{"report_id":"74dfc86e-3983-4e5f-8e9e-5a027beb3b18","version":6,"status":"done","tags":[],"date":"2025-09-01T21:32:23Z","url":{"schema":"http","addr":"mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","fqdn":"mistermgermens.shop","domain":"mistermgermens.shop","tld":"shop"},"ip":{"addr":"173.0.146.171","port":0,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","fqdn":"mistermgermens.shop","domain":"mistermgermens.shop","tld":"shop"},"title":"Downloading"},"submit":{"url":{"schema":"http","addr":"mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","fqdn":"mistermgermens.shop","domain":"mistermgermens.shop","tld":"shop"},"ip":{"addr":"173.0.146.171","port":0,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-06T21:32:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-01","alert":"Sinkholed","trigger":"thiazinrural.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-01","alert":"Sinkholed","trigger":"mistermgermens.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-08-27T15:14:26.687687Z","alert_count":0,"request_count":1,"received_data":28611,"sent_data":483,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"thiazinrural.shop","ip":{"addr":"172.255.103.120","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-05-27","domain_rank":177169,"first_seen":"2025-06-06T16:19:59.729793Z","last_seen":"2025-08-23T08:29:40.943309Z","alert_count":1,"request_count":1,"received_data":22295,"sent_data":453,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-08-27T15:11:05.791298Z","alert_count":0,"request_count":3,"received_data":122889,"sent_data":1662,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mistermgermens.shop","ip":{"addr":"173.0.146.171","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-04-21","domain_rank":457859,"first_seen":"2025-08-22T02:55:39.352452Z","last_seen":"2025-08-22T02:55:39.352452Z","alert_count":3,"request_count":3,"received_data":11101,"sent_data":4620,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","fqdn":"mistermgermens.shop","domain":"mistermgermens.shop","tld":"shop"},"ip":{"addr":"173.0.146.171","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"9e81ab84304ac8d43a2a37cf2dffc9d6","sha1":"138f17b22a79126fe93b5c8e07e1f755dd46c542","sha256":"e1f93f36371d6a141c26902ffe235dbf7190b1a4bed4efb63a4b6a2f06cd32b8","sha512":"566070290b314093cc25187796a29515261ca9ee1d4327243061a63258bd9ff42cff8a400fbc7a6e303ee14857b1c88fae56c2a0021ca2a66695a179d9eed2bb","ssdeep":"","tlshash":"e931422a6625a8710afcd58333bca7d87f76c8f270968405497c9f462900d5332e5d8e","size":1676,"data":"","first_seen":"2025-09-01T21:32:24.831595Z","last_seen":"2025-09-01T21:32:24.831595Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","fqdn":"mistermgermens.shop","domain":"mistermgermens.shop","tld":"shop"},"ip":{"addr":"173.0.146.171","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"1793a430196a06fa76488848fcfeb38c","sha1":"367fa4058b88952685b05ba96352b69343388ab9","sha256":"9aac3239cfbd60d7e4587987c13262bb50490f2b4df359882b5699008bc58e1c","sha512":"7547af48b63d477fbc296f86bd745f55222ee06bf4a64a857a6d4bd3315dc8fa9445e53af48b082e4c525788326c000426de5c72953a5da3eb6e4b305e1ed73f","ssdeep":"","tlshash":"91b09227d63e88f206732286774336b01996d14e82d66a9213982eb22662f1be521389","size":121,"data":"","first_seen":"2025-09-01T21:32:24.832636Z","last_seen":"2025-09-01T21:32:24.832636Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","fqdn":"mistermgermens.shop","domain":"mistermgermens.shop","tld":"shop"},"ip":{"addr":"173.0.146.171","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ca938ee026d0b4269f0eb39b2b99f242","sha1":"4a70d57dfbbaa930578db017d595aa74a37a0312","sha256":"e17b776c61adba691f22c0b31cf9cca6e06f129031d53bbd60a96b803c31a085","sha512":"98a89c866167456519430da24cee5e5c15834249422b5b44c33357d82a25ab752f79a44c6968873e662b1d38ae3fade6e696de6cce59179b619096bdd1367dd3","ssdeep":"","tlshash":"4fc09b1505131d1dcf3fe6ad6a7347d558f9165b3181914d35dc58840fd38a2d509745","size":143,"data":"","first_seen":"2025-08-10T09:16:48.19369Z","last_seen":"2025-12-04T20:30:23.068611Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thiazinrural.shop/s/d4/fe/d4fe2798f1a75e776f4d5977d595380a.js","fqdn":"thiazinrural.shop","domain":"thiazinrural.shop","tld":"shop"},"ip":{"addr":"172.255.103.120","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4fe2798f1a75e776f4d5977d595380a","sha1":"fffe653bf2f0b134cba1ace67369a3eea2566e5f","sha256":"aa8d4550ce959a43f368fd4155ad614563607f200c49cfdbb91e129201894486","sha512":"ad670dc1afb358c1bce604c3dbb0b008b53b79fa404ebf9034d003272df78d65612463706231bd9aea4b87e07ac677363baba8f738d089e475046805c90a94c5","ssdeep":"384:VBDt+Vz5YceHEXXqO1vOHT3zOSej0Pr6awppKdERiws3Z3TuiJgdQYyFStZCUzG:VBDPGqO1vEjySY0Pr4ppKdER6uiJgdgd","tlshash":"30a2e5bdf3c9ba7496daf604d23b4b067f2b59389cd090a08595d18439798cb00a7f73","size":21938,"data":"","first_seen":"2023-03-07T13:21:21Z","last_seen":"2026-02-01T10:38:13.392314Z","times_seen":224,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","date":"2025-09-01T21:32:01.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"05:AF:87:21:D4:6B:A6:86:ED:A7:D2:07:92:06:E4:D4:79:84:27:E8","sha256":"F6:EC:75:67:99:66:34:CC:0C:0F:9D:D7:8B:6A:04:94:98:0C:7B:B5:47:E2:47:37:A6:F8:E2:08:99:72:AB:BE"}}},"request":{"raw":"GET /css2?family=Roboto:wght@300;400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mistermgermens.shop/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Mon, 01 Sep 2025 21:32:01 GMT\r\ndate: Mon, 01 Sep 2025 21:32:01 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27925,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"f587ea66a80b338559f1b1f24ff2fe68","sha1":"8c30a458b043c8d221e9b9e5233f286584d3c47d","sha256":"6cbef911841db910846439f027c39b95bca952c894c0510e3767686d292b34b7","sha512":"41248963a8eadac695ad32dd48ef88eded115bb299c58bdc8b60d61cd3e9bab929fc54a81e2740d143eccb21a114a43fb6b2a15f82625548ce22da4c78e63aa8","ssdeep":"768:p90DXOU/R08toBy+Oh/EBpmv65lOa/76iTS3IUOX/u3/cZwPLOQ/Vw42:P4HSZr","tlshash":"cbc211a1041740009b839ce223cebf35fe1f92517142d0b5abfd9b6badcbc66526936d","first_seen":"2025-06-03T00:16:43.249433Z","last_seen":"2025-09-08T08:59:06.909973Z","times_seen":254,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":108,"dns":1,"connect":28,"send":0,"wait":48,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"thiazinrural.shop/s/d4/fe/d4fe2798f1a75e776f4d5977d595380a.js","fqdn":"thiazinrural.shop","domain":"thiazinrural.shop","tld":"shop"},"ip":{"addr":"172.255.103.120","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","date":"2025-09-01T21:32:01.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"thiazinrural.shop","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 01 Aug 2025 14:27:41 GMT","end":"Thu, 30 Oct 2025 14:27:40 GMT"},"fingerprint":{"sha1":"23:50:EA:DF:C0:64:B5:9F:AC:24:FB:B3:13:22:D6:DB:50:EA:2C:84","sha256":"84:0D:0E:56:C5:41:4A:E6:70:7C:79:60:F1:53:2F:2E:8D:31:E3:7E:C0:C4:6D:70:1A:9F:18:7D:62:BF:84:A9"}}},"request":{"raw":"GET /s/d4/fe/d4fe2798f1a75e776f4d5977d595380a.js HTTP/1.1\r\nHost: thiazinrural.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mistermgermens.shop/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 01 Sep 2025 21:32:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 21938\r\nLast-Modified: Tue, 01 Mar 2022 08:35:08 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"621ddabc-55b2\"\r\nExpires: Thu, 11 Sep 2025 21:32:01 GMT\r\nCache-Control: max-age=864000\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21938,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (20645)","md5":"d4fe2798f1a75e776f4d5977d595380a","sha1":"fffe653bf2f0b134cba1ace67369a3eea2566e5f","sha256":"aa8d4550ce959a43f368fd4155ad614563607f200c49cfdbb91e129201894486","sha512":"ad670dc1afb358c1bce604c3dbb0b008b53b79fa404ebf9034d003272df78d65612463706231bd9aea4b87e07ac677363baba8f738d089e475046805c90a94c5","ssdeep":"384:VBDt+Vz5YceHEXXqO1vOHT3zOSej0Pr6awppKdERiws3Z3TuiJgdQYyFStZCUzG:VBDPGqO1vEjySY0Pr4ppKdER6uiJgdgd","tlshash":"30a2e5bdf3c9ba7496daf604d23b4b067f2b59389cd090a08595d18439798cb00a7f73","first_seen":"2023-03-07T13:21:21Z","last_seen":"2026-02-01T10:38:13.392314Z","times_seen":224,"resource_available":true,"data":null}},"time_used":249,"timings":{"blocked":104,"dns":47,"connect":18,"send":0,"wait":36,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-01","alert":"Sinkholed","trigger":"thiazinrural.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","date":"2025-09-01T21:32:01.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"F5:9E:5D:EB:46:9B:ED:9F:D2:D7:E8:D1:06:43:DF:9D:0C:13:7E:75","sha256":"AA:C4:C0:AF:38:AE:91:75:3F:86:CE:32:70:A9:8F:C4:2F:7F:D2:28:D1:34:AD:0A:C8:E2:6C:6E:4D:46:72:23"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mistermgermens.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 Aug 2025 11:06:50 GMT\r\nexpires: Sat, 29 Aug 2026 11:06:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nage: 296711\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-08T15:53:11.229918Z","times_seen":802400,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":56,"dns":1,"connect":7,"send":0,"wait":8,"receive":12,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","date":"2025-09-01T21:32:01.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"F5:9E:5D:EB:46:9B:ED:9F:D2:D7:E8:D1:06:43:DF:9D:0C:13:7E:75","sha256":"AA:C4:C0:AF:38:AE:91:75:3F:86:CE:32:70:A9:8F:C4:2F:7F:D2:28:D1:34:AD:0A:C8:E2:6C:6E:4D:46:72:23"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mistermgermens.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 Aug 2025 11:06:50 GMT\r\nexpires: Sat, 29 Aug 2026 11:06:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nage: 296711\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-08T15:53:11.229918Z","times_seen":802400,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":59,"dns":1,"connect":20,"send":0,"wait":15,"receive":2,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","date":"2025-09-01T21:32:01.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 11 Aug 2025 19:22:25 GMT","end":"Mon, 03 Nov 2025 19:22:24 GMT"},"fingerprint":{"sha1":"F5:9E:5D:EB:46:9B:ED:9F:D2:D7:E8:D1:06:43:DF:9D:0C:13:7E:75","sha256":"AA:C4:C0:AF:38:AE:91:75:3F:86:CE:32:70:A9:8F:C4:2F:7F:D2:28:D1:34:AD:0A:C8:E2:6C:6E:4D:46:72:23"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://mistermgermens.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 29 Aug 2025 11:06:50 GMT\r\nexpires: Sat, 29 Aug 2026 11:06:50 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nage: 296711\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-08T15:53:11.229918Z","times_seen":802400,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":57,"dns":1,"connect":22,"send":0,"wait":13,"receive":2,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mistermgermens.shop/mtn/119108/0baa3ddb977b6ebd76c3edddde09fbe6.9354348789.023","fqdn":"mistermgermens.shop","domain":"mistermgermens.shop","tld":"shop"},"ip":{"addr":"173.0.146.171","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","date":"2025-09-01T21:32:01.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mistermgermens.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 09:24:46 GMT","end":"Sat, 29 Nov 2025 09:24:45 GMT"},"fingerprint":{"sha1":"21:73:18:AF:89:6E:73:41:FE:D4:32:BB:9E:F2:E7:B4:E5:84:D6:35","sha256":"3B:35:61:11:A3:E4:FF:A2:AA:3E:B7:82:58:5E:E6:9E:42:30:0D:33:AA:34:1D:3A:74:BE:80:70:5B:44:5A:3F"}}},"request":{"raw":"POST /mtn/119108/0baa3ddb977b6ebd76c3edddde09fbe6.9354348789.023 HTTP/1.1\r\nHost: mistermgermens.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 72\r\nOrigin: https://mistermgermens.shop\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C\r\nCookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjA9l6BadnCbbYMXXgFZhEDwxyZGfu5%2B2zxLp5XKcVpAjYTkrrM6yKvDnl5qkBPcNuBRwfdin8PX5AHF0ewd9h0wUrWyOzi8kes%2FgYZbM%2FWfLJe7ByNuABeWjfDzT72l%2F4KmjSBo2gGh3uqQC%2B9%2BwFe7x3U\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 01 Sep 2025 21:32:01 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nAccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://mistermgermens.shop\r\nAccess-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\nAccess-Control-Max-Age: 600\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T15:53:20.525245Z","times_seen":14844059,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-01","alert":"Sinkholed","trigger":"mistermgermens.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mistermgermens.shop/favicon.ico","fqdn":"mistermgermens.shop","domain":"mistermgermens.shop","tld":"shop"},"ip":{"addr":"173.0.146.171","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","date":"2025-09-01T21:32:01.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mistermgermens.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 09:24:46 GMT","end":"Sat, 29 Nov 2025 09:24:45 GMT"},"fingerprint":{"sha1":"21:73:18:AF:89:6E:73:41:FE:D4:32:BB:9E:F2:E7:B4:E5:84:D6:35","sha256":"3B:35:61:11:A3:E4:FF:A2:AA:3E:B7:82:58:5E:E6:9E:42:30:0D:33:AA:34:1D:3A:74:BE:80:70:5B:44:5A:3F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: mistermgermens.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C\r\nCookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjA9l6BadnCbbYMXXgFZhEDwxyZGfu5%2B2zxLp5XKcVpAjYTkrrM6yKvDnl5qkBPcNuBRwfdin8PX5AHF0ewd9h0wUrWyOzi8kes%2FgYZbM%2FWfLJe7ByNuABeWjfDzT72l%2F4KmjSBo2gGh3uqQC%2B9%2BwFe7x3U\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 01 Sep 2025 21:32:01 GMT\r\nContent-Type: application/octet-stream\r\nContent-Length: 1406\r\nLast-Modified: Mon, 01 Sep 2025 12:16:06 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"68b58e86-57e\"\r\nExpires: Tue, 02 Sep 2025 21:32:01 GMT\r\nCache-Control: max-age=86400\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1406,"size_decoded":0,"mime_type":"application/octet-stream","magic":"MS Windows icon resource - 1 icon, 16x16","md5":"011201ab56695ce86ea2f190bce2670b","sha1":"bb8fad6accf293e619360935047c23f00da3c769","sha256":"a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e","sha512":"56d53a1219e58ad045c96dc81d71c63c0cf5a9766add778d34895fdaa7fda8dead44161ec291f0ed3d10a405322b7973b56c6b211d68a8d82a8510b5b7c0456c","ssdeep":"","tlshash":"71210082bb20c02cc82c0b300802eba82388f00ac8e8330b30c80b8e0c0008c8ef8ae0","first_seen":"2023-04-05T07:23:52Z","last_seen":"2026-05-08T14:55:13.076144Z","times_seen":20356,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-01","alert":"Sinkholed","trigger":"mistermgermens.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"mistermgermens.shop/zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C","fqdn":"mistermgermens.shop","domain":"mistermgermens.shop","tld":"shop"},"ip":{"addr":"173.0.146.171","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-01T21:32:00.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"mistermgermens.shop","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 09:24:46 GMT","end":"Sat, 29 Nov 2025 09:24:45 GMT"},"fingerprint":{"sha1":"21:73:18:AF:89:6E:73:41:FE:D4:32:BB:9E:F2:E7:B4:E5:84:D6:35","sha256":"3B:35:61:11:A3:E4:FF:A2:AA:3E:B7:82:58:5E:E6:9E:42:30:0D:33:AA:34:1D:3A:74:BE:80:70:5B:44:5A:3F"}}},"request":{"raw":"GET /zmFEIofVJcOJ03I*m63rDdkolEgV618A7W2Bvondxe0WPt4LrTN517ZH6OM1TeoR_TAREl7U7D4y7MJ2tpgX0STmSBSUr1xDpg7sANZIcolUSVVcvF7op3BlXCmEdXtTeVJm1EhPfjc9vaSjxJUUWICaCHxsaq5OoTXzyvb3TOgBQHBrFmpR5Qg340mjmeSlhyBgsx1aZDImzj2sKIEjGcaG4b4RbRMBUrg6hIMA1OvkHn*FT6OtmUu*LdqYpN4tVInX4k2BhGVS_UywE1l6oWOSg8qCWEAqRgod_3cqDQHQ9ntslwDDLyGhDKUH9arDtbu6xCsP9W3B4Xxbu0dgZ9jbm*r0wCkspyiA2ba_2qGkJUTP3mNmka0MeMsCmDK*l9IUs9LKfP4V91Q7d2WFLUOM4JdcLVc0q76zIu8bgpN2hkRg7h3PH7Pdnlad6t*YgsFPHeYDidOxLVBsPKD1RfWoolcGEgELAszZ7sTE5gu86CR*kFT8qtpJDDdWke0aDGqUlUWTD3xOWSvt_7787SJa1uchIYGn6iVBpXmoEOm7R_1qvuhvFaZyQhQjx*ZI7_EhcRsornIivJKzShV1j7o76Y629kQg5F*M9Sc*ZBfC_cIOFx33Uv2XxUMx8sVm9zdHu5WSS7gNx1Mv_AVnESHwWChWaQ1d1PEFwyYFCKYJ0AK1BL2C HTTP/1.1\r\nHost: mistermgermens.shop\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Mon, 01 Sep 2025 21:32:01 GMT\r\nContent-Type: text/html;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nAccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\nSet-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Tue, 02-Sep-2025 21:32:01 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyM0KgkAUhuE5hxiIJPjA9l6BadnCbbYMXXgFZhEDwxyZGfu5%2B2zxLp5XKcVpAjYTkrrM6yKvDnl5qkBPcNuBRwfdin8PX5AHF0ewd9h0wUrWyOzi8kes%2FgYZbM%2FWfLJe7ByNuABeWjfDzT72l%2F4KmjSBo2gGh3uqQC%2B9%2BwFe7x3U; expires=Tue, 02-Sep-2025 21:32:01 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7437,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (1889), with CRLF, LF line terminators","md5":"56a5f14acfcc3f120f115915eeff3810","sha1":"35ba533f2eae73a41ae66e546372ffce1fb2b809","sha256":"cd5324b5f7858499e2300345ea370c186c3c7e3c1928b4a9ddd3a1e05f5953e6","sha512":"d505bdd3fc8cc1745ca7a124c5df735b6ac2f15e1b6caffa59be1f95f522e694dac9e9fb8f06f1632660ef715f6e2f44ff017e145447a07526590c61ba3a7344","ssdeep":"96:jlf8DtKM0enJpwx8jn12zJxsaG+75F1xiZcEHSB+kkpq2qu:jlfgbZw9xZNliZcCI+hNqu","tlshash":"60e1d93735a144241837885017a91ba8fb798023524ed5e53def96098f92ec567e3fcf","first_seen":"2025-09-01T21:32:24.830099Z","last_seen":"2025-09-01T21:32:24.830099Z","times_seen":1,"resource_available":false,"data":null}},"time_used":960,"timings":{"blocked":411,"dns":19,"connect":129,"send":0,"wait":138,"receive":0,"ssl":260},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-01","alert":"Sinkholed","trigger":"mistermgermens.shop","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}