcf2e62d60ebfb2","ssdeep":"192:aGLPHGBoa3mQe6F97hPuzuCOX8Wok7pVOI17PMCRPoVWF97cvcVIn:aGL+le6FdhPuzu3MT0VOI17Pr5Fdcvce","tlshash":"d702009335a6353650eac27230096795e372f21d42820abcbdfc41dbad7ef0921b9779","first_seen":"2023-03-08T00:58:01Z","last_seen":"2026-06-01T13:31:18.235394Z","times_seen":32,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6opo.com/wrr?z=10479301\u0026p_rid=0f3e3b24-899e-4f45-8f57-4b2f172ab0c6\u0026rb=mch6xWWdI3frT_3NJNG7pXsKn4gDt1-VvPKVlSJwzfVkmEg2C3Isv0d1-Fl2VhaOPEeJMzJh0dMcfeOyhPL-41Qf58G0t2bYz96wgPOuPacd2UHrsP1J8giHkNFZ12Qmv1pR43Cl6H7tFy6ro6BhdXS0ncsy8GBsJgPBr89omC6R35woPfwfQere5L1NqZjbIOp6_nNq_2STIr4nkrpHXJB9-9gI3frstBB9Kie9dx86aWka2VILgH0SqBmm6Q1yCnZbghRoXDytTjqjuGQNi5xyjSY-FUyjY1g1Q6kq2w99FivkH9_SDprNNVw=\u0026tt=7\u0026dmn=quge5.com\u0026js_build=iclick-v1.1786.2\u0026userId=00832e212b3c4a14fe7c8e72d14f4551\u0026tspl=946\u0026cslt=0","fqdn":"6opo.com","domain":"6opo.com","tld":"com"},"ip":{"addr":"139.45.197.246","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6opo.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 05:09:53 GMT","end":"Wed, 10 Jun 2026 05:09:52 GMT"},"fingerprint":{"sha1":"41:DC:F1:85:77:F0:0C:F0:6D:99:D3:49:49:8E:4F:0D:1A:14:09:2D","sha256":"FD:E1:4B:BF:9B:78:74:32:4B:0E:54:76:B4:05:F4:6A:0E:A8:97:7E:62:4C:1F:55:23:3B:F5:48:DE:D9:3C:50"}}},"request":{"raw":"OPTIONS /wrr?z=10479301\u0026p_rid=0f3e3b24-899e-4f45-8f57-4b2f172ab0c6\u0026rb=mch6xWWdI3frT_3NJNG7pXsKn4gDt1-VvPKVlSJwzfVkmEg2C3Isv0d1-Fl2VhaOPEeJMzJh0dMcfeOyhPL-41Qf58G0t2bYz96wgPOuPacd2UHrsP1J8giHkNFZ12Qmv1pR43Cl6H7tFy6ro6BhdXS0ncsy8GBsJgPBr89omC6R35woPfwfQere5L1NqZjbIOp6_nNq_2STIr4nkrpHXJB9-9gI3frstBB9Kie9dx86aWka2VILgH0SqBmm6Q1yCnZbghRoXDytTjqjuGQNi5xyjSY-FUyjY1g1Q6kq2w99FivkH9_SDprNNVw=\u0026tt=7\u0026dmn=quge5.com\u0026js_build=iclick-v1.1786.2\u0026userId=00832e212b3c4a14fe7c8e72d14f4551\u0026tspl=946\u0026cslt=0 HTTP/1.1\r\nHost: 6opo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/3bT/27mJf/universal.min.js?v=3.1.647","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auqot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:23:59 GMT","end":"Wed, 10 Jun 2026 11:23:58 GMT"},"fingerprint":{"sha1":"14:A8:2D:22:A8:09:DC:5B:43:9D:40:02:75:C3:6A:D8:21:BE:2A:B8","sha256":"06:01:25:3A:07:1E:8E:08:B6:6B:13:CA:55:0F:5A:F4:71:D1:83:4C:E5:A2:58:6C:E2:AF:88:DB:52:49:92:D1"}}},"request":{"raw":"GET /3bT/27mJf/universal.min.js?v=3.1.647 HTTP/1.1\r\nHost: auqot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 11 Mar 2026 08:40:23 GMT\r\netag: W/\"69b12a77-1025e\"\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66142,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c9e31d64f51ae8755a764923b0475d37","sha1":"a8329479317ceb489c249662abf9233160a49b8c","sha256":"a995cb39a06239ddc3e18a62f3894eec4b6c245cea6868c02071a25e003f8433","sha512":"a2dd4e3363e2d5d3cfe90908a5db991a3f2ee6a0513f78e77cd919dfd9affd5f1c1eec84571ae752ab8f6548147fe3879880913a392a44f7bb5919ca2d5e06ed","ssdeep":"1536:3i+dDRL6pjQ8gPDWWsWOI5Xj5+22A9UZI3+Mat:3iGpkI5N+JqcIud","tlshash":"4f53da922f75ec9513f5a7c3d01fa612d361c940b8a6f4a0a51ee5e214210d9cfebee3","first_seen":"2026-02-20T14:20:13.28327Z","last_seen":"2026-06-15T03:29:54.225628Z","times_seen":424,"resource_available":true,"data":null}},"time_used":161,"timings":{"blocked":62,"dns":1,"connect":27,"send":0,"wait":28,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/zone?pub=0\u0026zone_id=10479304\u0026is_mobile=false\u0026domain=haafedk2.com\u0026var=\u0026ymid=\u0026var_3=\u0026tg=0\u0026sw=3.1.647\u0026drf=","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auqot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:23:59 GMT","end":"Wed, 10 Jun 2026 11:23:58 GMT"},"fingerprint":{"sha1":"14:A8:2D:22:A8:09:DC:5B:43:9D:40:02:75:C3:6A:D8:21:BE:2A:B8","sha256":"06:01:25:3A:07:1E:8E:08:B6:6B:13:CA:55:0F:5A:F4:71:D1:83:4C:E5:A2:58:6C:E2:AF:88:DB:52:49:92:D1"}}},"request":{"raw":"GET /zone?pub=0\u0026zone_id=10479304\u0026is_mobile=false\u0026domain=haafedk2.com\u0026var=\u0026ymid=\u0026var_3=\u0026tg=0\u0026sw=3.1.647\u0026drf= HTTP/1.1\r\nHost: auqot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 510\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":510,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"186d3448c43024d12a6e278801e49e83","sha1":"234d3d23d42c8c9dfc240bc1fcf506714c244603","sha256":"64b9bd40e3389501f1ba6f11ce54f9d10d9baa60749d0753a3210e48e46931b7","sha512":"d6fd820533f6db78fae8ba8addf7ef91f501e9171b322f926d544971d7cc84bc7e5e731d48f455a0cde343522b4694e58e7789d7a44b589fc1831342c68e3a0c","ssdeep":"","tlshash":"e4f0c9381ab4fe378d870bcca1eead0246fc9030a694ba89a0d91e6004a3fdc710524e","first_seen":"2026-05-06T23:22:37.721095Z","last_seen":"2026-05-06T23:22:37.721095Z","times_seen":1,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/favicon.ico","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 122608\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 14:07:53 GMT\r\nlast-modified: Tue, 05 Aug 2025 11:31:51 GMT\r\netag: \"1deeb-6891eba7-edd85ed585458f6;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 9e93da2c1e05c517c3f647cbde440730-fra-edge2\r\nx-hcdn-cache-status: REVALIDATED\r\nx-hcdn-upstream-rt: 0.008\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":122603,"size_decoded":0,"mime_type":"image/x-icon","magic":"Targa image data - Map 32 x 57045 x 1 +1","md5":"9c5bb1cd64c616aaa2b8c25fb5286ce2","sha1":"0df1874112f005340efc732dc54a1fa9680095cb","sha256":"14b273c439040e68bdb28499fa428b3e23d34c3d42e90e3b4e33c8afa214f98b","sha512":"3cf3dcdde66c392ea85c64734eb9dcda5b4afe10f62fcb444a3943df1a39762baff7fdbde40a63b5ffb19c4b50bc7d2232874953c0624e9d37400a4b240c1ffa","ssdeep":"3072:gY14TGwLmdzAwe+bTA513er/uB0UGeD2Jw3degA:gY7dZBQ5d6uB3XD2qtM","tlshash":"9bc31265d9f3d69eaaa000bb160f6c4fb9e3f150aac312f2cddd71c61e608446b37815","first_seen":"2025-06-01T18:08:29.066651Z","last_seen":"2026-05-06T23:22:37.722411Z","times_seen":8,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jmosl.com/401/10479303","fqdn":"jmosl.com","domain":"jmosl.com","tld":"com"},"ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jmosl.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:41 GMT","end":"Mon, 27 Jul 2026 05:11:40 GMT"},"fingerprint":{"sha1":"0C:27:DA:2E:5C:65:C7:04:ED:8C:54:30:46:77:99:60:22:86:AC:EB","sha256":"28:7F:59:A6:10:FD:C5:B8:A0:5A:51:7E:9B:6A:EC:42:1D:B9:E9:7F:07:50:5A:D6:9D:32:A7:7B:03:72:03:D4"}}},"request":{"raw":"GET /401/10479303 HTTP/1.1\r\nHost: jmosl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: cf80b1b3185a60e68d4f6ec6fba36302\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: max-age=86400\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=03032e3770cc40c9f697d93d3ad852b5; expires=Thu, 06 May 2027 23:22:08 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":167160,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9b6415c6836a9d71f1b59428b41f1769","sha1":"829689aa0d612dada18b3560336e330a89e7e998","sha256":"bde7386d451b6c794ab44248e6c10fbe8937dc53ed720535be6710f4eefe695f","sha512":"6423af48f8edba8da55964b634dad060fd2e3425ed6b565da0b71872ebd6fec4b23d11e576ae9dd47a8a0bdd8765b859688dd4c34c03229151c169c06cb2817f","ssdeep":"3072:e4gdwt2dH1rpnyMexIWBZ6rDZSny38DaDAr2DNtKGMyJHGBJVRzJgf4jZXGejUso:8H1rdJexIWCIny8DZC+y6Jb1gf4jZXGF","tlshash":"e9f3d7c876c270a41a937160417f6d1fb62b5d21b89fca14d526e5e93f3840b93a3eec","first_seen":"2026-05-06T13:15:04.387394Z","last_seen":"2026-05-07T03:34:49.016681Z","times_seen":4,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":96,"dns":19,"connect":28,"send":0,"wait":52,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"jmosl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 05 May 2026 18:45:30 GMT\r\nexpires: Wed, 05 May 2027 18:45:30 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nage: 102998\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-16T17:46:35.805536Z","times_seen":287183,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":175,"dns":3,"connect":21,"send":0,"wait":8,"receive":3,"ssl":147},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/event","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auqot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:23:59 GMT","end":"Wed, 10 Jun 2026 11:23:58 GMT"},"fingerprint":{"sha1":"14:A8:2D:22:A8:09:DC:5B:43:9D:40:02:75:C3:6A:D8:21:BE:2A:B8","sha256":"06:01:25:3A:07:1E:8E:08:B6:6B:13:CA:55:0F:5A:F4:71:D1:83:4C:E5:A2:58:6C:E2:AF:88:DB:52:49:92:D1"}}},"request":{"raw":"OPTIONS /event HTTP/1.1\r\nHost: auqot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid\r\naccess-control-max-age: 86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/event","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auqot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:23:59 GMT","end":"Wed, 10 Jun 2026 11:23:58 GMT"},"fingerprint":{"sha1":"14:A8:2D:22:A8:09:DC:5B:43:9D:40:02:75:C3:6A:D8:21:BE:2A:B8","sha256":"06:01:25:3A:07:1E:8E:08:B6:6B:13:CA:55:0F:5A:F4:71:D1:83:4C:E5:A2:58:6C:E2:AF:88:DB:52:49:92:D1"}}},"request":{"raw":"POST /event HTTP/1.1\r\nHost: auqot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://haafedk2.com/\r\nContent-Type: application/json\r\nContent-Length: 399\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":399,"data":"{\"code\":\"custom\",\"zone_id\":10479304,\"sw_version\":\"3.1.647\",\"pub_zone_id\":10479304,\"trace_id\":\"cd890756-0ec5-41c6-b3a1-84532bccd985\",\"oaid\":\"2af4087a03144cca804f84ce65c135f6\",\"ip\":\"91.90.42.154\",\"geo\":\"no\",\"location\":\"https://haafedk2.com/index.php?a=register\",\"domain\":\"haafedk2.com\",\"install_ctx\":{\"country_code\":\"no\"},\"pub\":0,\"installer_type\":\"universal\",\"event_type\":\"hit_page\",\"timeOrigin\":1795}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 81\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0da7e503a74c441aeec3f007173b55e0","sha1":"13368e024b42f1f25009cb87cfc4903f710f1626","sha256":"03d9ecea5e5abfb211f1515489ccb84c4dce85fb0a2feb36abc15b408a27dd8f","sha512":"4547125b6c282a21a85fe6a2f9ec935e8fc022546e75ac1a46a4f91e87e879612ba913858cb398adbb8bd732922db88263937b650c695f47507eabd1afbf04a1","ssdeep":"","tlshash":"20a012e0004c441004849209a495ed00187c48b3a5410060463e3e24422430100800b1","first_seen":"2026-05-06T23:22:37.713734Z","last_seen":"2026-05-06T23:22:37.713734Z","times_seen":1,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"094kk.com/500/10479302?excludes=26072692\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=2\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"094kk.com","domain":"094kk.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:13.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"094kk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:00 GMT","end":"Mon, 27 Jul 2026 05:10:59 GMT"},"fingerprint":{"sha1":"43:7D:6F:F8:BE:84:B1:67:0E:D0:19:51:41:B6:FE:F5:F1:AF:B5:83","sha256":"CC:96:0C:4D:D6:0C:2F:D9:57:9E:67:96:0C:E3:CB:B2:CE:8F:47:A2:3F:CF:4D:81:81:EF:B6:54:52:46:8A:42"}}},"request":{"raw":"OPTIONS /500/10479302?excludes=26072692\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=2\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: 094kk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:14 GMT\r\ncontent-length: 0\r\nallow: GET, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 600\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/style.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/style.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 4275\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:37 GMT\r\netag: \"57b5-696bdab1-484b5560def8a30a;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: f7abdf7dbb47d64ee10b6d7d5523d0f2-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":22453,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text, with CRLF line terminators","md5":"91de9f9cc998c8bb71691516ec62acf1","sha1":"30602df2fe162f3bd73ca7300487d11c84c2edf2","sha256":"fabd5665439cce8578ede7179363b5fa1dd5a3eb15d72b8998cd3d9e9687f2fd","sha512":"881a3b524d567fc1ca12534d574a20066211b9398361e0d9e317a7d340aeba09d6305333b5daded1a646bd77c61c5c9a91fdc44af2dc12f284a6333ccbb2ad5f","ssdeep":"384:C4GLFg3OFJ6V+DJp0x4039CgC3JTVgKJL7v+vJfDn1RyS3a8Q2skRyFVsjh1ZdkB:ELFg3OFJ6UDJpxmIgC3JTuKJPv+vJfDQ","tlshash":"f1a265bde617204fa333aaa5bff42b557e5840239a0641edf5f07205d2c85b936b0acd","first_seen":"2025-07-01T00:21:49.37037Z","last_seen":"2026-05-06T23:22:37.725609Z","times_seen":9,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/jquery.raty.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.063Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/jquery.raty.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 2640\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 16:05:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:22 GMT\r\netag: \"2051-696bdb1a-9e5a856e0fac45aa;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\nretry-after: 60\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 31559\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 2c5a413e914259d1636b4c76157820f3-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":8273,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (8081)","md5":"86a847667db14615f2250f7e514c8c66","sha1":"7b308dedd78e158b1dc55f215909336b830c6749","sha256":"95e661e05ce7526f3a5527278e565ad71cda9dca5b80d72a0ce76bad97353a9f","sha512":"46cd8d256492da4123f776c2745cc8f4521ef4fc6c020d8b583e9052aa764c9c9fbcf75e1fdf89fc5cf7c0313fc2e9e2770d3bbc8dc84edc0633532259c0b906","ssdeep":"192:vdlRLpMwO35XNARENbYnPP3wGCGGtQ//iuX8:vdlXMt3HgENM3w7Q//iuX8","tlshash":"c1021fc8b38571069de33370249e674ee333ed8b9642402d783dc6d5ef6988995b2e78","first_seen":"2023-03-07T12:03:44Z","last_seen":"2026-06-15T08:57:30.421907Z","times_seen":422,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/buttons.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/buttons.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 0\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 13:16:18 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:20 GMT\r\netag: \"0-696bdb18-9ded68267d9f15c8;;;\"\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 554422\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: b6218d78e086cb70178d80496088a8f5-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/x-javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/jsoft-scripts.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/jsoft-scripts.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 5374\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 16:05:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:39 GMT\r\netag: \"5df6-696bdab3-b533eb4005899698;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\nretry-after: 60\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 31559\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 5dced09ce702ad05130176ff488d3957-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":24054,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"1395db4ed4a1ffc6febb4e5a4e04246f","sha1":"93dbb16c1d8ec911ec39e4d01fe12577a0f834c2","sha256":"d274cd90c232f3a36078d53040e72c4a059c1688568bfa4f8fb8b8d2c43ea061","sha512":"e290e39e72a06eda5aebd15d91b3a2873c1af0a183dbae812a07089ffd0066b6c9a4d2baa0c17bb44263e3ab6c813d100ef2506c2f03e64b11f8ad527d58318e","ssdeep":"192:jHWsyHggAnt7oci5T7SWwEfQ9m5aSIWSNUrYH8V4vsdg4gMktzjcsfPLC3zX97+o:jH/yAgG7oAmzjZ/mjC3zXVSjfFuZhSQ","tlshash":"aab23658bdb9202021bf30af19efd9013165d427428acd51f99c9cb44fe4a6872a7be9","first_seen":"2025-04-22T11:15:07.736002Z","last_seen":"2026-06-01T13:31:18.22234Z","times_seen":19,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/pfe/current/tag.min.js?z=10479304","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auqot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:23:59 GMT","end":"Wed, 10 Jun 2026 11:23:58 GMT"},"fingerprint":{"sha1":"14:A8:2D:22:A8:09:DC:5B:43:9D:40:02:75:C3:6A:D8:21:BE:2A:B8","sha256":"06:01:25:3A:07:1E:8E:08:B6:6B:13:CA:55:0F:5A:F4:71:D1:83:4C:E5:A2:58:6C:E2:AF:88:DB:52:49:92:D1"}}},"request":{"raw":"GET /pfe/current/tag.min.js?z=10479304 HTTP/1.1\r\nHost: auqot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 11 Mar 2026 08:40:23 GMT\r\netag: W/\"69b12a77-72a3\"\r\naccess-control-allow-credentials: true\r\ncache-control: no-cache\r\npragma: no-cache\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29347,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (29347), with no line terminators","md5":"817e93cf8047aa6976d8cb049a266227","sha1":"f7375f6bb7f11c483f9508ca0f5493c062eca92c","sha256":"11b8e2b9af65ec7320596f5f3df22c42f23bc0543ba7bd4b2a88da8b8e276c99","sha512":"21b98c4399b1279f27bfe8799f41eb412a6744a2e2022b9f1ed1420aec0c629fa740e88c3bc782b49642f87f02e8519954596f042a27c620bc9fd7ab778beee6","ssdeep":"768:K8Dyxcwel2z/8nZKHIMfDSXEWtRPl8hEcTet/pUH5d5i5sBa0+GMSkiHxa5apHJW:+d/zR2XEWLd8cQxAt8pHJYqcyUR","tlshash":"86d2c7813fb7645127d127c3d07fd16a93a6960534aef5e3a40e659228720ca8fb3f63","first_seen":"2026-02-20T14:20:13.318306Z","last_seen":"2026-06-16T15:32:44.351642Z","times_seen":390,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":101,"dns":20,"connect":29,"send":0,"wait":54,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 05 May 2026 18:45:30 GMT\r\nexpires: Wed, 05 May 2027 18:45:30 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nage: 102998\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-16T17:46:35.805536Z","times_seen":287183,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":127,"dns":4,"connect":8,"send":0,"wait":8,"receive":11,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"094kk.com/500/10479302?excludes=\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"094kk.com","domain":"094kk.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"094kk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:00 GMT","end":"Mon, 27 Jul 2026 05:10:59 GMT"},"fingerprint":{"sha1":"43:7D:6F:F8:BE:84:B1:67:0E:D0:19:51:41:B6:FE:F5:F1:AF:B5:83","sha256":"CC:96:0C:4D:D6:0C:2F:D9:57:9E:67:96:0C:E3:CB:B2:CE:8F:47:A2:3F:CF:4D:81:81:EF:B6:54:52:46:8A:42"}}},"request":{"raw":"OPTIONS /500/10479302?excludes=\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: 094kk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-length: 0\r\nallow: GET, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 600\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"094kk.com/impression/JyrbUfolLpyCa1LQ6vLvF3AVK-zEb7FCeynmZ1CaaNXxWONZ4QbM2O45qtyKMmAYgJ9b8-ObI7x96BTmnBmsYAJ34cqUeKPpTf8vufjlTjAteYCNNduIgaiynjpeJs6U0Koxx_wMJeBXiVGtDbrg0xbfiAnke5U5G6BrPpkYdJhsRbzWwl3QE_tQMwCc7qjQylaBSf8it9k3HGozbiwPwn7suSMdPZCrA0wY0_Bc6xq7CTCC9DRyXqz6Mv9HPBHyybydzJcODcOcayoJT9TtZIjqgGjVZsgm5PDj_CAzXmWsRIfqj3Xx-IHaxqnL74irb83LcNUXu8VbnlGqn-nlZeD8wQJHRBnTmoTZ-gsifdXHKNvzdDI6DdhzSfY2qtS8b03l_MGRo-30tnk1DM2WgDV3BSwwuRnwIlVEe7_l42pKkTnw_5hF2JWqiVtMb8e291eh1Su4pqn_KwqZCyZCSRLXadOsZrxsIqPkDNOC-mwc895lUF5zkOhTA74TQso-K2M_jauLziv8aSqGlMKtpz4I_OdYaVx3XdslBHNvmpI4hVCkdCH9YjJ-lbK6RB9eNUsm03RvR2EiG_bo4YtL1BtIOALlvLxBGEnrh6k92nq7TW-KV6oVC2AlNGhlFL2hvnLIEl-AtGdmd8OtPaEPOUhl-5j__AfmFzu409jR_gEBY8wiIrdm4tPeLaRcWsnChnNzc4sOY_r4biA9feP5rQaVNwiEASOKKYt1eok4Q4npw3VkUpwtiepB5uplOyi5GkI5GeEeKgkZAIH6ugs4Obzf2_SjWiXgNFiubUZCkjb_rA8ZZpU53FBOqjmvf91WmQgSWiRMyzFQm6S3vVzhuA_hKEkR6nYJY6h6_rnm9mLRqwtrS42H7w==?_z=10479302\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"094kk.com","domain":"094kk.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:13.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"094kk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:00 GMT","end":"Mon, 27 Jul 2026 05:10:59 GMT"},"fingerprint":{"sha1":"43:7D:6F:F8:BE:84:B1:67:0E:D0:19:51:41:B6:FE:F5:F1:AF:B5:83","sha256":"CC:96:0C:4D:D6:0C:2F:D9:57:9E:67:96:0C:E3:CB:B2:CE:8F:47:A2:3F:CF:4D:81:81:EF:B6:54:52:46:8A:42"}}},"request":{"raw":"GET /impression/JyrbUfolLpyCa1LQ6vLvF3AVK-zEb7FCeynmZ1CaaNXxWONZ4QbM2O45qtyKMmAYgJ9b8-ObI7x96BTmnBmsYAJ34cqUeKPpTf8vufjlTjAteYCNNduIgaiynjpeJs6U0Koxx_wMJeBXiVGtDbrg0xbfiAnke5U5G6BrPpkYdJhsRbzWwl3QE_tQMwCc7qjQylaBSf8it9k3HGozbiwPwn7suSMdPZCrA0wY0_Bc6xq7CTCC9DRyXqz6Mv9HPBHyybydzJcODcOcayoJT9TtZIjqgGjVZsgm5PDj_CAzXmWsRIfqj3Xx-IHaxqnL74irb83LcNUXu8VbnlGqn-nlZeD8wQJHRBnTmoTZ-gsifdXHKNvzdDI6DdhzSfY2qtS8b03l_MGRo-30tnk1DM2WgDV3BSwwuRnwIlVEe7_l42pKkTnw_5hF2JWqiVtMb8e291eh1Su4pqn_KwqZCyZCSRLXadOsZrxsIqPkDNOC-mwc895lUF5zkOhTA74TQso-K2M_jauLziv8aSqGlMKtpz4I_OdYaVx3XdslBHNvmpI4hVCkdCH9YjJ-lbK6RB9eNUsm03RvR2EiG_bo4YtL1BtIOALlvLxBGEnrh6k92nq7TW-KV6oVC2AlNGhlFL2hvnLIEl-AtGdmd8OtPaEPOUhl-5j__AfmFzu409jR_gEBY8wiIrdm4tPeLaRcWsnChnNzc4sOY_r4biA9feP5rQaVNwiEASOKKYt1eok4Q4npw3VkUpwtiepB5uplOyi5GkI5GeEeKgkZAIH6ugs4Obzf2_SjWiXgNFiubUZCkjb_rA8ZZpU53FBOqjmvf91WmQgSWiRMyzFQm6S3vVzhuA_hKEkR6nYJY6h6_rnm9mLRqwtrS42H7w==?_z=10479302\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: 094kk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nCookie: OAID=00832e212b3c4a14fe7c8e72d14f4551\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:13 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-trace-id: 10d33ac1e201e6a9d41bce5a7d5d6369\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-06-16T17:07:13.132506Z","times_seen":101431,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/main.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/main.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 15672\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:35 GMT\r\netag: \"1af10-696bdaaf-35a7e534e89d46c3;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 4b11fc67435f6e302ea99b0e13254803-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":110352,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"4c000f70951ccef48480e13c28fbca77","sha1":"1a5cbd32feffbab1fbf5eb1369799708eea4e404","sha256":"b4d0fb6756787b1ecfc2dd90f58a2b8c9bce15d7136fe3d9a72bb94ca0085403","sha512":"55b06c8590163aca7d94b8814a650e0037563916b2e6ac9aeaa0c0b13a368fc402a717c7a8d3255debad2e43db097b83db3aaac66042fb0965094644e5ed9329","ssdeep":"1536:0lm0CoYcyJRHARBPAnkKITIadY9svXI9TagL9AeMn3mSd48CunMgLJeZUvq+9ZAe:dXJRG6SmSH5FS9D83KtSc4BrnJI1Vq","tlshash":"8cb373d5e7f61a18b01a922876927fba376c0003d54edc74aff5241cae88bd4927378d","first_seen":"2025-04-22T11:15:07.712561Z","last_seen":"2026-06-01T13:31:18.241744Z","times_seen":18,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/owl.carousel.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/owl.carousel.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 469\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 16:05:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:36 GMT\r\netag: \"5cc-696bdab0-f288c2ff0e7d44d3;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\nretry-after: 60\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 556786\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 75afe577e322013be86230797231f16c-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":1484,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"40cbb283bf284a1f98c5d55dea4d9fd1","sha1":"0be45b6f7e89cc63b107faf7247d442c19b4a5a3","sha256":"bfc6bd5897a2fb34472797895a2fd4923d4d8cb1a4b24e493601374a2359125e","sha512":"7a9c3f050edb8e82e93206ef857f08970feb53c600d086c0edc25577cf02565ed8dad34fa702ae723b7eaa87d1e318d5fe238a81243f68186172a2f2499e601c","ssdeep":"","tlshash":"5c315bf011342689652bc79e4adfa7181a3ee0129d025d4f765f1e0e47cee4e611fb4b","first_seen":"2023-04-12T08:42:16Z","last_seen":"2026-06-01T13:31:18.21713Z","times_seen":34,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f\u0026ruid=8b6a1f99-8426-43a4-8b3a-80fea6b4f683","fqdn":"fleraprt.com","domain":"fleraprt.com","tld":"com"},"ip":{"addr":"139.45.195.252","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fleraprt.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 Jan 2026 00:00:00 GMT","end":"Mon, 11 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"EB:E7:45:0B:C5:08:D8:7F:87:47:B3:6F:7B:0C:95:B3:ED:B5:92:AC","sha256":"37:B2:1A:19:FC:C4:69:69:2F:A0:6E:DA:D4:97:23:4A:C3:A5:FC:C4:C2:EE:FE:8C:AA:FD:3A:C0:4B:AD:40:B2"}}},"request":{"raw":"POST /async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f\u0026ruid=8b6a1f99-8426-43a4-8b3a-80fea6b4f683 HTTP/1.1\r\nHost: fleraprt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 804\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":804,"data":"L\u001b[_\u001e\u0000\u001c\u0006*\u000b^\u001b\u0018T\u0004HT[^\u0016\f\fC\u001b\tMX\r\n7\u0017\u0003LKC\tMH\r\u0003\u0013F\t\u0004Y^\u0011\fJH[\u000b\u001d\u0003J\u000e\u0010W\u00065\u001a\u0002\u001fQLW\u0007\u0015\u0011R\u0013\u0017\u001a\u0000\u0014\u0010_\u0000\u0017^\u003e\u001e\u0007\u0006\u0017\u0016T]\u001b\u001b_S\f\u0001\u0015JOREE[Z\r\u0003\u000b\u0005\u0006k\u0007\t\u0015\u0003\u0011\u0007\u001e\u0006@YC[^D@\t\u0007^C_\u0010\u0006\n@U\f\u0002\u0001W\u0006\u001a\\B\u0003Y\u000bH\u0000\u0002[\bI^\u0016\u000f\u000bQP__\u001b\u0010\u001c7\u001c\u0006\u001aS[\u001bMH\u001a\u0019\u0013R\b\u0004Tf@Y\u000f\u0016\u001a\r*\u000b\\KC\u001bPZZ\\K\u0007^_\u0015\u0015\u0011W\u001e\u0012\u001c\u001a\u0001\u000bK\f\u000bf\b\u000eLQP\u0016BOTX^F\u001b\r\u001e\u0006*\u000b\\KC\u001bCFL\b\u0007G\u001a\u0002ZfZR%U[RW\u0012M\u001a\u0011R\b\u0004LGPW\u001b\u001eCV^i\u0013\u0000\u0026ZWX\u001aKU\u001b\u0002\u0006\u0007\b\u0019k\u0007\t\u0015\u0003\u0011\u0005\u0003U\u001d\u0002X\u0007\\\nJVV\f^[\u0016\u0016BOTV@BX^[JY@U\f\rQ\u000e\u000eLQPW\u000f\u000e_\\\u001e\\\tI\r\t\u0012@\u0014K\u000bf\u0014\u0003\nIH\u0016V\u000f\u0001X\u0002PC]TPAP\u000eDM\n\u0000^CS\u0010\u0007\u000f@\u000f\tUS\u001bR\u001b\\\u0013T\u0000Z[\u0015C\u0005\u000f4\u001bPLW\u0015\t\u0003\u000eIV\u001cZDPZZ\u001a\r\u0000[Z\r\u0017\u0003\rUR\u000e\u0001RKP\u001f\\@W\tKU\u001b\u0000\u000e\n\u0002\u0006]\u0001\u0003VUl_\u001e\u0017[R.\u0019\u001a\n\u0015P\u0004\u0004\u001a4\u001bPLW\u0015\bWTCUOQ\u0013O\u0001Y\u001f\rL^\fY\u0016\u0019\fX\u0006\u000e\u001eT\u0019PN\t\u0014\u0000\tP\u001a\b\u0007HBI\u0013R\b\u0004[PRB\u001f;\u0010\fWX\u001aKU\u001b\u0015\u0018\u000f\r\u0014]\r2DVFD\u0019\u0001\u0026\u0001\u0011@\u0002KH\tU]WXB\u0007LA\u0015XW@\u001f\u0016\r\u0001\u0006\u0007J6\u0010]CPLI^\u0016\r\fZIR_\u001d\n\u0026\u0001\u0011@\u0002K[\u0015C\t\u001b\u0018\u0006[\u00032^]l\u0007X^[\u0018\u0000\u0011P\u0002\u0010WCFL\b\u0007G\u001a\u0002ZfZR%V[RW@\u0014K\u001aU\b\t\u00054\u001bPLW\u0015CG\u0004BUTZMUT\u0004\u000e\t\u001b\u0007\u001dXP\u0018L\u000eXJG\u0014@F[DW\u000f]\u001d\u0011V\u0005HTI\u0011U\r\u0005R\u0014YEW\u0010\u0018\u000fWN\u001a\u001b\u0026L\b\u000eLQP\u0003^^\u0007ZU\u0001\u0019I\u0018Y\u0014P\u0015]\u001bZ\u0000GV]CRC[R\u000b\u0001S\u001eUMQ\u0013Z\u0000KU\u001b\u000e\u000b1\u0002\u0016\u0016TO\u0007\t\u000b\u0005H\u0001KYG\u0000\u000b\nMXP^\b\u000eEWV\b\u0000\u000bW\u0007N\u0002M]@S\u001aE[X\u0005\u000e\u0007\u001f\u001b[\u0000\f[fZR\tFC3(\u001fe\u0014"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.5\r\nDate: Wed, 06 May 2026 23:22:09 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://haafedk2.com\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":252,"timings":{"blocked":112,"dns":3,"connect":28,"send":0,"wait":28,"receive":0,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bobapsoabauns.com/www/images/4da440f7faf213353bb4c1c9f8811393.png","fqdn":"bobapsoabauns.com","domain":"bobapsoabauns.com","tld":"com"},"ip":{"addr":"172.67.166.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:13.949Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bobapsoabauns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 17:27:36 GMT","end":"Thu, 11 Jun 2026 18:26:20 GMT"},"fingerprint":{"sha1":"D4:5B:7E:3A:04:7E:B2:18:16:12:D5:8A:2B:EC:8D:E3:7F:C7:E1:8A","sha256":"47:9C:C7:9E:08:57:D9:D4:AC:41:C1:A3:48:7A:31:34:81:6C:9A:B5:7A:35:09:26:1C:67:C7:35:BC:B1:1F:32"}}},"request":{"raw":"GET /www/images/4da440f7faf213353bb4c1c9f8811393.png HTTP/1.1\r\nHost: bobapsoabauns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 06 May 2026 23:22:13 GMT\r\ncontent-type: image/png\r\ncontent-length: 6002\r\nlast-modified: Fri, 14 Mar 2025 01:16:14 GMT\r\npriority: u=4,i=?0\r\netag: \"67d3835e-1772\"\r\nexpires: Thu, 07 May 2026 14:20:44 GMT\r\ncache-control: max-age=86400\r\ntiming-allow-origin: *\r\naccept-ranges: bytes\r\nage: 32489\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=urzwZOkXQkm7ijEvIRaWRb0qC1jqFfWS5MWjLjmSakzFFaHUFMAnmgvzdi%2FfbVqFOxlIcn4UB6wUYdEIrxIDjJt%2BoBCLu5KpEShKRVNK3KS%2Fd8wHgGBkDFZRttOM%2FXz22UozSA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f7bb9cd3b810b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6002,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 561 x 561, 4-bit colormap, non-interlaced","md5":"4da440f7faf213353bb4c1c9f8811393","sha1":"1ce617cfb5d46b50563954f872d4c64f7bfe2065","sha256":"320eabc04656de65cc729fb3a97a058adbb998f269d90bb4307d9a4759383fed","sha512":"27130bddd9aa2fbe68d7e7362bea36d5b4b977811d33013476f8c779eb4b9f7b3aa028e32dcbbdb0f971859ebb940712491b43f329df6ae207a225defebeb225","ssdeep":"96:7rV8VTVQcYDuZDbVYw5dCeJdqZkW8gVkIfnz64Tb5+gn1vjGHwMG01G33Tx81aC0:duRQ9aZDbVYudCeJ4ZkW8YNnu4Igdj2e","tlshash":"08c19fad8989608c78bea22c52af46114dd81ea3fa4577079470a31173e9828377ba08","first_seen":"2026-03-18T02:00:23.73745Z","last_seen":"2026-06-15T15:52:20.260586Z","times_seen":261,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:14.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 05 May 2026 18:22:32 GMT\r\nexpires: Wed, 05 May 2027 18:22:32 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nage: 104382\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-16T17:50:07.645523Z","times_seen":191246,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"094kk.com/500/10479302?excludes=26072692\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=2\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"094kk.com","domain":"094kk.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:14.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"094kk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:00 GMT","end":"Mon, 27 Jul 2026 05:10:59 GMT"},"fingerprint":{"sha1":"43:7D:6F:F8:BE:84:B1:67:0E:D0:19:51:41:B6:FE:F5:F1:AF:B5:83","sha256":"CC:96:0C:4D:D6:0C:2F:D9:57:9E:67:96:0C:E3:CB:B2:CE:8F:47:A2:3F:CF:4D:81:81:EF:B6:54:52:46:8A:42"}}},"request":{"raw":"GET /500/10479302?excludes=26072692\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=2\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: 094kk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nCookie: OAID=00832e212b3c4a14fe7c8e72d14f4551\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:14 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: 184b9c371993b404b24df344c24b0f68\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nvary: Origin\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=00832e212b3c4a14fe7c8e72d14f4551; expires=Thu, 06 May 2027 23:22:14 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1903,"size_decoded":0,"mime_type":"application/javascript","magic":"JSON text data","md5":"0609c45de357ca89d8e4061e8f72530b","sha1":"4e2d942dcce7cda1d515621ec454489375b95dc5","sha256":"5ed9a62735bc8625b71b04a89422d8538b486ca88a2db3f57592208b0e977f45","sha512":"80310f2b8c3123d39eecc4e7e140e2e3521da5f3da61576d6c1f1606696d72430e97b451813f1024e9b0eced25deff1960db607e95562219a265bc1b2a65cd4a","ssdeep":"","tlshash":"8a411b6906c86153af2f538d889dec58c58e0c93b4a0e7debb2da40503dfb174ac64d6","first_seen":"2026-05-06T23:22:37.732953Z","last_seen":"2026-05-06T23:22:37.732953Z","times_seen":1,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"094kk.com/impression/5798iBUUX7RX3U_Z1qLM1mr7CPlbSEQZzbUr3acWPCrvKhiV7hyTaCogXF26z9tyMpsTWDG94hED-8GUojUS7tcaH26Lpnv_Q8q9CX4ve00YD4MVa1foRhqmzaT019wVnCMFKMggBaqO8JU1r99TEODW7tqTdGavgEWro-et9TJlAwxWPLgGgkeghGfjQcuTv6NADZGEhiJeEvVy1Co_8Y3SU6TQUHAM3hZ4yHUgCezrTA8Sn8gJrgeCBAv8u4saIiJEZMBRO9g9ASylKUiB8Hy1rfdfyBjNFlxlmrRrlY9F-PsDT4aq7WHFgmMHmBv52p1xxvM_IW1K3EmWiyfzGSy7VPPF_K7SGojIXJkzobWO_1yMPJbfu8UOiTjAt4Z8wF1SVjCyNv41wgR2FEvRBrP6Sff0RzZdx5vsg417Ejp4OuIRTw2nn5qKvOJec80QAVueXnk4R7_8-UirMH--84qww-zxa1W-pmtgvHPHKiHLCxWrFMUsuIVFRBN3PV4S_WQc0NCO0figyotL0LZBC6j5Yr8LDFtSlBREvhTmFkLmCwvn3IbO_Sc_MXz0XLlfI7EI1cp5ARtyQaLJV6kyLUbdxGUwV4kRZQdFl3eyxq9PCfKoHEeY_pFsVxicJpl2D9kJH7ONT7b22m8EiEiuOslCSH-VdlK56Hq24knbx-k64uFmJgKfbnOAaFWs8cpMxgy4nfKCtdDalD4QjhluKu_KoJEZ7Sz6waxDJ0BxgG3eLITdQrGY84qSVGxXjhCPg-JJtU97Cb_FG1B2D9tuTxHluhb75VjOku84qVxPN5GEsCedLtUKAM4TC62szQp2Q0LOSNUFenlWdvVcAdu6doCoJSDp4TtjDpiOhQOE-f_8ZkIZvWmSOg==?_z=10479302\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"094kk.com","domain":"094kk.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:16.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"094kk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:00 GMT","end":"Mon, 27 Jul 2026 05:10:59 GMT"},"fingerprint":{"sha1":"43:7D:6F:F8:BE:84:B1:67:0E:D0:19:51:41:B6:FE:F5:F1:AF:B5:83","sha256":"CC:96:0C:4D:D6:0C:2F:D9:57:9E:67:96:0C:E3:CB:B2:CE:8F:47:A2:3F:CF:4D:81:81:EF:B6:54:52:46:8A:42"}}},"request":{"raw":"GET /impression/5798iBUUX7RX3U_Z1qLM1mr7CPlbSEQZzbUr3acWPCrvKhiV7hyTaCogXF26z9tyMpsTWDG94hED-8GUojUS7tcaH26Lpnv_Q8q9CX4ve00YD4MVa1foRhqmzaT019wVnCMFKMggBaqO8JU1r99TEODW7tqTdGavgEWro-et9TJlAwxWPLgGgkeghGfjQcuTv6NADZGEhiJeEvVy1Co_8Y3SU6TQUHAM3hZ4yHUgCezrTA8Sn8gJrgeCBAv8u4saIiJEZMBRO9g9ASylKUiB8Hy1rfdfyBjNFlxlmrRrlY9F-PsDT4aq7WHFgmMHmBv52p1xxvM_IW1K3EmWiyfzGSy7VPPF_K7SGojIXJkzobWO_1yMPJbfu8UOiTjAt4Z8wF1SVjCyNv41wgR2FEvRBrP6Sff0RzZdx5vsg417Ejp4OuIRTw2nn5qKvOJec80QAVueXnk4R7_8-UirMH--84qww-zxa1W-pmtgvHPHKiHLCxWrFMUsuIVFRBN3PV4S_WQc0NCO0figyotL0LZBC6j5Yr8LDFtSlBREvhTmFkLmCwvn3IbO_Sc_MXz0XLlfI7EI1cp5ARtyQaLJV6kyLUbdxGUwV4kRZQdFl3eyxq9PCfKoHEeY_pFsVxicJpl2D9kJH7ONT7b22m8EiEiuOslCSH-VdlK56Hq24knbx-k64uFmJgKfbnOAaFWs8cpMxgy4nfKCtdDalD4QjhluKu_KoJEZ7Sz6waxDJ0BxgG3eLITdQrGY84qSVGxXjhCPg-JJtU97Cb_FG1B2D9tuTxHluhb75VjOku84qVxPN5GEsCedLtUKAM4TC62szQp2Q0LOSNUFenlWdvVcAdu6doCoJSDp4TtjDpiOhQOE-f_8ZkIZvWmSOg==?_z=10479302\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: 094kk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nCookie: OAID=00832e212b3c4a14fe7c8e72d14f4551\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:16 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-trace-id: dbf4eab5b668a78361fd226ee69c13a5\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-06-16T17:07:13.132506Z","times_seen":101431,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/echo.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.059Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/echo.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 692\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:20 GMT\r\netag: \"62f-696bdb18-2460c9555242b10f;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 2ea63f52599dac294d7d8305cbbe6c8e-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":1583,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1503)","md5":"046ea20e950ce65464b0a3627f2fcec9","sha1":"c984f621ab86e4b94c9da5271f435ab3d554b06f","sha256":"28474fd0989f56bcd1822eb9eb34f25662c897ed216f02ea808e259b91795993","sha512":"1d54f7b5749b52ec8e8bcb37f29bcf8b9ccb7fc0ba97e7ebccc7cc93afb639ddf8dd4a2582cedf00a249015a211881a611e1aea5226e1a3a5ec5595ba40081a5","ssdeep":"","tlshash":"4131e1997605a5b30993e2f4956eaa462a3321b3680bb840801e9cb04878cec6537f98","first_seen":"2023-03-08T00:58:02Z","last_seen":"2026-06-14T10:17:08.945149Z","times_seen":243,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:41 GMT","end":"Mon, 13 Jul 2026 08:36:40 GMT"},"fingerprint":{"sha1":"02:32:5A:C8:A9:9E:51:3B:E6:B9:C2:90:57:59:03:86:2E:5E:AF:0C","sha256":"B4:3F:61:34:DD:CF:DC:F3:4F:B9:A3:80:2B:A9:7F:C1:65:62:81:5A:B1:86:17:32:64:43:A8:E7:64:F6:2D:D9"}}},"request":{"raw":"GET /css?family=Open+Sans:300,400,600,700,800 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 06 May 2026 23:22:08 GMT\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":28970,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"328a662db3e49d1a97e74cbfc579969d","sha1":"0d1bf6a062676bbb124f372e6a0336fd18bf1dfc","sha256":"424e21de2cf3baefa0efc8379fc58703d5c5b860beae3a1e715bb08b6b37b1dc","sha512":"514a75956b1d16addfbff9aa8383976a5d5d80d3eb002fd31f8f004ada796de209cd79cc4a604172a607c484e74964628e7404dc064fc63b5135f3c57971a3a1","ssdeep":"192:NCddw24WrqKnbqGIwV4Mrz7xCAAN21/rqbnbqGIwV4RazqbCuuH2PlrqxnbqGIwr:0AYqY4tjXqY4ahhqY4tU8qY4FX7qY4o","tlshash":"2bd22aa00027185063431de623de7e34ee0fa2657048d0766bfd8b9beedad6963b435d","first_seen":"2025-09-17T06:17:00.274093Z","last_seen":"2026-06-16T15:52:39.69335Z","times_seen":5724,"resource_available":true,"data":null}},"time_used":362,"timings":{"blocked":153,"dns":1,"connect":28,"send":0,"wait":47,"receive":0,"ssl":130},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6opo.com/88/203046?dmn=quge5.com","fqdn":"6opo.com","domain":"6opo.com","tld":"com"},"ip":{"addr":"139.45.197.246","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6opo.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 05:09:53 GMT","end":"Wed, 10 Jun 2026 05:09:52 GMT"},"fingerprint":{"sha1":"41:DC:F1:85:77:F0:0C:F0:6D:99:D3:49:49:8E:4F:0D:1A:14:09:2D","sha256":"FD:E1:4B:BF:9B:78:74:32:4B:0E:54:76:B4:05:F4:6A:0E:A8:97:7E:62:4C:1F:55:23:3B:F5:48:DE:D9:3C:50"}}},"request":{"raw":"GET /88/203046?dmn=quge5.com HTTP/1.1\r\nHost: 6opo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/json\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\ntiming-allow-origin: *\r\npragma: no-cache, no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4171,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"43562885a41b3055c2c8f87848285d48","sha1":"b72a4332a930998d7248c9cfe79534221ca334e2","sha256":"16bd792c6ce5dcbbd7d4b3357766ae29e04513077670bd781040b69721a19e39","sha512":"b2c6348f27e361eb63fa88c81e15419403c15ea3fed6da72aed2da6561be8e414fe1d1d13fb1b390a63ca337b1eda5cbd15158664402d4405a02f50d8b0c86a3","ssdeep":"48:YyLcWcrcWvZu0a6tLhZh8E/SoNuIhlXHp1s+P3JbEbfjkxu97pcWcGkDWgz/:2ztkE6oNphlXJHJYyu97Sz6gz/","tlshash":"6281915cd9a92a7f8a1a51decc375a630738149b35c078eac2e91c4920db0c943b9b0f","first_seen":"2026-05-06T23:22:37.735222Z","last_seen":"2026-05-06T23:22:37.735222Z","times_seen":1,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":74,"dns":10,"connect":28,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/event","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auqot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:23:59 GMT","end":"Wed, 10 Jun 2026 11:23:58 GMT"},"fingerprint":{"sha1":"14:A8:2D:22:A8:09:DC:5B:43:9D:40:02:75:C3:6A:D8:21:BE:2A:B8","sha256":"06:01:25:3A:07:1E:8E:08:B6:6B:13:CA:55:0F:5A:F4:71:D1:83:4C:E5:A2:58:6C:E2:AF:88:DB:52:49:92:D1"}}},"request":{"raw":"OPTIONS /event HTTP/1.1\r\nHost: auqot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 0\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid\r\naccess-control-max-age: 86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jmosl.com/500/10479303?excludes=\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=jmosl.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"jmosl.com","domain":"jmosl.com","tld":"com"},"ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jmosl.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:41 GMT","end":"Mon, 27 Jul 2026 05:11:40 GMT"},"fingerprint":{"sha1":"0C:27:DA:2E:5C:65:C7:04:ED:8C:54:30:46:77:99:60:22:86:AC:EB","sha256":"28:7F:59:A6:10:FD:C5:B8:A0:5A:51:7E:9B:6A:EC:42:1D:B9:E9:7F:07:50:5A:D6:9D:32:A7:7B:03:72:03:D4"}}},"request":{"raw":"OPTIONS /500/10479303?excludes=\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=jmosl.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: jmosl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://haafedk2.com/\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-length: 0\r\nallow: GET, OPTIONS\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace\r\naccess-control-allow-credentials: true\r\naccess-control-max-age: 600\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"jmosl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:14.007Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20556\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 05 May 2026 18:02:10 GMT\r\nexpires: Wed, 05 May 2027 18:02:10 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:43 GMT\r\ncontent-type: font/woff2\r\nage: 105604\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20556,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20556, version 1.0","md5":"8feefe1e602c4b14ff414a77c3af2c2c","sha1":"e57daae78e76c8944e97edecfa656f8608e09db5","sha256":"2addf2d86d7a5778653b36d551e97a39da52855f82fac7461cfc1bd86d460aed","sha512":"893f9695ee887eed00246f24d4ec3e17ed64e2af4fab055f951795f50d34f3685aafcfbda943060a132c42169d2ef5c99d3db4fb901d57a09e712b4ff02afd92","ssdeep":"384:tpv6fcCujSd2+uNZ0omwRnNPqfWvx/CldKV8D2w9lQXL79Ci5q8S/USM2BHRpWp6:fxC0So4wRhx90K6ywQLIWS8S5By5AR","tlshash":"8792e056b288746a77e4e3ecc859ae6c65ed9b0f0c1b15b909322122f196c4734930f9","first_seen":"2026-02-19T22:35:21.90447Z","last_seen":"2026-06-16T17:26:36.420206Z","times_seen":19382,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/wow.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/wow.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 1989\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 16:05:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:24 GMT\r\netag: \"17fb-696bdb1c-9e211c8af109ddda;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\nretry-after: 60\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 31559\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 57705afadf1f07865c6b83160158322f-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":6139,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (6108)","md5":"3ca2644d1da30f25f9391d2436e4f26b","sha1":"726770317740c2f772c62967ab11460cdc38624b","sha256":"ff8c1eeaabf27111c1f4a10651da1e10917e912db6a54cdc7a753d27bedde956","sha512":"60b456b4784ddb185c2e05fe4a0b0278113683ed43e49af79c957e09184891e0a1c775d92c3388940b43e9e7f250ce46da35eb9057e38c84b3ef44d1f8b97a9d","ssdeep":"96:tGqKWTAs5kF/suCJ5waOVEE1FnePgJqg4SImYadsQ:43s5EsuCJ5fOVEE7ne4JqgpIwdf","tlshash":"6ac175c9b7867035c79ba1f6873f0105a23a19acb418447cb6f984e57d348a99237f7c","first_seen":"2023-03-07T12:58:05Z","last_seen":"2026-06-16T16:28:41.019123Z","times_seen":629,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/images/icon-cart.png","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/images/icon-cart.png HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 810\r\ncache-control: public, max-age=604800\r\nage: 4731\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 231591268a81636066f824642df73a0b-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":810,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1a70d23735061acdf09548ab78201899","sha1":"5ac5ca9a132a40044b6a5ddb78f155488f787703","sha256":"340da6645f45f09221b1f238f48f2784931caa2f909c9f82d050a4c6fef12fa9","sha512":"2aadd57aec908e25f63628029c7c48c44e024042a8aece635b25b9975da0467fc0a0ec9c228fb6886f50d89dcd74644a68502da86fa7607acc7c6d93a23a44ec","ssdeep":"","tlshash":"2a0170167b714606e042f839498c738a06c815e122a0dfcbf20ec0e03fc29904f5b582","first_seen":"2026-05-06T23:22:37.737563Z","last_seen":"2026-05-06T23:22:37.737563Z","times_seen":1,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:13.941Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 20 Apr 2026 08:36:41 GMT","end":"Mon, 13 Jul 2026 08:36:40 GMT"},"fingerprint":{"sha1":"02:32:5A:C8:A9:9E:51:3B:E6:B9:C2:90:57:59:03:86:2E:5E:AF:0C","sha256":"B4:3F:61:34:DD:CF:DC:F3:4F:B9:A3:80:2B:A9:7F:C1:65:62:81:5A:B1:86:17:32:64:43:A8:E7:64:F6:2D:D9"}}},"request":{"raw":"GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 06 May 2026 23:22:13 GMT\r\ndate: Wed, 06 May 2026 23:22:13 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26935,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"0884e8d931818487176e13036ed24c91","sha1":"41cdee85bfbf1ec21d37a75ba943b02f6a006052","sha256":"1569faead504fad87314df59b1c41e8005925e8dd8be6a8e1600b43252f245ab","sha512":"5c2eed246d34b868dba07eac69f94967d132496913ec3a32ca3db10b545cee7d78eecb435ec3612e51747a9a45998d2d456dc0d37df9c862ab4b8d71de9e808c","ssdeep":"768:DFZFCFHFHFY4FRLFuFWFMFsbbYSRv4wFMl22YfRiJhan6BBYERNeWwhQHHYORjUF:9HIHTj","tlshash":"99c20da10417440097834ce223cebf35fe1f92507142d0b5abfd9b6baddbca652693ad","first_seen":"2026-02-19T23:47:10.293756Z","last_seen":"2026-06-16T15:11:14.675111Z","times_seen":1251,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/index.php?a=register","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-06T23:22:07.488Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /index.php?a=register HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 06 May 2026 23:22:07 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nx-powered-by: PHP/7.3.33\r\nset-cookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2; path=/; secure; HttpOnly; SameSite=Strict\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 577a9626bec0132f271715a69ef6285b-fra-edge3\r\nx-hcdn-cache-status: DYNAMIC\r\nx-hcdn-upstream-rt: 0.188\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"PHP:7.3.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WOW","description":"Reveal CSS animation as you scroll down a page.","website":"https://www.delac.io/WOW","common_platform_enumeration":"","icon":"","categories":["JavaScript frameworks","Web frameworks","JavaScript graphics"]},{"name":"FancyBox","description":"FancyBox is a tool for displaying images, html content and multi-media in a Mac-style 'lightbox' that floats overtop of web page.","website":"https://fancyapps.com/fancybox","common_platform_enumeration":"","icon":"FancyBox.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":50060,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (370)","md5":"90abdde29bbacefa4765e97d4659ee8b","sha1":"310ab424c0bf65a86236ca48dbc1cf7e0b37cd71","sha256":"f6df457523453dc40327b918b4a0fd9eed50ecf44aa80ea80d6737d3f8ffb630","sha512":"69d94cdc65f997827f044d3018f1805c14d21174a197fc9579f48ae2f63d097bc4ebede2db6e25fa1016104d3366f38c576ee1b58c600d83458ed83254114039","ssdeep":"768:2CvLrC2dT9N3xjzs5ihlMQWgZrY706sRZjF2GzevqEH:2myOT9A5ijMQWgZrY79sRZjF2GzevqE","tlshash":"bb23db123becc8a600bb58c814225a2cd4f68337f5554945f65d8bea3f7ae6dca3b118","first_seen":"2026-05-06T23:22:37.739197Z","last_seen":"2026-05-06T23:22:37.739197Z","times_seen":1,"resource_available":true,"data":null}},"time_used":387,"timings":{"blocked":87,"dns":34,"connect":23,"send":0,"wait":213,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/font-awesome.min.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/font-awesome.min.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 6625\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:34 GMT\r\netag: \"7906-696bdaae-af8be07e078076f7;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 665e63df5edc5357b19d605b9e925ce6-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":30982,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (30819)","md5":"f1084ded2cf974f6314f2df6f00c53d4","sha1":"f5224569701f68e04ac1df9da357ccc101e753a5","sha256":"5cfcdebf8f38725bebe6f58ff39a6d044806bca0220a1e0b7e3257f9ad7392d1","sha512":"6c9e1c14784757c6adde55c75eea5f0699d61ab0fb02401e41e708e732f50fd6e55a43ecf9610401f12ed6796f9e00b4bfdc45e2e1582cc63b5baa33f0d01af8","ssdeep":"384:EHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:Ewlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"06d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-10T11:41:59Z","last_seen":"2026-06-16T13:46:51.758752Z","times_seen":2829,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/opensans/v44/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48320\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 05 May 2026 18:45:30 GMT\r\nexpires: Wed, 05 May 2027 18:45:30 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 16:30:41 GMT\r\ncontent-type: font/woff2\r\nage: 102998\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48320,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48320, version 1.0","md5":"dcf31ebe107435bd68e0164d59e19b87","sha1":"b68160c9333af833fe483928b3ef7128c07a56a0","sha256":"d8e4fe0452aa2076429a9bb5d8757d00a994dd95986cf950e9a1a371b9a072a0","sha512":"130cd52c3cccc36a7029bf92b2ddb363b8b36d206454aacc246739919552fccec5cacbad615ba4ac3817da3e83239371fe51324bdadd08357e3495087f62cb08","ssdeep":"768:Jzqdwl5YV7FVmpudK5a8dF8D8Z7J78VGnNFZEKh02dmSTPe9UiallHcOEi2c0NC1:9q+SYuMaVwZ7oGRNh02dd6UialBcOEpE","tlshash":"1623f218f29471f7edecd4d500a18c72baa528d442f116ed07b8d53ca36ca817a729fb","first_seen":"2025-09-17T00:07:53.723302Z","last_seen":"2026-06-16T17:46:35.805536Z","times_seen":287183,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":115,"dns":0,"connect":8,"send":0,"wait":14,"receive":5,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"094kk.com/400/10479302?oo=1\u0026sw_version=v1.823.1-rc-s\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026st=true","fqdn":"094kk.com","domain":"094kk.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"094kk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:00 GMT","end":"Mon, 27 Jul 2026 05:10:59 GMT"},"fingerprint":{"sha1":"43:7D:6F:F8:BE:84:B1:67:0E:D0:19:51:41:B6:FE:F5:F1:AF:B5:83","sha256":"CC:96:0C:4D:D6:0C:2F:D9:57:9E:67:96:0C:E3:CB:B2:CE:8F:47:A2:3F:CF:4D:81:81:EF:B6:54:52:46:8A:42"}}},"request":{"raw":"POST /400/10479302?oo=1\u0026sw_version=v1.823.1-rc-s\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026st=true HTTP/1.1\r\nHost: 094kk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3492\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nCookie: OAID=03032ee684224618e2c81b346051a999\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":3492,"data":"{\"sync\":\"TBtSUh8cJhwUBWcfHEsSAwEFUA5MXwMBbAMlKz9KWUBcHAtKQ1AVSQZbGgxbGwkHVkYLASoQTktDCFNSQkkARB5PDQ0GGlgQAwdXWAhFW04WNRkDLUMHGmhOWl4lEwE3AhtnAAFmFgwNNAFVBjJEUWxFDTsKCQI9Wx4mWglIVFteFhoeaF1WQh8HDQ0RQAJZVRsLGRsKUA5eQRVXQ2kKAFtSRE4aARBVQ1BfXF4WGwRTGwkGVkYdGhNAAllVGxEGTFFCGEwDUBsJBlZGDRJXWApfVRsPCExRQhhMA1ZJEQxKSFsYAUACWVUbBBwPB1AOXkEVUVAUQFVVShEPGlNJFUMYGh9QDl5BFVpbaRUGE0pPUhRLF04+HQpJSARCT1hKUEYPRkNYWUBQAB1dBARMUUIYTA5fZlxUEDsQBhEHQEtDCU1IGQIcawUITkpsWh8KHhwdQAJZVRsCBQIEAGsKCEdNWxRAVFVKAwdWDRZLQ1BeR1BTDwBSSVJSCUZDWFlAVgUmVw0ZTFFCGEwOWFVcRCUDGAUAFhpTSRVDGggHUA5eQRVaQF9YXklEVwFUHVsDUUZMAQFETFcHFRFGFBBbUkVOGhkXSwJIVFteFh4BVk1VWQgJJgwQFl0KDVYTSFRbXhYACEQbCQIHSFsaHEACSxVVFwceAgJRTEEVS0UUQEY0DQYDGkVbSxEaTFFDB0JPQ0NcFEBUVUoCFRpTSAtZWkJJBVxMVwYJAQJWRg4BAkACWEsBUUZMHBtcTFcGCQECVkYOEFdYCEVbThhIVFteFgcVFQMDGlgTHwtXWAhFW0oAAkxRQwRcWRsbQF5YXkhYR1YUSwpOQ1BfWUoEQk9EWEQUQFVLUEVOGh0KZgUPGg4RQAsJFQMDGlgOCh0UQAJLNFYbAwIHExtbQwcZG2ETCh0HAhEYJy0ZUFpAW0kUOQRZDwcNWhxPXE5CSh9DCFJeQFtbFCkIVFJcGUhUSFhFUwhYWX8IGAsNHUxBXAQNHQZYSFsGBUACWFUbEQ5MUVBdABlSS11XFkkJDBNPTgAcTgQYVAIBZCdWXldHUwgKGARYElwPVE8IDxkOAA4HHmdwCF8UEBwaGwNURAldB0cYAhdDCx8NUEBmM18QBgEHSgcYVUwaCg1fQgcIQFxBDBMXKSFOC1YdHEsPCwJGAlAIQEFQVkEfFkMBBjJxUlsVQwIHB1AOX0EVTFpSWF4XHRkOFEsdSwdIVElQGEwdWxsJFBIQDRgGWBdGEVgADAsPGQZADlhUHF8UABwQWxJQGUZYXBgLDBtHGghFGx8UFANbUkVOGh0DG1tIOz8xFkJPWVsRDEtIWwYUEhpTW24IBF1ZUBhMHUMbCQZWRhweFA4aU0oOTUgGCFAOWlUbG1dbWF5UWVlASh0NG1tHX0dQVwYyWFtZFEBUVUobFRpTSBVDHQpJSFIPAURcHxQVFxoYAEACSzVQDx8WSwoMWDIBDREaWAwQDBEHVktDXwAGHQ5eFg0FaFZRXCUNFwwQGhpTVAhNSBkCHGsFCE5KbFofCh4cHUACW08MTUgNBB5bHDJTXENCEkZDWkFOGh8cVwUFHElIFkxBFV5SWx8UGAwGQAJZVRsPBkxRUFEAQGJqERpYChUbV1gaDBcUNDlCDhwWQk9UVl9ZCDseCRgXTEtDGxIYCQlQGEwdUVURDFhGVUoWDkxLQ0IcRkwBAURMVwYVEUYUEFtSRU4aGRdLAkhUW14WHgFWTVVZCAkmDBAWXQoNVhNIVBBQXR0yVldXRBUNHUpPBFkFClxNSAcYLUAcBFNcXUJYXh8JGRFdRVtQEjUNAwBbAwRCVGwOTDsWGioMXR4cS0NQCAoeRwtBFVBAaRkMCwcYC00EWwMHCwIYFxhMBERmVlIdAVtSEwNUGhwVQwMdNBVRDQZYGwlCCBEcRFcLSzYOXAM1BQIGFlQLVlVAU1ZGEBsqFV0LJlIIHjFdQgIxAkVmXVMNAQtKTwRZBQpcTUgHGC1QCx5cTVxGJRcYDhQQUUtDXwAGHQ5eFgceaFpbRBUJEB0YPVcZHEsASFQNE1gdCEoVEVgfF1tSV1EAXU0BU1NXUkoWQk9UVVpTFBAmARFAAksMVwoEARwcFkJPVl9VXxYNGBwQPVENWwNDSEJJBkYPC1FQUGkJCwwaFgdnAB0bW0hMR1BVChtSS0dfCQELNxwGGlNbG01IDQofRA8EUFdsXx5GQ0pXThoKDEoVBQM0G1AxXBUDERRWRhodBhZXBCZQBTVcSUgWTEEVWl9fGQ8mARFAAktbFUMJARgGFlRPFRURWx8QEQcRQAJLE0oVCwlJXhYcMkJQVxRARltEVw1ZNhBdQ1BMSV4WDwlTUEdfFQoYBCoLXBpbAzo3Ew==\",\"async\":\"TBtXQwgXW1IOQFoIDRtbWEJJGl0AGUQbCQRWRhsEAQoaU0sVQx8ADxdSBwNSXREMSUhbABwGXAwXZggMHAofUUxXDgsfFA4LDQkZQAJQSkRNSAwKBhZUFhVQQGkYBQ1KT1IUSxpRABgJAhxTTFcHFRFVEgULDxwMXzYNUAwPTFFCGEwJXkpQXhsWHgEbBWcdEFQESFRbXhYCCEFcXxRAVAREVwpRBw1KQ1AVFl4WDAFDUREMAUYKHQUSVxsNXAVIVA0TWB0IGxtSQBsNFQkXDl1LQ18ABh0OXhYcCFZKXFhYXlsGGk9WCA9QBgsaBAAZDAFCXEdZFRARSghOGgMKSQdIVBBQR0xXFU8CFFZGHUpPQA0+L287PFcNJGI4OwJoZgtYGVVKHQtcDRxXPgMIGRNZC08NCR8UGQgQDRsWZwAdG1tIGwUZWgEaWRsfFBsCHwEZC1kdHGYIDkxRUBZCT0NLUlAcDRo3Bg1NGxpcPgMKSUgWTEEVWFdAHxYNAQYHSjYQXUNQTEleFg0MWklSXx0KJgERQAJLWxVDCRsYBlsDMl5dbAdYXltKWUBbHApNDgcxAhZrXE8NGxEaWAcVARYJZwAdG1tITEdQVwEeQxsJFFhIWwUQFlAGHRtbSAQYBlUJTxsbQWkPDR1KT0AaRVtWADUHD1AOTE8bG1JSHg0NARoMWQUmUAUZTFEpaRM=\",\"quality_options\":{\"hil\":1,\"jsp\":1,\"ng\":false,\"ix\":false,\"pt\":false,\"np\":true,\"nw\":true,\"nb\":true,\"sw\":1280,\"sh\":1024,\"pl\":\"https://haafedk2.com/index.php?a=register\",\"wy\":0,\"wx\":0,\"ww\":1280,\"wh\":1024,\"cw\":1280,\"wiw\":1280,\"wih\":1024,\"wfc\":0,\"sah\":1024,\"navlng\":\"en-US\",\"drf\":\"\",\"wgl\":\"llvmpipe\",\"tb\":false,\"btz\":\"UTC\",\"bto\":0,\"pnt\":0,\"pnrc\":0,\"bml\":0,\"bmi\":false,\"vsbl\":true},\"client_hints\":{}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: application/json\r\nx-trace-id: 85d1b8a502d23dd3a465c02a8d81b1ad\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=00832e212b3c4a14fe7c8e72d14f4551; expires=Thu, 06 May 2027 23:22:09 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2539,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (2539), with no line terminators","md5":"b332c3c0404c252ceae89689945cbeb6","sha1":"f4c562cd950f25ce34fd3654c3472179a852b412","sha256":"decddd5f88406292f016a558da777025e9d96b69a3fe9d4ce6f043ace13e5518","sha512":"72b9ff2e1f0fb59a8ae777c7031e3b34fb55f90a07cbeeab83d5952b29521cf80ad17234509ecb24b6b9d6c364c031fd5bb89f25ec5b240739826528e75d53de","ssdeep":"","tlshash":"06512513bee47d2ff49e9250cf68b75ad37ed484b2f94689ce259b2d7bd4202206b400","first_seen":"2026-05-06T23:22:37.740879Z","last_seen":"2026-05-06T23:22:37.740879Z","times_seen":1,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bobapsoabauns.com/www/images/4da440f7faf213353bb4c1c9f8811393.png","fqdn":"bobapsoabauns.com","domain":"bobapsoabauns.com","tld":"com"},"ip":{"addr":"172.67.166.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bobapsoabauns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 17:27:36 GMT","end":"Thu, 11 Jun 2026 18:26:20 GMT"},"fingerprint":{"sha1":"D4:5B:7E:3A:04:7E:B2:18:16:12:D5:8A:2B:EC:8D:E3:7F:C7:E1:8A","sha256":"47:9C:C7:9E:08:57:D9:D4:AC:41:C1:A3:48:7A:31:34:81:6C:9A:B5:7A:35:09:26:1C:67:C7:35:BC:B1:1F:32"}}},"request":{"raw":"GET /www/images/4da440f7faf213353bb4c1c9f8811393.png HTTP/1.1\r\nHost: bobapsoabauns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: image/png\r\ncontent-length: 6002\r\nserver: cloudflare\r\nlast-modified: Fri, 14 Mar 2025 01:16:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67d3835e-1772\"\r\nexpires: Thu, 07 May 2026 14:20:44 GMT\r\ncache-control: max-age=86400\r\ntiming-allow-origin: *\r\naccept-ranges: bytes\r\nage: 32484\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YiIuWPF4kK4sJx9cxf%2Fcj2U88eMMtP5DWst3olW0dZqP%2BCCN8u16aEqWM42jpwHqM37ezsFzQ36i0MLnGsvRBYYcjjDbZXH8XCB2xD1JRxjetufRvlWJettjfmHnbjNDLja3pA%3D%3D\"}]}\r\ncf-ray: 9f7bb9b27a715685-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6002,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 561 x 561, 4-bit colormap, non-interlaced","md5":"4da440f7faf213353bb4c1c9f8811393","sha1":"1ce617cfb5d46b50563954f872d4c64f7bfe2065","sha256":"320eabc04656de65cc729fb3a97a058adbb998f269d90bb4307d9a4759383fed","sha512":"27130bddd9aa2fbe68d7e7362bea36d5b4b977811d33013476f8c779eb4b9f7b3aa028e32dcbbdb0f971859ebb940712491b43f329df6ae207a225defebeb225","ssdeep":"96:7rV8VTVQcYDuZDbVYw5dCeJdqZkW8gVkIfnz64Tb5+gn1vjGHwMG01G33Tx81aC0:duRQ9aZDbVYudCeJ4ZkW8YNnu4Igdj2e","tlshash":"08c19fad8989608c78bea22c52af46114dd81ea3fa4577079470a31173e9828377ba08","first_seen":"2026-03-18T02:00:23.73745Z","last_seen":"2026-06-15T15:52:20.260586Z","times_seen":261,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":25,"dns":5,"connect":1,"send":0,"wait":10,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.20.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:14.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 05:19:27 GMT","end":"Wed, 01 Jul 2026 05:19:26 GMT"},"fingerprint":{"sha1":"BF:D8:14:32:18:86:B9:95:54:75:8D:F9:5F:29:DE:4E:F8:F8:F7:13","sha256":"0E:FA:80:0B:F4:13:81:81:4D:CF:50:35:5A:DD:DB:FA:00:0B:34:B2:2D:5D:28:08:E4:45:1F:2C:EF:D2:21:C2"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 05 May 2026 18:22:32 GMT\r\nexpires: Wed, 05 May 2027 18:22:32 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nage: 104382\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-16T17:50:07.645523Z","times_seen":191246,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":9,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/components/fancybox/jquery.fancybox.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/components/fancybox/jquery.fancybox.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 18588\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:03 GMT\r\netag: \"e942-696bdb07-eb39b09cdafa2549;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: ba9eea1e661c91f41f270b6f2b2404d4-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":59714,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32033)","md5":"b92d47642e3247c8999d6ecfac00079d","sha1":"cfb927ca23e6a13aa6940b18c5aa4ec7da4a638b","sha256":"0be343e16013271de06180a331f15d2467b411a8d6e4689279a0bbe3a8aa6b1d","sha512":"e898f89fbec61a8c3ab3481a9705f08ef71ffb3d38880ef9acbf34971a3d437edc425107e2555e4a3ab462a969304c8cfc5af8e05114d65d68a67f4ffb805d68","ssdeep":"768:NDKE0WZGkYqqV/UtUA1hFFuuJ1SKg87qJ9Tygbrq1dxQv9ylX6cdLjLp8lABHhuq:3NZG0dZ7/uuNDqJtygSFGnZ63Lwfe","tlshash":"be43199f7710747586bb16a4a30f520ed437681af10284b274bcd8d516e5fc822ebfea","first_seen":"2023-03-07T01:14:46Z","last_seen":"2026-06-15T16:10:35.140253Z","times_seen":801,"resource_available":true,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/css_browser_selector.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/css_browser_selector.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 577\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 15:01:48 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:20 GMT\r\netag: \"529-696bdb18-9c5db885c25e43ce;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 31559\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: ad4982478626fc91527d330dd9530ce9-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":1321,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with very long lines (1072)","md5":"6c90e8b1a59df8f373e37995c4c27fb0","sha1":"37d1cb1fa2358b4c530636096d926f7b803b3d12","sha256":"bbb9094e86986d381014be7eb58488fe3d9d27c8a0df191e2254cc8d0c1113e9","sha512":"d175666302c66ca78f02d31a1309a2d473d65aff3b74a7f4d236ce9b53373c20e92be77d0f2db859241e94cdd832eb958c4b3a14e0bb7582346171fe1825c4a0","ssdeep":"","tlshash":"8b21f0ac519ef3240d1f77d928e63482d17d9536cdf40b06c61f8424b5a9fcd83a4719","first_seen":"2023-03-08T00:58:02Z","last_seen":"2026-06-11T07:02:38.910498Z","times_seen":354,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/scripts.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/scripts.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 2920\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 15:01:48 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:23 GMT\r\netag: \"4f98-696bdb1b-c3a36ccd08f4f04d;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\nretry-after: 60\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 31559\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 89ad94b27ccb75a1a2a7f13aa0b5d748-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":20376,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"4c0f4de02bc359c852a5be3db9aac7eb","sha1":"416f834c9cbf72f3f8eaac790c28eec31e49d798","sha256":"7887086b2802a150b7e954bb5dc8f473fd9af57458bdbad17b58cff934dfc5d3","sha512":"c0925a1d6e8933d8e28dcfaf4c13e23acbfdc33062d6e9e6300099b37ab80f6096c5f8b2bd2218d1f1e04d522cba754d36460c6f3e876b9a344aba8a2fe81202","ssdeep":"192:9ED1jy5DyKBye/yh/yy3fDV5yEZn3kgaW/ap28C0Tfk3CYvBtgrEkTECl/6x4M:kEpzOlxD","tlshash":"76921019b4b6213081bbb4bf1b6f96082e314067d8c7ce107d4d96944f687ecd7a7b98","first_seen":"2025-04-22T11:15:07.716619Z","last_seen":"2026-06-01T13:31:18.245413Z","times_seen":15,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/templates/default2/html/en/assets/css/font-awesome.min.css\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 20:13:22 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:08 GMT\r\netag: \"12d68-696bdb0c-f517f1dc338c5d65;;;\"\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 529160\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: cdf4eb38783ada7345c9269851e47346-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-06-16T17:46:55.902185Z","times_seen":497041,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":24,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"094kk.com/500/10479302?excludes=\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"094kk.com","domain":"094kk.com","tld":"com"},"ip":{"addr":"139.45.197.247","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"094kk.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:00 GMT","end":"Mon, 27 Jul 2026 05:10:59 GMT"},"fingerprint":{"sha1":"43:7D:6F:F8:BE:84:B1:67:0E:D0:19:51:41:B6:FE:F5:F1:AF:B5:83","sha256":"CC:96:0C:4D:D6:0C:2F:D9:57:9E:67:96:0C:E3:CB:B2:CE:8F:47:A2:3F:CF:4D:81:81:EF:B6:54:52:46:8A:42"}}},"request":{"raw":"GET /500/10479302?excludes=\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=094kk.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: 094kk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nCookie: OAID=00832e212b3c4a14fe7c8e72d14f4551\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: c905440045fcc448ce602870edba6089\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\nvary: Origin\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=00832e212b3c4a14fe7c8e72d14f4551; expires=Thu, 06 May 2027 23:22:09 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2053,"size_decoded":0,"mime_type":"application/javascript","magic":"JSON text data","md5":"b5924caefa3b7d8341bd48adc20f908a","sha1":"ffdbdd8eacb5c690ffb81259f5baeb9b2bcf31f8","sha256":"ad6cae612c16b638399175c624dacbea6971cb32bb7331392a05dc82cc719fef","sha512":"9e9f3a93289fcc28e9a8d2a5d90c6cbc918fb8e28520c3c27a8987e5c760852967802fc2128b4d7815cd6740eab9de3476d3475adf2b02f2111ed18e9d8ca7e1","ssdeep":"","tlshash":"41411af53551077edf2ba21900fa3f2c9115b88309969b00b50d96442acd2cfea1480f","first_seen":"2026-05-06T23:22:37.74513Z","last_seen":"2026-05-06T23:22:37.74513Z","times_seen":1,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/owl.transitions.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/owl.transitions.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 684\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:36 GMT\r\netag: \"12d5-696bdab0-3afc86d5c4d61101;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: b8c0e7a4ac82737805d63f4d130abba4-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":4821,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"203f42e6d70622928bb00eeae94a9040","sha1":"73fe4a4bf82f1e48e732a8699244663f704ab7ac","sha256":"5574465671b5a74e5034a469e85972c8a2defbfe52eb1cf06ef26c95924da77c","sha512":"d78628ae3b43a3cbb8a3f35c2c99af55514e0b79d426f48547ccdf616d83197bebe85bcf3248fae5a7a732e3ccb38a881e7c4709b9f57c07caf94d7f41cca77d","ssdeep":"48:8A9sC4qH+6kHGALQmMfdScuFeU8VrcG9dvgOGH6fxr4jgl9onND2Umm:dsCNPkmALQmGoeU8VYX","tlshash":"e3a16d7ba1e51208694b0680779ce6661aac58a13437ccfab1c67dcbcf506dc23cda47","first_seen":"2023-04-12T08:42:16Z","last_seen":"2026-06-01T13:31:18.217621Z","times_seen":36,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/components/jquery/dist/jquery.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/components/jquery/dist/jquery.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 29263\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:57:57 GMT\r\netag: \"15283-696bdbb5-204dea712cf48f63;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 511299\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 9bcce531f8eb10f8e25a02bb0eeb02d2-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":86659,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (32058)","md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-16T17:32:06.114976Z","times_seen":94223,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/jquery.prettyPhoto.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/jquery.prettyPhoto.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 5613\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 15:01:48 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:22 GMT\r\netag: \"562c-696bdb1a-7201d56869ad9eb2;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\nretry-after: 60\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 31559\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 4d27e2e44bb1bf404cdd8c93216974aa-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":22060,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21775)","md5":"51d2c2977e3dbb58e8ee5a5f52673aa0","sha1":"81e3ee36772fe61b742073a973be1fb840a5cafa","sha256":"7d4adb5e9401f2d3c71467d1c2ab1a153e5b65fdc1d9f90ba7504fd700d7fac6","sha512":"fc6b71b2fa9529b80e5bd7a11e0eef3e01991889eea54750ba0498da12c455cf3d9662e94910bf13695800a9e5e2179a992453c17fbf8a92c91b3e5aeca6c82c","ssdeep":"384:A8MVMTvI9NsdEYKbuvafP3l+CBb3+8rBEpiijfIj7lU+glBj8nneyspL0NeuakTj:nIL+aHl+Cp3+gxq+2+fwGKkoAnFN","tlshash":"a6a286386d2078afc2d3e276e4475b28d1728e33a746d464b2789c7419f4a87643afcd","first_seen":"2023-03-07T01:02:51Z","last_seen":"2026-06-13T23:46:32.978684Z","times_seen":1505,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/jquery.customSelect.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.068Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/jquery.customSelect.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 903\r\ncache-control: public, max-age=604800\r\nexpires: Tue, 14 Apr 2026 15:01:48 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:21 GMT\r\netag: \"9ef-696bdb19-48e2a1dc5518bc4c;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 31559\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 41be829a73971328227d1490db9f7baf-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":2543,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (2270)","md5":"0212de77848bab70b670586c782a2f4f","sha1":"ea9861b8b61802f05acf92b18609a3eb4c5be4d4","sha256":"94eb062f034d9c0a3631943344065bc2e07d520367312378b596f2b1f2a65109","sha512":"5a91558457aa1db34182e8d79e8d6ff7748ae9ae5eb5ec652d8531a4a8059afadb2bf76bd5ef13282bbef8f4f5c70ff1a18857016b12d1b91b0450ea20dc6971","ssdeep":"","tlshash":"8951f01c363472b48cff5d5238eb810fd463d87a96468b624cb240596db984d7257e1f","first_seen":"2023-03-08T00:58:01Z","last_seen":"2026-06-15T15:20:21.229172Z","times_seen":259,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"jmosl.com/401/10479303?oo=1\u0026sw_version=v1.823.1-rc-s\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026st=true","fqdn":"jmosl.com","domain":"jmosl.com","tld":"com"},"ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jmosl.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:41 GMT","end":"Mon, 27 Jul 2026 05:11:40 GMT"},"fingerprint":{"sha1":"0C:27:DA:2E:5C:65:C7:04:ED:8C:54:30:46:77:99:60:22:86:AC:EB","sha256":"28:7F:59:A6:10:FD:C5:B8:A0:5A:51:7E:9B:6A:EC:42:1D:B9:E9:7F:07:50:5A:D6:9D:32:A7:7B:03:72:03:D4"}}},"request":{"raw":"POST /401/10479303?oo=1\u0026sw_version=v1.823.1-rc-s\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026st=true HTTP/1.1\r\nHost: jmosl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3484\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nCookie: OAID=03032e3770cc40c9f697d93d3ad852b5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":3484,"data":"{\"sync\":\"TBtSUh8cJhwUBWcfHEsSAwEFUA5MXwMBbAMlKz9KWUBcHAtKQ1AVSQZbGgxbGwkHVkYLASoQTktDClBGTBkCRExXAwgfFA4eFkpPUhRLDk4+HQY0BV0ZMkBQW2kNHCYfDD1RESZOBwkxGBNcMR5fZkBBJRcYHyoBTzYaUUNQX0dQQB0yU1xHUxkQHAxXWAhFW1MSHw9JSARCT1lJbEYeRkNYWUBQABUbW1pCSQddCk8NCR8UHhYfSk9SFEsJVUNQXkdQWglPDQkfFA4eW1JEThoHGxtbWkJJHFUeTw0JHxQKEFtSRU4aDA9YDUhUW14WBg4VAwMaWAAUSk9SFEsLTRVIVFteFg0FaFZRXFheSURXDE82Dl1DUF5HUFsdDkdMEQxKSFsAHAZcDBcbW1pCSRFcMQJVU2xfFAAcEFdYCEVbTggEMQAXTR0yW1xdUQ4MW1JFThoKFlUOGDEPF0QaBRUDAxpYEhwGEQ1KS0MJTUgJCh9RHgxTShEMSkhbBhk9VgUKG1taQkkRWwICRWZUVxcRDUpPUhRLCV8NSFRbXhYNHl4bCQZWRhoEAUACWVUbCxkeSUgEQk9HV0cUQFVVSgUMSgpbA1FGTBseVRoLWEteaR4BDQ0WFlcbWwNRRkwFF0dMVwNEHxQIDVtSVw5UHxRJCBoLSV4WHBsVAxF7HxcYSllAShkJG1tdQkkGTgFPDQkfFA0TW1JEUABZVRsWAkxRQwRcWRsbRF8NRkNZR1oIRVtOCAJMUUMEXFkbG0ROWF5JRFcVQUtDCU1IBxNQDl5BFU5VVVheSURXEVkBWwNQWlxfXhYdBRUDAgZIUFVKBhUaU0gLWVpCSQFVGU8NCAEOSkhbHAY9XAwNXAIeCw9QDl5BFVNAQxtGQ0o4DUIAFVUARVtFQhRGOl5XV1kNF1kmIUIJWVcJWko5AhwCWlYXQQUCQUQLHk9TC11XCUhKKQ4RXwFCBQkCBkpVSVlVJFEbHF8OEkFaQQBAXRUVEVgKRkNZWUBIDVsDQwMAHxdGAAxbFENSHEkPARAVXRtDUBI6J1AbWhoIRVdSWlcUHQ5YFFEMDlwTUAcYIn1VBFlNVkQUBRVFBQZeRA9QBB0LGUhdHT1+AlpYDgELBhQOFRkdX0wcBw4FURxXXkpjf0ENFxwQEFYIFRQRDghGBF0LGlJLCV8JNDBTV04aARBVQ1BfR1BBBwkVA11DFghVShEQXktDG0NGTBseFlRPX01HRgleVkcdA1kPHF0KWEAIHVlBBFldVk5UFBEYSgMFGxxeCBkaDgAWQk9ZXhEMSkhbHA9AAkssbSJIQkkcVkxXBhURWBsUW1JXNVEHSgtDRkwbBhZUXRsbVkAbCFtSRlUUSxFaQ1BaU14WCgAVAx4HVkYLHAFAAkRIFUMJBjQdVgRPDQkfFBQTW1JEThoeHRtbDA8HAVFCT1hKUEYPRkNKOQtWHAEZGVJYNEQATEEVUVpSHgEXSk8EWQUKXE1IDQMtWwwHaFBdUh8cW1JYUxRLDlAPNQUOC0cxAVJXVEISRkNaQ1QUSxpWDQUcNBZRHhlfGwkETkhbHhAMXAYLG1tITEdQUw8AUklSUglGQ1hZQFYFWwNDDwBGJ2dMQRVXX0VYXlsNG09tOlVcD0hCSRFbAgJFZlRXFxENSk9ASxseW0NGTBsUWExXFRsfFBkIDUpPGUVFW1MSGkxRQxhMHVlNEQxKSFsYGxBbS0MJTUgeBxNACAJFVGxSHxAcCwENSktDQkMDHTQTWgofWFBXFEACGAQGBxRLEEo+HhwCFlEAGRUDVVcWFxxEVwtLNhpREwUDAgdZMVUBZlxEJQocHxAQGlMfWA0ZC0dQXR0yVFFBWRcNDAVXWF4IFUoERkwCAWsLCVBcEQwcBRUbEE4aAApmBg8NAB0WVBlFTFYaWA0KNwIHWjYSUBVIVA0TWB0IGxtaRSUTHAoqCVEdJg9RXDEEAGsACEBcQRRAAhgEBgcUSxBKPg4LGBlAAR1oSlJQGxYQSk8EWQUKXE1IBxgtVwYfWFRaQxc7FhgQEFlLQ18ABh0ODxhMA1JKEQxYV0FcQVoKUEAAWUhCSRFYBwhZTWxfHkZDSgAMUwcWTg9IQkkTUggEW1BSQh87EAxXWBpLVRsVGA8NFF0NMkRWRkQZASYBEUACS1sVQwsKHRdGGgREXEFpEwBbUldAFEsaWAwaDwIVWjEEUxsJFFhIWwsAEUwGFGYIDjFaUA5MTxsbUEMJEBYFKgtcNksbW0hMR1BXAgRUUmxfHkZDSldOGgoWShVIVElQGEwAUk1bWR5GQ0ofEUwIHhtNSBw0B10KTw0bERpYCxg3HAYaU1sbTUgPDxZdGgRYV1JaJQ0dG1dYYzQE\",\"async\":\"TBtXQwgXW1IOQFoIDRtbWUJJGl0AGUQbCQRWRhsEAQoaU0sVQx8ADxdSBwNSXREMSUhbABwGXAwXZggMHAofUUxXBA4fFA4LDQkZQAJaTkRNSAwKBhZUFhVQQGkYBQ1KT1IUSxpRABgJAhxTTFcHFRFVEgULDxwMXzYNUAwPTFFCGEwJXkpQXhsWHgEbBWcdEFQESFRbXhYCCEFcXxRAVAREVwpRBw1KQ1AVFl4WDAFDUREMAUYKHQUSVxsNXAVIVA0TWB0IGxtSQBsNFQkXDl1LQ18ABh0OXhYcCFZKXFhYXlsGGk9WCA9QBgsaBAAZDAFCXEdZFRARSghOGgMKSQdIVBBQR0xXFU8CFFZGHUpPQA0+L287PFcNJGI4OwJoZgtYGVVKHQtcDRxXPgMIGRNZC08NCR8UGQgQDRsWZwAdG1tIGwUZWgEaWRsfFBsCHwEZC1kdHGYIDkxRUBZCT0NLUlAcDRo3Bg1NGxpcPgMKSUgWTEEVWFdAHxYNAQYHSjYQXUNQTEleFg0MWklSXx0KJgERQAJLWxVDCRsYBlsDMl5dbAdYXltKWUBbHApNDgcxAhZrXE8NGxEaWAcVARYJZwAdG1tITEdQVwEeQxsJFFhIWwUQFlAGHRtbSAQYBlUJTxsbQWkPDR1KT0AaRVtWADUHD1AOTE8bG1JSHg0NARoMWQUmUAUZTFEpaRM=\",\"quality_options\":{\"hil\":1,\"jsp\":1,\"ng\":false,\"ix\":false,\"pt\":false,\"np\":true,\"nw\":true,\"nb\":true,\"sw\":1280,\"sh\":1024,\"pl\":\"https://haafedk2.com/index.php?a=register\",\"wy\":0,\"wx\":0,\"ww\":1280,\"wh\":1024,\"cw\":1280,\"wiw\":1280,\"wih\":1024,\"wfc\":0,\"sah\":1024,\"navlng\":\"en-US\",\"drf\":\"\",\"wgl\":\"llvmpipe\",\"tb\":false,\"btz\":\"UTC\",\"bto\":0,\"pnt\":0,\"pnrc\":0,\"bml\":0,\"bmi\":false,\"vsbl\":true},\"client_hints\":{}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: application/json\r\nx-trace-id: 266fac950300c244836c4f613dc084b4\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=00832e212b3c4a14fe7c8e72d14f4551; expires=Thu, 06 May 2027 23:22:09 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2536,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with very long lines (2536), with no line terminators","md5":"1b5083819187778bf3b524971ef11926","sha1":"d8bf5328c23dc97529b2d6dbf5b7a471de5c7cb2","sha256":"7f1005c2972ee1a78dcad25ff7ec84a38a50450829596f83399bc187bc7028c5","sha512":"0d3848d11252c8c4b28b93a615efd2f11bef08445c124a91cd721d463bfa446b920518f18cf439d125df7d3b009a6a88a23905e543b754c407ef494b8dae12f3","ssdeep":"","tlshash":"f5513713aee07d3ff59e9250cf68b74ad37ed484b2f94689ce259b2d7bd4202206b400","first_seen":"2026-05-06T23:22:37.749862Z","last_seen":"2026-05-06T23:22:37.749862Z","times_seen":1,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"jmosl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"auqot.com/event","fqdn":"auqot.com","domain":"auqot.com","tld":"com"},"ip":{"addr":"139.45.197.121","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.348Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"auqot.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 11:23:59 GMT","end":"Wed, 10 Jun 2026 11:23:58 GMT"},"fingerprint":{"sha1":"14:A8:2D:22:A8:09:DC:5B:43:9D:40:02:75:C3:6A:D8:21:BE:2A:B8","sha256":"06:01:25:3A:07:1E:8E:08:B6:6B:13:CA:55:0F:5A:F4:71:D1:83:4C:E5:A2:58:6C:E2:AF:88:DB:52:49:92:D1"}}},"request":{"raw":"POST /event HTTP/1.1\r\nHost: auqot.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://haafedk2.com/\r\nContent-Type: application/json\r\nContent-Length: 1010\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1010,"data":"{\"code\":\"custom\",\"zone_id\":10479304,\"sw_version\":\"3.1.647\",\"pub_zone_id\":10479304,\"trace_id\":\"cd890756-0ec5-41c6-b3a1-84532bccd985\",\"oaid\":\"2af4087a03144cca804f84ce65c135f6\",\"ip\":\"91.90.42.154\",\"geo\":\"no\",\"location\":\"https://haafedk2.com/index.php?a=register\",\"domain\":\"haafedk2.com\",\"install_ctx\":{\"country_code\":\"no\"},\"pub\":0,\"installer_type\":\"standalone\",\"event_type\":\"push_unsupported\",\"timeOrigin\":1796,\"previousEvents\":[{\"ts\":1778109729248,\"event\":\"hit_page\",\"event_data\":{\"installer_type\":\"universal\",\"timeOrigin\":1790}},{\"ts\":1778109729250,\"event\":\"page_loaded\",\"event_data\":{\"timing\":{\"connectEnd\":116,\"connectStart\":64,\"domComplete\":1327,\"domContentLoadedEventEnd\":1176,\"domContentLoadedEventStart\":1169,\"domInteractive\":1166,\"domLoading\":433,\"domainLookupEnd\":64,\"domainLookupStart\":28,\"fetchStart\":27,\"loadEventEnd\":1328,\"loadEventStart\":1327,\"navigationStart\":0,\"requestStart\":116,\"responseEnd\":333,\"responseStart\":329,\"secureConnectionStart\":89},\"installer_type\":\"universal\",\"timeOrigin\":1791}}]}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 81\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":81,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"0da7e503a74c441aeec3f007173b55e0","sha1":"13368e024b42f1f25009cb87cfc4903f710f1626","sha256":"03d9ecea5e5abfb211f1515489ccb84c4dce85fb0a2feb36abc15b408a27dd8f","sha512":"4547125b6c282a21a85fe6a2f9ec935e8fc022546e75ac1a46a4f91e87e879612ba913858cb398adbb8bd732922db88263937b650c695f47507eabd1afbf04a1","ssdeep":"","tlshash":"20a012e0004c441004849209a495ed00187c48b3a5410060463e3e24422430100800b1","first_seen":"2026-05-06T23:22:37.713734Z","last_seen":"2026-05-06T23:22:37.713734Z","times_seen":1,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tzegilo.com/stattag.js","fqdn":"tzegilo.com","domain":"tzegilo.com","tld":"com"},"ip":{"addr":"104.21.11.245","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tzegilo.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 09 Mar 2026 07:10:45 GMT","end":"Sun, 07 Jun 2026 08:08:22 GMT"},"fingerprint":{"sha1":"C0:16:E2:E8:48:7D:FC:16:F7:4D:93:EF:AA:2A:9E:72:69:BB:9B:34","sha256":"59:F4:F7:A9:A0:14:B8:97:DA:6D:27:25:A1:52:E2:19:0D:36:7B:D2:85:DA:D5:5C:5F:DE:58:24:7F:52:46:DE"}}},"request":{"raw":"GET /stattag.js HTTP/1.1\r\nHost: tzegilo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 11 Jul 2024 10:23:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlink: \u003chttps://flerap.com/\u003e; rel=preconnect; crossorigin, \u003chttps://fleraprt.com/\u003e; rel=preconnect; crossorigin\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fTf3QssTKmvEVtddFofcao%2BsiSLCMHIweolSzpJNPw3VuhQ73Oj35tsHBs4BgjZCIRAGauohz6rM2Q8VtbJT6aiRahzvrPly9ZaPb6vxqpKzpM0bknRwOaHwzVVSuA%3D%3D\"}]}\r\nage: 916\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"668fb2be-45d7\"\r\ncontent-encoding: br\r\ncf-ray: 9f7bb9b0be0bb51b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17879,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (17229)","md5":"01227f5edc20e0ff4ed643b27cb8bb68","sha1":"d71a88f7341f2b1bdaa7deb9a66888607bd52598","sha256":"75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2","sha512":"88046b07c07ff6de47ef7d1e0d7ca281fc48e91fc6a292cdf611457b96ac92bb0068971cfd55c0cc3e6179d7335e77a6a14b15fa502bbae7b2233546da6c0f98","ssdeep":"384:WDWdyJ+TJTwWV+6RUL2qq8L6jW4+QL1zWAWvVRIDiei:7so1V+g+d+j4pJ5","tlshash":"8d82094a72d525ee82a3a1d10cef612ffb664e86a97e1785e381b49c187404ec3d7f90","first_seen":"2024-07-11T16:28:55Z","last_seen":"2026-06-16T15:11:14.644926Z","times_seen":7058,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":31,"dns":6,"connect":1,"send":0,"wait":9,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/media/site/1-01756562541.png","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /media/site/1-01756562541.png HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:07 GMT\r\ncontent-type: image/webp\r\ncontent-length: 102436\r\ncache-control: public, max-age=604800\r\nage: 3287\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 2390f99b68d05193cdefb444ae76e8fc-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":102436,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b897d5c22b6bb572c744cad9ed979ffe","sha1":"7bd3572b1e95ae2107b0c4e4fa4a5c458a622f6c","sha256":"e2303beeaf71103222da3a3fa643c3894696f45c69ade7cd557f54d5b0cb6844","sha512":"4f9f97577cdd899ab44959ce1376f149afaaac7dedadac4a4688f4f971a9df870abf39773e7e5ee3e183addcdc58af5312732841f40bfdbcec22e2328460ba93","ssdeep":"1536:s/SLfU/0X2psltLW84UjqMyEzQ1ic+eog8Eoir/ACIYHgZGpo5JN2Yg:s/OmpASZpEzGXJ8E0YAZKUY","tlshash":"0fa312078a66a026ff85e4b11919cae75469b22ee41b04d2e8b0e3c710f315e564c3ff","first_seen":"2026-05-06T23:22:37.751488Z","last_seen":"2026-05-06T23:22:37.751488Z","times_seen":1,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":112,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/images/payments/payment-skrill.png","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/images/payments/payment-skrill.png HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2276\r\ncache-control: public, max-age=604800\r\nage: 4732\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 64cf3babf373d336e7f7756fe1224bae-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":2276,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"81f5b353aee61c4596a481b24aa9dfc7","sha1":"42842512cb52ad1623cfc17989cf5cd495d2b774","sha256":"29034d986f09abd6fc48f2a66386d20cc9f2ed9844148b4ebbed0c2c277cc665","sha512":"c78edacf5c51b01a8169f94e9069d338c321ee631cb1fbf6c3ea15c6327dacfd9b81dfc12fecca1d781a4a4f4869b5b0d59fb64a8ca6712e6b30c27570ee9ae7","ssdeep":"","tlshash":"a4414c725b200ca2c1e62178ed6ee7683f85532447a813313772667c6bdbbc8c9a2193","first_seen":"2026-05-06T23:22:37.752991Z","last_seen":"2026-05-06T23:22:37.752991Z","times_seen":1,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/jsoft-functions.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.076Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/jsoft-functions.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 2584\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:39 GMT\r\netag: \"1fa1-696bdab3-9bb3562e380cffe9;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 91683e57e5e65c5a320cb595efecdfd7-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":8097,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text","md5":"06cca952fca06bb6f49ea596cf94af14","sha1":"448ec6f6faf5c140ccd47cea0c0e1d07c4cfbbf6","sha256":"4458019ac160eb69eb50a23750bf90c89f9231434a8ba2e2d69283a36a5cb980","sha512":"94ed2b407058d6f4a5e04746148879a5c41a5e7d6d435e521050389ec95fdc0528c9feac38f753975a6b3ba6553753562668876b10c3d3c0301ceadc791d8b39","ssdeep":"192:jHWsyXTrq5JqHQHZ25QLvonCaL5QhC7zNxbQ9mUTbt3MiQkMjqWTQZ:jH/yF9UCvNOmEb1j","tlshash":"6bf152ccbaeb701112bb716e099fd505b0b98827158cc850f88c57f05fe286d96ebe79","first_seen":"2025-04-22T11:15:07.711537Z","last_seen":"2026-06-01T13:31:18.227211Z","times_seen":19,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/pricing.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/pricing.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/templates/default2/html/en/assets/css/style.css\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 675\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:36 GMT\r\netag: \"fb9-696bdab0-bb9d46313178040c;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: fe50020ec6032eaf46cd4fc325443035-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":4025,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"d0d7115d3085f70843b6fc9d461502a9","sha1":"21f6b09117863d76cf6ae21431dee90b4f69300f","sha256":"f2342a22221b94fd42b3cc1b8e9deefda2818bd246e6a0b4278387bd65385a9a","sha512":"1d3410f6c82a33525250333daf9394226eb6c5f37615092613ecc8a589dbbd23e075ec333b0a079246653d46690d49d941c62beca0c808d3e86a99374f011371","ssdeep":"","tlshash":"02816c7ea5a602ca32533e09bb35ce4127f65692dd0b8bac7fb14004a6460feb871458","first_seen":"2025-04-22T11:15:07.744352Z","last_seen":"2026-06-01T13:31:18.228845Z","times_seen":19,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"my.rtmark.net/gid.js?userId=00832e212b3c4a14fe7c8e72d14f4551","fqdn":"my.rtmark.net","domain":"rtmark.net","tld":"net"},"ip":{"addr":"172.64.146.234","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"my.rtmark.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 21 Apr 2026 20:49:24 GMT","end":"Mon, 20 Jul 2026 21:49:13 GMT"},"fingerprint":{"sha1":"BC:6D:E9:77:29:ED:3E:9A:89:AF:35:09:53:CE:9F:E6:55:C9:D1:12","sha256":"C9:0F:F8:00:7C:EB:E5:00:42:0C:EF:E3:9B:3A:E0:A7:2F:DC:F9:A8:EB:16:5D:DE:B0:63:40:8D:31:FB:34:85"}}},"request":{"raw":"GET /gid.js?userId=00832e212b3c4a14fe7c8e72d14f4551 HTTP/1.1\r\nHost: my.rtmark.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token\r\naccess-control-expose-headers: Authorization\r\naccess-control-allow-credentials: true\r\nset-cookie: ID=00832e212b3c4a14fe7c8e72d14f4551; expires=Thu, 06 May 2027 23:22:08 GMT; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: gzip\r\ncf-ray: 9f7bb9aabc335688-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4cc50ae7e9291666cf3c4136995869f9","sha1":"1de4fe7fdfbf715dfe00a835328a15abef2879a5","sha256":"e2dc514cf18e53c6348454c9e95b5c9dc11901f343beaf1eebdf8b9ad85e0203","sha512":"86563f180078c9e305a54dbbe747f8150049c6109428126c668919418daab4d61be7ee2cd4d61cb313cb9ea73b36c37b8ae2f5000712a8cefe87f7bf36670907","ssdeep":"","tlshash":"03a022000ee08ac000000e280a828f0080022003b000c30202e000aa23ab08c88c22ca","first_seen":"2026-05-06T23:22:37.755965Z","last_seen":"2026-05-06T23:22:37.755965Z","times_seen":1,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":20,"dns":4,"connect":1,"send":0,"wait":28,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jmosl.com/500/10479303?excludes=\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=jmosl.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"jmosl.com","domain":"jmosl.com","tld":"com"},"ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jmosl.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:41 GMT","end":"Mon, 27 Jul 2026 05:11:40 GMT"},"fingerprint":{"sha1":"0C:27:DA:2E:5C:65:C7:04:ED:8C:54:30:46:77:99:60:22:86:AC:EB","sha256":"28:7F:59:A6:10:FD:C5:B8:A0:5A:51:7E:9B:6A:EC:42:1D:B9:E9:7F:07:50:5A:D6:9D:32:A7:7B:03:72:03:D4"}}},"request":{"raw":"GET /500/10479303?excludes=\u0026oaid=00832e212b3c4a14fe7c8e72d14f4551\u0026tgp=\u0026of=true\u0026sw_version=v1.823.1-rc-s\u0026dmn=jmosl.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=0\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: jmosl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nCookie: OAID=00832e212b3c4a14fe7c8e72d14f4551\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\ncontent-type: application/javascript\r\nx-trace-id: 600ea8d8dcb22d9d90daa30fb9cf928c\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\npragma: no-cache\r\nvary: Origin\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nset-cookie: OAID=00832e212b3c4a14fe7c8e72d14f4551; expires=Thu, 06 May 2027 23:22:09 GMT; path=/; secure; SameSite=None\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2053,"size_decoded":0,"mime_type":"application/javascript","magic":"JSON text data","md5":"e9e73f5e0aaa56adfad08965f826c50c","sha1":"bc90cf44b142c2fe4beefaf8fcaec780d43b4023","sha256":"0c2facd8f0f762427b26fc3b7ce8865dbc3ed9c203d0b3659f6d9869ae39648d","sha512":"4f9f157bd773703e52b357dbff94ece6eed8d91955064cfe280f25576de7fa5688bf937f61f606025712056d2920b702c9fdd47c6fe40a93fb9add2f3e7b0751","ssdeep":"","tlshash":"a3411aae5dc4773f8ea897e3947e7df48091154bd0c427832f4a8e47a92d7112d6d190","first_seen":"2026-05-06T23:22:37.757098Z","last_seen":"2026-05-06T23:22:37.757098Z","times_seen":1,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":123,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"jmosl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/bootstrap.min.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/bootstrap.min.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 15529\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:34 GMT\r\netag: \"18910-696bdaae-e395b1c3aaccf385;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: b580dd21fb5d9c3b1727febbcf827027-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":100624,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a1d01e014f2569859a592ce95266a453","sha1":"8e7ed066c24e17568dd497e3a10d1b92b4180936","sha256":"e1b134615406396e5681866c8d07130ae173e6e6db982a834397ca72a0a8628b","sha512":"83ae3c3d4b209205d61e4316fe34cdcdcf7e0161a6670b26c94dc14fe1e47bfb5c335a251125472a81ce0c1104ae2473e3eb680940a8cfaa0fd68e5f3a5e8eac","ssdeep":"768:dvBkYDHYZJ71Y33kGxwmsBVkzalbDbdZVlC8Bm0Nr890jMXdQJaQ:NMP1Y33NwPk+fZge89hXE","tlshash":"4ca3a5a0f61031da7223c15b71d0ed872619a052f5678eb3f26f2dd88f856ca1663f1b","first_seen":"2025-04-22T11:15:07.737441Z","last_seen":"2026-06-01T13:31:18.214615Z","times_seen":31,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/images/payments/payment-paypal.png","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/images/payments/payment-paypal.png HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2384\r\ncache-control: public, max-age=604800\r\nage: 4732\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: e75b8fa856ca139c08d9d6f5dc66a179-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":2384,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a235c57115fef9918ae8091792b9e326","sha1":"b070963c3ae933a73042e9abfcd71877eb45186a","sha256":"723692243e1ef5f8d3d69f18bb1701e45f54b3519ffdc70218fa8fb8d5e15c94","sha512":"0cf59af100a4c566eb164f9517cae9e2f09cf057a573b7d907b5370648e271210e074497cf6823ca1ae78177d150f8c1adbc448fd3f3f89ba22ca17b0568c1ed","ssdeep":"","tlshash":"30410a6626255044ccc2d33c5f92bf7b0425b79748b4a795dd6640ba0e49c0ddcf0b9c","first_seen":"2026-05-06T23:22:37.759289Z","last_seen":"2026-05-06T23:22:37.759289Z","times_seen":1,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/theme/owl.carousel.min.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/theme/owl.carousel.min.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\ncontent-length: 6652\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:55:22 GMT\r\netag: \"3a44-696bdb1a-535e12e473e15bad;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 527022\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: 6e0715026c80e44b8878f0e6bac0c521-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":14916,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (14916), with no line terminators","md5":"2fec2de7cc7d2d9a66130311f52b5db8","sha1":"5cfc389925bd8200ee1e0fb224434ded9cae3f15","sha256":"4b18105a346260a3e8359cd02633fd5f8bb244f2d5f43e4375a1efd10e5c865a","sha512":"2c65ad232d52605402fe3c61104ca6e19be96dd89eb072e8554c3019b549c1af260a6fd16ab7c007b4ddc24e9c0bec770aba5cc4d1cff2fb7a9a241699d8a04c","ssdeep":"384:XWxb9XXAhOfMSelTARgzoSC0Z4eAchzD/DM5F:8b9uTARgz5C0ZVDL2","tlshash":"1962183a2152321653b261af157c818213e548023ec7b464f9e6f8edebb6161117bbff","first_seen":"2023-03-07T01:34:34Z","last_seen":"2026-06-16T12:21:46.811381Z","times_seen":3746,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f\u0026ruid=8b6a1f99-8426-43a4-8b3a-80fea6b4f683","fqdn":"fleraprt.com","domain":"fleraprt.com","tld":"com"},"ip":{"addr":"139.45.195.252","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fleraprt.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Sun, 04 Jan 2026 00:00:00 GMT","end":"Mon, 11 Jan 2027 23:59:59 GMT"},"fingerprint":{"sha1":"EB:E7:45:0B:C5:08:D8:7F:87:47:B3:6F:7B:0C:95:B3:ED:B5:92:AC","sha256":"37:B2:1A:19:FC:C4:69:69:2F:A0:6E:DA:D4:97:23:4A:C3:A5:FC:C4:C2:EE:FE:8C:AA:FD:3A:C0:4B:AD:40:B2"}}},"request":{"raw":"POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f\u0026ruid=8b6a1f99-8426-43a4-8b3a-80fea6b4f683 HTTP/1.1\r\nHost: fleraprt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1768\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1768,"data":"L\u001bRR\u001f\u001c\u0026\u001c\u0014\u0005g\u001f\u001cK\u0012\u0003\u0001\u0005P\u000eL_\u0003\u000e\u0011\u001aX\u0016\u0010JO@T\u0005\u000fT\u0011\u0003\u001e\u000eP\u0018L\u001fA\u001b\t\u00147\u0001\n\tWN\u001a\u001b\tICP_[^\u0016\u001a\u0017X\u001b\t\u0006VF\u000e\u001fWX\t[A\tMH\u0019\u0003P\u000e_]\u0005\r\u001f\u0014\r\r\u000eJOS\nQI\u0015C\u001d\u0007\u0003P\u000e_]\u0005\r\u001f\u0014\r\u001c[REN\u001a\u001e\u0000\u001b[ZBI\u001bLLW\u0007\u0015\u0011A\u001c\u0007[REN\u001a\u001a\u0018QCP_[@\u0000BODQ\u0011\fKTK\\Y@K\u001e[\u0003PXV[^\u0016\u001d\f@\u001b\t\u0007H\\IDW\u0016K6\u001d\\\u0015\u000f\r\u001f\u0017PLW\u0007\u0015\u0011\\\t\u0011\u0018JO@u\u0006\u0003P\r\u0006\u000fDG\u001a^M\u001fnZX\u001e\u000b\u000e\u001bU,lIH\tOZUK%]\u0000[\u0003\u0002\u0013NLPBH\u0007\u0014\u0002XJ\rOZGK5Q\r\u0006X\u0016\u0001\u0006KTIYES\u0018/\u0010K\u0004\f\u0001\u0013]\u0005]Y\u0019\t\u0011\u001aX\n\tJOS\u0014K\t]CPL\u0002\u001c@\u000b\u001fYX_\u001b\n\u0000\u001fE\u0003\u000b]\u001e\u001cK[\u0003\u001d;;\u000f\u0007\u0003C\\AX\u001b\bT\u0018\u0011\u0004\u0015\u001f\u0010\\\u0016\u000f\u001cQ\u001bG\u003e$\fP]B\u001f\u0016\u0017\t\u0019OH\r\u001f\u0014\u0017\u0003\u000b\u001c\u0017FT\u0004Diz\r\u0013\n\r\r\u0007\fY\u0005TI\u0005\fC\u001d\u001bQ\u0019\bE\u0003ZE*-B\u0001\u001b\u0016]\u001b\u0017X\rG\u001e\u000f\u0014\u0019\u0018\u0004RNVD@\r\n8\u003cY\u001aE[L\b\u000eLQ\u001cA\u0002\u0001\u001b\u001bWD\u001cFCJWN\u001a\u0019\u0015\u001b[H\u0006\u001f\u0006D\u001dW\u0018\u0016[W\u001b\u0002\u001c\f\u001eP\u0016\n\u0016TN\u0003\u0000\u000f\u0017L@\u001d_I\fWG\u0016\u001c\u000f\u001c\u0011L\f\u000b\u001bMH\u0000\fP\u000e^A\u0015MI\u0014@F,\u003c6@\u0014K\u0017[CP_GPZ\u000f\u001d\u0015\u0003\u0011a\u0013\nJZWN\u001a\u0019\r\u001b[ZBI\u0017B\u000f\u0001\u0015\u0003\u0000\u0001VF\u0011\u000bWX\fQU\u001b\u0005\u0007LQ_\u0005BOEMG\u0014@IHDW\u0001P6\u0016[\u000bHT[^\u0016\u0000\u001a\u0015\u0003\u0002\u001aX\u0013\u001dJO\u0004Y\u0005\n\\MH\u0001\u0018\u0011D\u001bO\r\u001b_\u0014\u0011\u0001H\rZ\u000e6O\rCFL\u0003\u001bP\n\bY\u001b\tP\u001b\b\n\rY@[\u0001\u0026V\u0003\u00001\u0002\u001cP\u000b\u0015\u0015\u0003\u001e\u0007VF\u000e\u0001\u001b=S\f\u0000J\u003e\u0006\u000b\u0005\u0015@\u0006O\r\u000b\u0005\u000fVF\u001a\u0007\u0019\rJ6\u001d\\\u0011\u001e\u0006IH\u0006ZA\u0015OVX\u001e\u000b\u000bJO@\u001aE[^\u0000\u0007\u000b\u001b\u0013P\u001dO\r\t\u001f\u0014\u0014\b[RW\u0007VD,jCFL\u0005\u001eGLW\u0015\\]\u001b/7U\r\u001b@\u0014K\u001aV\r\u0005\u001c4\u0015U\u0003\u0018C\u001b\t\u0014\t\u0016\u001e\nWN\u001a\u0019\u001fUCPLI^\u0016\r\u0001C\u001b\tM\u0007H[\u0018\u0019\u0003L\u000f\u0016K\f5\n\u000e\u0006Q\r\u0019XK\u0011\f\u0001F\u0010\u001b*\u0003V\r\u000bV\b\u000eLQ\u0014U\u0002\u001eR\u0015\u0011_\t;\r\u001a\u001c\u0006]\u0007\r\u001b[\f\u000f\u0007\u0001QBO^JlU\u0012\u0016\u0016\u0005\u001c\u0017U6A\u000f\u003e\u0005\u001c4\u001cQ\u0019\bE\u001b\tP\u001b\b\n\rY@Q\u001a\u0026Z\t\u0018\u0001\u0006\u001bA\u0003O\r_RZ\t\u0001UJ\u001c\u0011g\f\u001d^\u0004HT\r\u0013X\u001d\b\u001b\u001bZE%\u0003\u001c\u000b\u001e\r\u001aS\rK\u0014\u000fBI\u001bG1\u001aR[l]\u0013\u0010[R\u0013\u0003T\u001a\u001c\u0015C\u0003\u001d4\u0005Q\f2\\PGiLTO7\u001a\u0010g\u0007\u001cN\u0004\u0018LQ\u0014U\u0002\u001eR\u0015\u0011_\t;\u001d\r\u0006\tL\u0006\tf\u0012\u000b\b\n\u0000]LWQX_E\u001fH[\u0001\u0006=[\u0001\u000bV\f\u0003\u001b\u0006-[\u001e\bEX\u0011\f\u001c\u0005\u0015\u001b\u0010\u001f\u0014K\u0017\\\u0012HTIA\fZY\u000f\u000b\n\u000fC\\[DW\u0001T\u0000\u001cW\u00155\u0007\u000fP\u000eL\\S[\n\u0007L]\u001fELR^]T\r\u0003X\nF\u0010\u0001_Z\u001a[P\u0002M\u0005\u0018\nD[[X\u001f\u001bMH\u000f\r\u0014]\u0002\u0004VMVi\u0013\u0000[RW@\u0014K\rK\u0000\f\b\u0002\u0011k\u001d\u0002BKPS%\r\u001dJO@\tYM\u000eXY^YP\u0018L\fSOVD\u000e\r\n\r\u0007=Q\r[\u0003CHBI\u0011U\u0003\u001dVPTX%\r\u001dJO@\u001aE[Z\u0014\u0019\u001a\u0004\u001fk\u0007\th\b\u0011\fX\u0014\f\u001b\u001d\tQ\u0007[\u0015C\t\u001b\u0018\u0006[\u00032^]l\u0004X^[JY@[\u0005\u0010Z\n5\u0007\u000fP\u000eL^N\bW\\W\u0001\u001d\u000bF\r\u000f\u000fI\t\u0005HBI\u0011[\u001d\u0019\u0015\u0003\u0011\u0014VF\u0014\r\u0001\nW\r[\u0003C\t\u000f\b\u001aQC\u0007D\u0014GW\u001dFUJ\u0007=M\u0000\u001d\u001b[HV\tDU_\u000b\u000e\u0000\u001e\u000eNVOEAQY]T\u0001\u0003Y\u000fFJ\u0004\b\bV\u000fQ\u0002\u001cRA[WN\u001a\u0006\u0018f\b\u000eLQP\u0004^U\u0004\u000bV\u0004KV\u001b[\u0016VYXM_\u0004]\rS\u0017\u0003\\\t\u0006\rU\u0002OQHJY@Y\r\u001dP\u0015\u0003\u0001\u0005\u0013X1\u0004SJ\u0011\f!\u001f[\u000b\u0019\u000b]\u0007\rf\b\u000eLQP\u0005\n\u000f\u000e\b\u0005\u000f\u001cI@X\u0013V\u0015]\u001b\u000b\u0005G\f^C\u0003C\u000fT\r\u0004W\u001b\u0006HQ\u0016S^KU\u001b\u0000\f\b\u0002\u001e]\u000f\u0019RfZRX^[JY@L\u001b\u0018_\u0007\u0003\r4\u0001[\u001b\u001fT\\l_\u001eFCJDR\f^@\nQYLGPU\n\u001bRKG_\t\u0001\u000b7\u001c\u0006\u001aS[\u001bMH\r\n\u001fD\u000f\u0004PWl_\u001eFCJWN\u001a\n\fJ\u0015\u0005\u00034\u001bP1\\\u0015\u0003\u0011F\u000f\u0017\u0011\u0003\u001c\f\u001aE[Z\u0014\u0019\u001a\u0004\u001fk\u0007\th\u000b\u0011\fXFUJ\u0016\u000eQ\n\u0012f\b\u000eLQPN\u001a_\u000f\b\u001e\u0004BS\u0015\u0005\u0002RB\u0004\n\nCFL\b\u001dG\u001aO\r\u001b\u0011\u001aX\t\u001c\u001c\u001d\r\\KC\u001b\u0002\u000b\r\u0003\u0017\u0019\u0004\u001e\u001aMRQXH[\u001a*\u0017Q\r[\u0003C]^XBW\bZT\u0014R\u0007\u001bVT\\\u0017\u0001YDA\u000fP\fC]\u0017\u0006\\\bS\b\u0007\u000f\u001c\\AJY@W\b\u0026P\u0005HTIB\u0004V^\u0005\\\u0001\u0007H\u0006J\u000bA\u0003\t]\u001f\\V\tV\u000eE\u0006\n\\\u0003_\u0007\u0003OU[DW\u0003\\\r\u0010M\b\u0005\u0000\n\u001ek\u0007\tD\u001b\tm'\u0019$\u0015"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.25.5\r\nDate: Wed, 06 May 2026 23:22:09 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 12\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: https://haafedk2.com\r\nAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE\r\nAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match\r\nAccess-Control-Allow-Credentials: true\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"adb4650bfc9d2a73d4dd69583b0ceb14","sha1":"1ce399d6e936232aaf2192cd7903a279c5015f22","sha256":"21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed","sha512":"3fbce22572bbed1aada0f7c6706f16a97e7c0ea132dfee1a7eb80f5e68da1cc63c891a5bc3ea8e87f0c97be3002212a0efbb2af9553acb45e0d447a685cd805b","ssdeep":"","tlshash":"436000000c3000000cc00c0000c00030ff300f00000f00c0000c00f003030c0c00c000","first_seen":"2023-04-05T07:30:31Z","last_seen":"2026-06-16T15:11:14.630434Z","times_seen":57573,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":150,"dns":11,"connect":28,"send":0,"wait":28,"receive":0,"ssl":109},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bobapsoabauns.com/www/images/54b505d4a557197d97118a65fba7c41e.jpg","fqdn":"bobapsoabauns.com","domain":"bobapsoabauns.com","tld":"com"},"ip":{"addr":"172.67.166.60","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:14.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bobapsoabauns.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Mar 2026 17:27:36 GMT","end":"Thu, 11 Jun 2026 18:26:20 GMT"},"fingerprint":{"sha1":"D4:5B:7E:3A:04:7E:B2:18:16:12:D5:8A:2B:EC:8D:E3:7F:C7:E1:8A","sha256":"47:9C:C7:9E:08:57:D9:D4:AC:41:C1:A3:48:7A:31:34:81:6C:9A:B5:7A:35:09:26:1C:67:C7:35:BC:B1:1F:32"}}},"request":{"raw":"GET /www/images/54b505d4a557197d97118a65fba7c41e.jpg HTTP/1.1\r\nHost: bobapsoabauns.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 06 May 2026 23:22:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10572\r\nlast-modified: Thu, 27 Feb 2025 15:00:22 GMT\r\npriority: u=4,i=?0\r\netag: \"67c07e06-294c\"\r\nexpires: Thu, 07 May 2026 06:03:22 GMT\r\ncache-control: max-age=86400\r\ntiming-allow-origin: *\r\naccept-ranges: bytes\r\nage: 62331\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zIUPOVttSGfKOfWwqfaLWY5WEcffHEBxwMg4y5I2qX1QVBF6saB7inCZWsNk%2B9ysglv%2FX4kLym5PagaARgW4BD5vKsJhMtAZkC3Rr%2BkNLbzW9g6GqpNnxBhd4JYgBzbod3uJNw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f7bb9cdfb830b45-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10572,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90\", baseline, precision 8, 300x300, components 3","md5":"54b505d4a557197d97118a65fba7c41e","sha1":"c86f42e27ebdb992cd3d243f7244fcffe64c7240","sha256":"8ee09f3e5f7f37ce5a424eaa4d9cb632a7d18a6d840f370fd3eaf90718ecb8bb","sha512":"31ada63e0431b4f2b492874ca361ab062ed57c71caa86455983f524e3b8ab22410e6f7b081a826e66e8d8870d793cb048fe0c2b25cb3df506121e71dd80f7447","ssdeep":"192:ybwHDrpXGD3EtoALyDT0xUkbB3BfrKv5o+pltjAn5U73SMjcjxw8TfvYng2xG:yEH5I0GAmDgtdh3n52iKctw6fgnggG","tlshash":"c122bf9df5cb4512cf45ef75a9cdcd0c804dd327cf2322ed0da8916632aea397992109","first_seen":"2025-11-01T17:58:56.416665Z","last_seen":"2026-05-06T23:22:37.761432Z","times_seen":2,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/js/jsoft-custom.js","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.078Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/js/jsoft-custom.js HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/index.php?a=register\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: application/x-javascript\r\nvary: accept-encoding\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 13:16:18 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:39 GMT\r\netag: W/\"f7-696bdab3-cad68677dd39e1e2;;;\"\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 554422\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: c61d644eccfdc52cf348f01dd362db15-fra-edge2\r\nx-hcdn-cache-status: HIT\r\ncontent-encoding: br\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]}],"data":{"size":247,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"f0336978a1815139f2318169cd629495","sha1":"e4d3a80a69b1af6230577063e650a25a9372e24a","sha256":"f3f767703a1e23320540cdc4c41c4fe40de2a261e535bfa810c9468c9053bff2","sha512":"9ecce55f35f77c41668154d0fee768223b606bc9f80da4ca74193d3d890c0149e1dd916250553a174d448fd03b19d72685ab17706be5e5dabc0e7ec93f382b26","ssdeep":"","tlshash":"66d0a726b21a1d3f98f373021ab7c7308bbfd0287a2651573b49644e3521bdc052bb85","first_seen":"2025-04-22T11:15:07.735137Z","last_seen":"2026-06-01T13:31:18.228011Z","times_seen":19,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"haafedk2.com/templates/default2/html/en/assets/css/boot-additional.css","fqdn":"haafedk2.com","domain":"haafedk2.com","tld":"com"},"ip":{"addr":"92.113.23.235","port":443,"asn":47583,"as":"Hostinger International Limited","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:08.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"haafedk2.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 02:47:02 GMT","end":"Sat, 18 Jul 2026 02:47:01 GMT"},"fingerprint":{"sha1":"5C:61:4E:58:FC:71:57:99:A5:7A:9B:98:DD:AB:75:7F:00:D3:C2:56","sha256":"B3:99:C1:E9:7B:81:90:18:DD:5A:31:EB:82:62:E7:A0:97:93:78:7D:28:DC:C4:95:32:CC:1F:B8:A1:F7:33:3E"}}},"request":{"raw":"GET /templates/default2/html/en/assets/css/boot-additional.css HTTP/1.1\r\nHost: haafedk2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/templates/default2/html/en/assets/css/style.css\r\nCookie: PHPSESSID=b986bd92af5436132e96777ed002cfe2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 06 May 2026 23:22:08 GMT\r\ncontent-type: text/css\r\ncontent-length: 2796\r\ncache-control: public, max-age=604800\r\nexpires: Thu, 30 Apr 2026 14:45:19 GMT\r\nlast-modified: Sat, 17 Jan 2026 18:53:33 GMT\r\netag: \"4f17-696bdaad-fa73248fdafc68f2;br\"\r\ncontent-encoding: br\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nage: 521187\r\nserver: hcdn\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-hcdn-request-id: a8440a387f465897e11d3be2bef6a179-fra-edge2\r\nx-hcdn-cache-status: HIT\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger CDN","description":"Hostinger Content Delivery Network (CDN).","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["CDN"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":20247,"size_decoded":0,"mime_type":"text/css","magic":"CSV ASCII text","md5":"ebf916c4bfaeafd9ca793625f9e55eda","sha1":"9d43ceff974d336da8fce5504a8ab802597b9796","sha256":"6e4c3ac7429c6b296e882c13ca38f1a984159221a1508cfb47f296389a021397","sha512":"63486f4c1fbbf467311e429e5fb0e4a5814fc26f6adfa8a66f4fb2d8c587bbbc9ea665437c5d0414a3907bf57e61a17fab3d6398104beccaeadffdce44b0d122","ssdeep":"192:a8Y0Pn6jiAABfXLOmURrnprYrvr1rPrxr8rArIrREcxCljEm4YCH4VXULCFMgRAE:vHrLmhuTtzpyWejiXULcVSEwfIz","tlshash":"6092d012eb973843b37b5eb197722634ff2859638e460a7a7ac0365c9ff48e45921d0c","first_seen":"2025-04-22T11:15:07.731139Z","last_seen":"2026-06-01T13:31:18.223583Z","times_seen":19,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"haafedk2.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6opo.com/wrr?z=10479301\u0026p_rid=0f3e3b24-899e-4f45-8f57-4b2f172ab0c6\u0026rb=mch6xWWdI3frT_3NJNG7pXsKn4gDt1-VvPKVlSJwzfVkmEg2C3Isv0d1-Fl2VhaOPEeJMzJh0dMcfeOyhPL-41Qf58G0t2bYz96wgPOuPacd2UHrsP1J8giHkNFZ12Qmv1pR43Cl6H7tFy6ro6BhdXS0ncsy8GBsJgPBr89omC6R35woPfwfQere5L1NqZjbIOp6_nNq_2STIr4nkrpHXJB9-9gI3frstBB9Kie9dx86aWka2VILgH0SqBmm6Q1yCnZbghRoXDytTjqjuGQNi5xyjSY-FUyjY1g1Q6kq2w99FivkH9_SDprNNVw=\u0026tt=7\u0026dmn=quge5.com\u0026js_build=iclick-v1.1786.2\u0026userId=00832e212b3c4a14fe7c8e72d14f4551\u0026tspl=946\u0026cslt=0","fqdn":"6opo.com","domain":"6opo.com","tld":"com"},"ip":{"addr":"139.45.197.246","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:09.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"6opo.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 12 Mar 2026 05:09:53 GMT","end":"Wed, 10 Jun 2026 05:09:52 GMT"},"fingerprint":{"sha1":"41:DC:F1:85:77:F0:0C:F0:6D:99:D3:49:49:8E:4F:0D:1A:14:09:2D","sha256":"FD:E1:4B:BF:9B:78:74:32:4B:0E:54:76:B4:05:F4:6A:0E:A8:97:7E:62:4C:1F:55:23:3B:F5:48:DE:D9:3C:50"}}},"request":{"raw":"POST /wrr?z=10479301\u0026p_rid=0f3e3b24-899e-4f45-8f57-4b2f172ab0c6\u0026rb=mch6xWWdI3frT_3NJNG7pXsKn4gDt1-VvPKVlSJwzfVkmEg2C3Isv0d1-Fl2VhaOPEeJMzJh0dMcfeOyhPL-41Qf58G0t2bYz96wgPOuPacd2UHrsP1J8giHkNFZ12Qmv1pR43Cl6H7tFy6ro6BhdXS0ncsy8GBsJgPBr89omC6R35woPfwfQere5L1NqZjbIOp6_nNq_2STIr4nkrpHXJB9-9gI3frstBB9Kie9dx86aWka2VILgH0SqBmm6Q1yCnZbghRoXDytTjqjuGQNi5xyjSY-FUyjY1g1Q6kq2w99FivkH9_SDprNNVw=\u0026tt=7\u0026dmn=quge5.com\u0026js_build=iclick-v1.1786.2\u0026userId=00832e212b3c4a14fe7c8e72d14f4551\u0026tspl=946\u0026cslt=0 HTTP/1.1\r\nHost: 6opo.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://haafedk2.com/\r\ncontent-type: application/json\r\nContent-Length: 3460\r\nOrigin: https://haafedk2.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":3460,"data":"{\"sync\":\"TBtSUh8cJhwUBWcfHEsSAwEFUA5MXwMBbAMlKz9KWUBcHAtKQ1AVSQZbGgxbGwkHVkYLASoQTktDC1hGTBkCRExXAwgfFA4eFkpPUhRLDk4+HQY0BV0ZMkBQW2kNHCYfDD1RESZOBwkxGBNcMR5fZkBBJRcYHyoBTzYaUUNQXkdQQB0yU1xHUxkQHAxXWAhFW1MSHw9JSARCT1lJbEYeRkNYWUBQABUbW1pCSQddCk8NCR8UHhYfSk9SFEsJVUNQXkdQWglPDQkfFA4eW1JEThoHGxtbWkJJHFUeTw0JHxQKEFtSRU4aDA9YDUhUW14WBg4VAwMaWAAUSk9SFEsLTRVIVFteFg0FaFZRXFheSURXDE82Dl1DUF5HUFsdDkdMEQxKSFsAHAZcDBcbW1pCSRFcMQJVU2xfFAAcEFdYCEVbTggEMQAXTR0yW1xdUQ4MW1JFThoKFlUOGDEPF0QaBRUDAxpYEhwGEQ1KS0MJTUgJCh9RHgxTShEMSkhbBhk9VgUKG1taQkkRWwICRWZUVxcRDUpPUhRLCV8NSFRbXhYNHl4bCQZWRhoEAUACWVUbCxkeSUgEQk9HV0cUQFRVSgUMSgpbA1FGTBseVRoLWEteaR4BDQ0WFlcbWwNRRkwFF0dMVwdEHxQIDVtSVw5UHxRJCBoLSV4WHBsVAxF7HxcYSllAShkJG1tbXUdQQBQCFQMDGlgTDkpPUwpRSRVDHQZJSAVeXwMVEUETE1tSRFAAWVUbFgMGSUgFXl8DFRFBAkZDWFlATxBbA1FGTAIKFlRdGxtEUBlGQ1hZQEsIERtbW15ZRhhMHl8bCQdKVk1EVxFPS0MIU1JeR1BHDxoVAwIEQlRVSgERZw0cTQQJGg4WFlRdGxtZRQ8FW1JXL1cTEFUNC0FeXARORWBQXVIVEwpIOzYYWEkXUVFOPBtaWFkMGUsATl9ZGgNYCVpNF1FDTiwXVwUCGAsDB0pUSFhEQn4AC1wHBRZEQwdaQwcbHxQUFFtSRE4aGR0bW0gHBQZRHANWVR5GHgJUHhwHTwwLAwgZPiJJXQAZUktdVxZJCQwTT04AHE4EGFQCAWQnVl5XR1MIChgEWBJcD1RPCA8ZDgAOBx5ncAhfFBAcGhsDVEQJXQdHGAIXQwsfDVBAZjNfEAYBB0oHGFVMGgoNX0IHCEBcQQwTFykhTkAUSxFQDUhUWl4WGwRTGwlYDwgVRFcGSg9bA0NIQkkCWExXFVFHQgoXQ0daClkIH1wFAVxFEVsDQl5XV1MCSgkABV1ZVAtcBgMdHxdGTEEVV1QUQFRVSgEYGlNbbDUpTEdQWgxPDQgfFBQFCUpPQG8AFwpTSEJJAkBMVwcVEVMMBRVKT1EPRVtRAkhUX0oYTAlaGwkbS0hbGgEWGlNUCE1IDQMtWwwHFQMDGlgKDkpPUxRLDl1DUAgKHkcLQRVWQFUKEVtSVy5RBwxBQRJWXS0CWk8bG1tfHgAcBldYXggVSgRGTAgaawEPXWZaWB4BAUpPTwlFW04IBDEAF00dMltcXVEODFtSR1QARVtaDgYBGS1QCx1DUREMSFBVSgMHVg0WS0NQTEleFgkMWlxDVx4XW1JFThoHFRtbSAsFX2E9TxsbXVoJRkNKEAwVPCoVBARMR1BXAQFYS2xRGwkMHFdYGhoLXgNIQkkCUgJPDRsRGlgHFRxXWEMUVRsLGR5JSAVCT0dXRxRAVFVKBQxKClsDUUZMGx5VGgtYS15pHgENDRYWVxtbAxpIBxgtVQAJRVZaUlheHwkZEV1FW1ASNRoZG1ALA0MbCVAbCAoNWUBRGiZaCRgBBhtBAzIPD2xZCDsXDQIHSktDXwAGHQ5eFgceaFpbRBUJEB0YQAIPGFUSD0JJG0cxCFNeVhRAAhgEBgcUSxBKPg0LCBlbTFdDS0ZTVkYQGyoVXQsmUggeTFEUVQIeUhURXwk7Dg0XPVMADWZXWlg0HUYxA1JOVkRYXh8JGRFdRVtQEjUKDgFfGgJHZkBXHAULAVdYXggVSgRGTAIBaw0FRVZeXw8JJgcFB0oIWwMHCwIYF0lCT1RVWlMUECYBEUACSwxXCgQBHBwWQk9WX1VfFg0YHBA9UQ1bA0NIQkkGRg8LUVBQaQkLDBoWB2cAHRtbSExHUFUKG1JLR18JAQs3HAYaU1sbTUgNCh9EDwRQV2xfHkZDSldOGgoMShUFAzQbUDFcFQMRFFZGGh0GFlcEJlAFNVxJSBZMQRVaX18ZDyYBEUACS1sVQwkBGAYWVE8VFRFbHxARBxFAAksTShULCUleFhwyQlBXFEBGW0RXDVk2EF1DUExJXhYPCVNQR18VChgEKgtcGlsDOjcT\",\"async\":\"TBtXQwgXW1IOQFoIDRtbXkJJGl0AGUQbCQVWRhsEAQoaU0oVQx8ADxdSBwNSXREMSUhbABwGXAwXZggMHAofUUxXAgAfFA4LDQkZQAJcQERNSAwKBhZUFhVQQGkYBQ1KT1IUSxpRABgJAhxTTFcHFRFVEgULDxwMXzYNUAwPTFFCGEwJXkpQXhsWHgEbBWcdEFQESFRbXhYCCEFcXxRAVAREVwpRBw1KQ1AVFl4WDAFDUREMAUYKHQUSVxsNXAVIVA0TWB0IGxtSQBsNFQkXDl1LQ18ABh0OXhYcCFZKXFhYXlsGGk9WCA9QBgsaBAAZDAFCXEdZFRARSghOGgMKSQdIVBBQR0xXFU8CFFZGHUpPQA0+L287PFcNJGI4OwJoZgtYGVVKHQtcDRxXPgMIGRNZC08NCR8UGQgQDRsWZwAdG1tIGwUZWgEaWRsfFBsCHwEZC1kdHGYIDkxRUBZCT0NLUlAcDRo3Bg1NGxpcPgMKSUgWTEEVWFdAHxYNAQYHSjYQXUNQTEleFg0MWklSXx0KJgERQAJLWxVDCRsYBlsDMl5dbAdYXltKWUBbHApNDgcxAhZrXE8NGxEaWAcVARYJZwAdG1tITEdQVwEeQxsJFFhIWwUQFlAGHRtbSAQYBlUJTxsbQWkPDR1KT0AaRVtWADUHD1AOTE8bG1JSHg0NARoMWQUmUAUZTFEpaRM=\",\"quality_options\":{\"hil\":1,\"jsp\":1,\"ng\":false,\"ix\":false,\"pt\":false,\"np\":true,\"nw\":true,\"nb\":true,\"sw\":1280,\"sh\":1024,\"pl\":\"https://haafedk2.com/index.php?a=register\",\"wy\":0,\"wx\":0,\"ww\":1280,\"wh\":1024,\"cw\":1280,\"wiw\":1280,\"wih\":1024,\"wfc\":0,\"sah\":1024,\"navlng\":\"en-US\",\"drf\":\"\",\"wgl\":\"llvmpipe\",\"tb\":false,\"btz\":\"UTC\",\"bto\":0,\"pnt\":0,\"pnrc\":0,\"bml\":0,\"bmi\":false,\"vsbl\":true},\"client_hints\":{}}"}},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:09 GMT\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\naccess-control-allow-origin: https://haafedk2.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon\r\naccess-control-max-age: 86400\r\npragma: no-cache\r\ncache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"jmosl.com/impression/e4ffSMZ1n2zT--5KjPxe_nHpsnkMCWaCGS9ifaSRPG4IHSm5N_WPp6lorRwwj28UQOe_-zIWCVwCnFR5KPoFGga_oUnCi9r1H7WCjTGDpdCEFkp5XS4vPLkJFPodPis4RzJLmlPwtr4UzeH2bB4JYywMIA0395Cgf8gOL46bmsMmNZB4j6uv8jwIuTU-Y2dskO98Dl-OO_H4rvn6exvDWtNkc48qrPJpF6SwVcEg7dMsFjQFSakpUnjLLCGryXm5nwx1lRxD6nuo5G-In7B1HCO2i9RZSEezNtoqDix_8noj1A-qpIG8X51ZRE_pHGYuKL3bccHYaUzYlvdytq9EQdTKIZBfUobtDKKsV3YctBMdrRsITsVhT_c4dqa4xn8xKs-BrVpc7VxbaMwUeeLgxli9v-kRTiOMgLQgnOXASTh3bXHM0P2p8XmXmTxq2u7_upiDxzun-Zbim9cKtXG2jmmK2JypzeoOIfEGlMsivElcq_wH7pJrN3o50dBJiQqq51stmtrBQm1qIEnu2rtrL5_AtZ5jdHZOsqEnW10KwQ0lq0bvCc3sBiyFCuF-DDJsGQerWBqlgZHNHIg3fdPWsR0Wdez7DaRwx34JvUBxKE05hjwSypFJ6EK5_gIdP17IzfQADrutXjzWzS3FOXrPV2pi06dfRCzrSpn39AN0BXIJP9nDl-DRMJw2Hwkp6ejPz-arWuvd_uCerlHNqg1QjrWPKCu0n6Qh-eBeJsaO2sDyucsck2Upla-ywLQJheqRyrTA_OVrJFxL5aRU7f7BIefYWVHJL4b554iTwmpSKbNGCAf4Z5uqG0lKhii9d9MmSUNImVJeBiCf8VzKvkdp5DMGay32IDeOgo0Aj94X-dvrNUUfAMdnSQ==?_z=10479303\u0026sw_version=v1.823.1-rc-s\u0026dmn=jmosl.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1","fqdn":"jmosl.com","domain":"jmosl.com","tld":"com"},"ip":{"addr":"139.45.197.116","port":443,"asn":9002,"as":"RETN Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://haafedk2.com/index.php?a=register","date":"2026-05-06T23:22:13.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jmosl.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Tue, 28 Apr 2026 05:11:41 GMT","end":"Mon, 27 Jul 2026 05:11:40 GMT"},"fingerprint":{"sha1":"0C:27:DA:2E:5C:65:C7:04:ED:8C:54:30:46:77:99:60:22:86:AC:EB","sha256":"28:7F:59:A6:10:FD:C5:B8:A0:5A:51:7E:9B:6A:EC:42:1D:B9:E9:7F:07:50:5A:D6:9D:32:A7:7B:03:72:03:D4"}}},"request":{"raw":"GET /impression/e4ffSMZ1n2zT--5KjPxe_nHpsnkMCWaCGS9ifaSRPG4IHSm5N_WPp6lorRwwj28UQOe_-zIWCVwCnFR5KPoFGga_oUnCi9r1H7WCjTGDpdCEFkp5XS4vPLkJFPodPis4RzJLmlPwtr4UzeH2bB4JYywMIA0395Cgf8gOL46bmsMmNZB4j6uv8jwIuTU-Y2dskO98Dl-OO_H4rvn6exvDWtNkc48qrPJpF6SwVcEg7dMsFjQFSakpUnjLLCGryXm5nwx1lRxD6nuo5G-In7B1HCO2i9RZSEezNtoqDix_8noj1A-qpIG8X51ZRE_pHGYuKL3bccHYaUzYlvdytq9EQdTKIZBfUobtDKKsV3YctBMdrRsITsVhT_c4dqa4xn8xKs-BrVpc7VxbaMwUeeLgxli9v-kRTiOMgLQgnOXASTh3bXHM0P2p8XmXmTxq2u7_upiDxzun-Zbim9cKtXG2jmmK2JypzeoOIfEGlMsivElcq_wH7pJrN3o50dBJiQqq51stmtrBQm1qIEnu2rtrL5_AtZ5jdHZOsqEnW10KwQ0lq0bvCc3sBiyFCuF-DDJsGQerWBqlgZHNHIg3fdPWsR0Wdez7DaRwx34JvUBxKE05hjwSypFJ6EK5_gIdP17IzfQADrutXjzWzS3FOXrPV2pi06dfRCzrSpn39AN0BXIJP9nDl-DRMJw2Hwkp6ejPz-arWuvd_uCerlHNqg1QjrWPKCu0n6Qh-eBeJsaO2sDyucsck2Upla-ywLQJheqRyrTA_OVrJFxL5aRU7f7BIefYWVHJL4b554iTwmpSKbNGCAf4Z5uqG0lKhii9d9MmSUNImVJeBiCf8VzKvkdp5DMGay32IDeOgo0Aj94X-dvrNUUfAMdnSQ==?_z=10479303\u0026sw_version=v1.823.1-rc-s\u0026dmn=jmosl.com\u0026fs=0\u0026cf=0\u0026sw=1280\u0026sh=1024\u0026sah=1024\u0026wx=0\u0026wy=0\u0026ww=1280\u0026wh=1024\u0026cw=1280\u0026wiw=1280\u0026wih=1024\u0026wfc=1\u0026pl=https%3A%2F%2Fhaafedk2.com%2Findex.php%3Fa%3Dregister\u0026drf=\u0026np=1\u0026pt=0\u0026nb=1\u0026ng=0\u0026ix=0\u0026nw=1\u0026tb=false\u0026vsbl=true\u0026navlng=en-US\u0026bto=0\u0026btz=UTC\u0026jsp=1 HTTP/1.1\r\nHost: jmosl.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://haafedk2.com/\r\nCookie: OAID=00832e212b3c4a14fe7c8e72d14f4551\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Wed, 06 May 2026 23:22:13 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\nx-trace-id: f69e298478d0cb53e983bc9dd1f57891\r\npragma: no-cache\r\nexpires: Tue, 11 Jan 1994 10:00:00 GMT\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0\r\nvary: Origin\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Link\r\naccess-control-allow-credentials: true\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *, *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"b4491705564909da7f9eaf749dbbfbb1","sha1":"279315d507855c6a4351e1e2c2f39dd9cd2fccd8","sha256":"4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49","sha512":"b8d82d64ec656c63570b82215564929adad167e61643fd72283b94f3e448ef8ab0ad42202f3537a0da89960bbdc69498608fc6ec89502c6c338b6226c8bf5e14","ssdeep":"","tlshash":"c5900403d140d041c351c0300d0cc740174471304514030f70fc175dfc353510c13000","first_seen":"2023-04-05T09:54:56Z","last_seen":"2026-06-16T17:07:13.132506Z","times_seen":101431,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-06","alert":"Sinkholed","trigger":"jmosl.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}