{"report_id":"8409f8b7-0342-4819-b97c-5658b3d8b8d0","version":6,"status":"done","tags":[],"date":"2026-04-26T13:04:31Z","url":{"schema":"http","addr":"aurahacklab.org","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"aurahacklab.org/","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"title":"Aura Drainer: Crypto Drainer For 480+ Wallets.","dom":{"size":165,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"ce005e8bcf9ddb52ba5acbc257e4fcf9","sha1":"8389ea68f3176ff4424606f22ea023d06ac5d41c","sha256":"f8bdb98de6a5e92ff8515362c7e5194db98a82a7a19aa25d9f83785b7e4c9656","sha512":"3182cc3f48e3fcf44688727432faedb367b7c22b5f77c1ad8ef830a3d3cd30d49f89229d42ca5a6215dc9a50d16a486e095499740d071539191af547466b1f73","ssdeep":"","tlshash":"fcc08021fd300c1f78606a51cf85f4c484018c1ca4216c5574617184d8ec521d456548","dom_hash":"domhash1b838b182bbc8c7be786b9f3c16bbd25","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"aurahacklab.org","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-31T13:04:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-04-19T22:24:53.213297Z","alert_count":0,"request_count":1,"received_data":401564,"sent_data":438,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.google.no","ip":{"addr":"216.58.201.195","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2026-04-19T22:40:39.524002Z","alert_count":0,"request_count":1,"received_data":615,"sent_data":1727,"comment":"","tags":null,"fingerprints":null},{"fqdn":"aurahacklab.org","ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2026-02-15","domain_rank":0,"first_seen":"2026-04-26T13:04:33.507273Z","last_seen":"2026-04-26T13:04:33.507273Z","alert_count":97,"request_count":97,"received_data":4819357,"sent_data":45644,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.251.150.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-04-19T22:38:36.404513Z","alert_count":0,"request_count":4,"received_data":4862,"sent_data":4560,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"aurahacklab.org/","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"87b49341c3019d44771f7a62a209db12","sha1":"47d3e7eb1773eee6cc90015308807ecb49f0647a","sha256":"4557dd85bf745996ca1ae3b89925a99c83aa93038a6502711fae4f77132e3374","sha512":"f6a30ea3c7149a187ba42b748cb0a2b7c88abe812f8bb684895930d04990a016ddd6fc6d075a4cf542db50da9c3cb3b75396976569eefd26c06737f5353f52eb","ssdeep":"","tlshash":"d8c02bdc210f0cf141db2f214f1fb300f0063211acb01c3108012304e520d07eb8cc50","size":146,"data":"","first_seen":"2026-04-26T13:04:41.598775Z","last_seen":"2026-04-26T13:15:42.314762Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17934677356","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f9f8bce08cb34b77b0c41488082e7051","sha1":"c61ad5f95d7b4d679fd10a41377856fed025a79d","sha256":"fe47171a3895752d7bbbbf482a9a19e1a4a62653af7b4e92ead0ac9b6bfcb000","sha512":"be8c722cb36c837cd06e604acf416a4c11f2fd2c28810b0aa6c78a38bf922dca64c2e91a233869a4ad17010e234575e608285d2ebc74d5a48f2dc20738ec6a38","ssdeep":"6144:KiFze4lEHxdMOguHKyoHqDUZApASTbq86S1Geg:xz2xdMdyoH8Y","tlshash":"0d8419cdb3d674565393f478903f018ba27a78a2b84cc899f185c8e42e7469a4277f7c","size":400914,"data":"","first_seen":"2026-04-26T13:04:41.49924Z","last_seen":"2026-04-26T13:15:42.233083Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"576244c63a0aeb0592392dbb6966cf2b","sha1":"061ab17994e98d3c6fe0c9ac26a5b7934df29df9","sha256":"e14ca82664f48c8332c652aa64bd3f3d25aea43a792ee6b67834f80ca5554026","sha512":"dc0faf86e5d5b8c714b98b63ae8a375148577581a7059f5affac52dd5d9def679bc6fd1c94fc19d9d3351601f57eb8958bfe29b16b1eb639ea2995d0c09e8e22","ssdeep":"","tlshash":"5fa01244014400ab8085db189e040882833510cbe500238204000611524c5139d40f56","size":82,"data":"","first_seen":"2026-04-26T13:04:41.599916Z","last_seen":"2026-04-26T13:15:42.315401Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"456af3de89f9be7ab554c1512137dd92","sha1":"e1f32ed40140bc03241c7c5aac511da6dd58ff8d","sha256":"ab2f0f73a895e2563bc7ff15ffa4271d830da0094511faee48e76a20a1f8a2c3","sha512":"4ff12728c000e0f6cebf42535ae93462308e51d1548c14e73574c845dda7ec496d894d142278f6dd1bc7e6922e600cac8d4ad07e68224386840a4c224a085543","ssdeep":"","tlshash":"c131ccbaeb0c343786b961c48ed036e8692c51f7fd83ac6b3c08c44421c2a09aeb8551","size":1800,"data":"","first_seen":"2026-04-26T13:04:41.60113Z","last_seen":"2026-04-26T13:15:42.316064Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"aurahacklab.org/usdt-drainer-quark-1-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.121Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /usdt-drainer-quark-1-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2936\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2936,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ea28a30cf5e221c74794f2479ae4da7d","sha1":"bcd08bd36811267d2d3b4937b7d8f0c43e9720d2","sha256":"21916450d23d4895e1fb4d2842eae88d20e523d529eacedc0a729aa244c3c3d8","sha512":"2cf9619ed2ad413ea9ce19df684c4e7776b6c622d6649ea1664be43b0e464bfeb55e8f7cfcf34673eec8695c3e7529448ec6f6192a8f5d2aa56d0421fad5c32f","ssdeep":"","tlshash":"a0512a09614aea6746b6837817acb3812860ec04de317ab5373e8742c72a53ec4e4d97","first_seen":"2026-04-26T13:04:41.445181Z","last_seen":"2026-04-26T13:15:42.294972Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/jup-solana-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /jup-solana-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4794\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4794,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"71e724f30561e19dbb4036da2021b6d7","sha1":"400bf2c21d6524e3c3591588656a3cefb3f4f9af","sha256":"c4111f72ad316335c3e696fe9d8ffa5c34bdf8aefd3c3b17eb05eefb67ff15ae","sha512":"5260581128c23d70d8e252e7691a10df49c7e4aad73cce934f13a0ceed2962fe980e39e560672dd51c3859328aa234bc7f20bbcd8738356af6e253fcf1c7b815","ssdeep":"96:v+UFp1tXy9YkV7afojGzG7DsiMniu5hct25yxGb0kyqnZ7uceQCefXQE:vFtXyLS4wK0hRyxjWnZXeQFXQE","tlshash":"01a18e64c7fe94a17776dd7a7dcd63bb18e5aa78dd82e2101c790d80015b801415dcfb","first_seen":"2026-04-26T13:04:41.450098Z","last_seen":"2026-04-26T13:15:42.288631Z","times_seen":2,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/aml-kyc-wallet-verification-lander-quark.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /aml-kyc-wallet-verification-lander-quark.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 34298\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":34298,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x698, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2ddde3098057ef8b91e8b7300e97605f","sha1":"06f816811f0dad0062a10a27e5029f7f20ee3d52","sha256":"5c66cdee18d1b9de4ef362cc858ac7a4033762a7ef54626175518269145f7c3c","sha512":"5e2509face4d35dc425b4898384bf3a5f96848031e61a47fe144390336076b94bf1c9de9915bd635bf4024f0c2e40e894f74fb0bad555f3b63a0aacdf5d9ae01","ssdeep":"768:QQ//krVNlIBQeQNVQ/9RLR6xhqL/BZU0dDIC2AzfSBwl/hoO0:///kr3lWdYi/rLWh90dDIp43/hoz","tlshash":"84f2e17bcd3c1e84f2cf4828a88b607d5859dccad1b015e0a4341ac5e2da37670f9a97","first_seen":"2026-04-26T13:04:41.454076Z","last_seen":"2026-04-26T13:15:42.291087Z","times_seen":2,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/evm-drainer-quark-drainer-650x433.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /evm-drainer-quark-drainer-650x433.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 42500\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":42500,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d5e1e25de35d43125062b188a93dbe7d","sha1":"575722f73f128950daf9f784af0dc31b0d375065","sha256":"37c779541688c5e950f561665a6edd1387ad5c68212a093d51d8208a57d0823e","sha512":"4e69a51caa7fe1b9a797ba78e55afcd32691fafda956bfaa14d751c27e7b06ab9d4b5321c5fbd2d33eace7b01c01911d1b20c5870482119a8c927d51b64a92a8","ssdeep":"768:CBiUTgvcB96y6Zs2QPFmykKDqiU/pVsouenvnPguTeUB:k36q2Uox9rbv4uKO","tlshash":"ba13f2bcb3c926c84321275d3732766516f5f4b76e3007a280165bce20605f97dafa57","first_seen":"2026-04-26T13:04:41.457648Z","last_seen":"2026-04-26T13:15:42.286167Z","times_seen":2,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":51,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5a7duw.woff2","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5a7duw.woff2 HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/content__uploads__elementor__google-fonts__css__notosans-css-v3db4ff6b721e63e03b19c0b3644a29c5451235e6.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 35840\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":35840,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35840, version 1.0","md5":"00427f129772e9f049050a50407952d1","sha1":"0f9e19ecc1d89758fd59d187f35b5a73e499eb45","sha256":"086bfcad0e112af1c9ac0cdea1744dfb11dfdda61906ceee1b32439437096add","sha512":"26478f6744d0875901f6c20b13f4303abe0d579ac2ffe02b74a5cee4a6af48b23a6d611116fc5f1f1b9aa6ef8b083a992e80aa1675e3a211b5332c480050e90c","ssdeep":"768:haAL1lUUxZ+mIxfVJ5tYBU+ma5q71y9SWeGt7UMaVJc2PtupNFtpXjN:NLEkxyJjUUza6ygxGWMaV67/LjN","tlshash":"c3f2f15f368e8e17f4d8691c5a667d523e022dfc9e30c622504f5efd3939320946ceaa","first_seen":"2024-12-04T23:04:18.137977Z","last_seen":"2026-06-06T22:59:21.36292Z","times_seen":2071,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":54,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/frontend.min.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /frontend.min.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6584\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":54564,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (54564), with no line terminators","md5":"a286126314ec92d85cd0302320a9564c","sha1":"4ada0cc7c92f17e114641aa8cdabe934954658f0","sha256":"af678b3d541e064f18fca2e33b6ac896a88a902f71fa4c66b1c5fe2cdbbeeafc","sha512":"ee4f659fe14a3af6605f868dcd2cb3859f33789b7433bd2eb9e887049724aea41199bdce8fb0c3044751dc20971f59de7066597ec13e0fd23ed77fbb9e8a71f9","ssdeep":"384:5s4J/8DEksCoI+SBQYO22/RmRs5Cz9TQikvmGkvmCFldtraiIks05ArOk:wFLh5mP3RwlDdps05Xk","tlshash":"0a330da23d13b269226f442b82c7364c536495c1ee1375d9fa04c5239afece63b36c27","first_seen":"2025-12-12T23:30:14.932004Z","last_seen":"2026-06-07T12:26:08.919427Z","times_seen":16486,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/dai-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /dai-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3494\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3494,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fbef6bd0898cd5b8a807e79936f4b240","sha1":"6e43bbae5cb33c32eb851beeb2f4fa8bc2252655","sha256":"b1fd65524f13e242c07f4771e6c8d00153bd044aa76092f4f6d25d28b54b046d","sha512":"da63d8f2c388159af6108fa1afe02c500e9c457cc449794905bcd54ec7301cbe36595dd4e5f1321539464471b4bfc0750fa73578c3e674617990099b44e7e37c","ssdeep":"","tlshash":"77714c4c73d419e72d89e7d8866ab583ad5be3c4b1460cc857707efa467327d0930c96","first_seen":"2026-04-26T13:04:41.46133Z","last_seen":"2026-04-26T13:15:42.237427Z","times_seen":2,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/QuarkLab-Admin-Panel-1-1536x854.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /QuarkLab-Admin-Panel-1-1536x854.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 191874\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":191874,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bb2c934d131408fa7ae685a0efe1fb2f","sha1":"aa55d9adec205a4f2e807be34a72744016515103","sha256":"f2e4a376cbf664d6c5ae16c1c8f5ce0ca194e8e5490790dfba47c73f6edb7ec6","sha512":"8f9c34db92ebb3629087a376dd49eca21ef3b83f68e780e752c05c4de09f5e2477f32a8b70b6ccbe48add5323e480b26a707d284e5b0c8c553bc00b51378dc8e","ssdeep":"3072:EEAXzi6JqjgMrClAq6Y7MBoQteOdtQueL1UuPZiJm6tsJlNIGf5NxMQrVp4Kg2w/:ZAX+CqUMulA8MveOdtfeLSuRiGJlqGf0","tlshash":"7014127b80995139038f41b6a615b1d4c93a626c813b8fbec9f6e5aef065c782c345d3","first_seen":"2026-04-26T13:04:41.462794Z","last_seen":"2026-04-26T13:15:42.283302Z","times_seen":2,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/nft-drop-mint-lander-quark.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /nft-drop-mint-lander-quark.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 45798\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":45798,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x563, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a02a5e06bc4d5622c204685e66549615","sha1":"f549b556aac389471b5e8e50e31019dcd88cf697","sha256":"8a444c467438b52a050a6082050d6a3ed5a46ea7dfcd27bf66609c072a5d01e5","sha512":"c81839819e96df21d0dc21a1a0d8f6dbc5911104e75c6ce99441912e69508feab9dde809e08874d7ce7544dee18a58ac50e4001436d942e070a79b1e7fea0585","ssdeep":"768:4SXOsbvhqZalUKegd0xMnTlySquKL1UhjjcUE/aUjADsr5U5ex0csAuw6i+5mBkK:Nec6alUiznTgSqjL1U9k/bEYrRsZPiBl","tlshash":"8123023fb8eb2662c491fb2514656d8217fac125e09727ceca37bf9e8d536a115c3103","first_seen":"2026-04-26T13:04:41.46433Z","last_seen":"2026-04-26T13:15:42.301166Z","times_seen":2,"resource_available":false,"data":null}},"time_used":252,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/noise.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.458Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /noise.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/uicore-global.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 162028\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":162028,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9d3d8670e58850e56da8648ceb5f9cc3","sha1":"d2049bb13636135ff669c58357f3404c729641e1","sha256":"970d9a5ca87169fca64cc05a3511b0137f2f9c4640face30ef15fb29cfac0dff","sha512":"42e8979c56fbbf02672b5297324d0b72d3a312afc70971d993abb9dec830b49e71cdda5f2c9af79fa40f9aa38baf4940561e0032a02ccbf3079d680e59bedba6","ssdeep":"3072:91FWzYdOntGWEmcdnl6T9/7UJkr/sOpox8BiDiRTacd+xR1edoFr57+:3FFOntGRflW9okrox8B6Ud+T1OkF+","tlshash":"58f3235dac2efe075e9db189d3c8459acc239a636429470673c81bca27e27cd5257322","first_seen":"2023-05-27T05:25:14Z","last_seen":"2026-05-30T19:17:00.691721Z","times_seen":175,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/pagead/1p-conversion/17934677356/?random=1777208649743\u0026cv=11\u0026fst=1777208649743\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117227714~117266400~118131810~118463261\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Faurahacklab.org%2F\u0026rcb=15\u0026label=8V64CLPkzYAcEOzq9edC\u0026gtm_ee=1\u0026frm=0\u0026tiba=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=74191181.1777208650\u0026gcl_ctr=1~0~0~0\u0026data=event%3Dconversion\u0026gcp=1\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=8","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.150.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:37:36 GMT","end":"Mon, 22 Jun 2026 08:37:35 GMT"},"fingerprint":{"sha1":"08:79:9D:7F:DB:8C:0A:9F:3E:E2:C7:8A:F2:4D:E4:E2:5B:36:28:22","sha256":"07:42:F0:13:40:B6:A1:62:31:62:8E:96:2F:96:8C:7C:C0:5B:F0:8A:DB:0B:A6:E2:44:14:41:7D:B2:7C:B9:74"}}},"request":{"raw":"POST /pagead/1p-conversion/17934677356/?random=1777208649743\u0026cv=11\u0026fst=1777208649743\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117227714~117266400~118131810~118463261\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Faurahacklab.org%2F\u0026rcb=15\u0026label=8V64CLPkzYAcEOzq9edC\u0026gtm_ee=1\u0026frm=0\u0026tiba=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=74191181.1777208650\u0026gcl_ctr=1~0~0~0\u0026data=event%3Dconversion\u0026gcp=1\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=8 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aurahacklab.org/\r\nOrigin: https://aurahacklab.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 302 Found\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, must-revalidate\r\nlocation: https://www.google.com/pagead/1p-conversion/17934677356/?random=645957918\u0026cv=11\u0026fst=1777208649743\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117227714~117266400~118131810~118463261\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Faurahacklab.org%2F\u0026rcb=15\u0026label=8V64CLPkzYAcEOzq9edC\u0026gtm_ee=1\u0026frm=0\u0026tiba=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=74191181.1777208650\u0026gcl_ctr=1~0~0~0\u0026data=event%3Dconversion\u0026gcp=2\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=8\u0026ct_cookie_present=false\u0026crd=CLTesQII8t-xAgit4bECCKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCLTGsQIIk9qxAgjb3LECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgj02rECCJfUsQIIyduxAgix4bECCLPhsQIIpt2xAgiw3rECCIDbsQI\u0026cerd=CgEA\u0026fsk=ChEI8O-2zwYQq6Kw9Lep-82dARIsAG5O4mWP34JE5dfXwXu8lBV2Y7-IFQjV2P5EDrFuBE1jG5ekAmK0YTW86MsaArhp\u0026pscrd=IhMI8e2XksqLlAMV3af0Bx2EXQCEMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhhodHRwczovL2F1cmFoYWNrbGFiLm9yZy9CWENoRUk4Ty0yendZUTVjTFVfLUxaa3FxakFSSXRBRkF0eDkzd2ZpQ1NNbDMxZWlkRURQamZBZU1lUUxsQnhTRVQ3VHRXRnFJanJaMEZyVXFLVlhtWk0wdnd6DAgJYggIABAAGAAgAA\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":353,"timings":{"blocked":157,"dns":0,"connect":31,"send":0,"wait":39,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/style.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /style.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 173\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":313,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"25b1ccd5c5e91368b048bebac763494b","sha1":"7ba98a67680b5516dab208f93db4aae0f3bdc02a","sha256":"3897854ad3f65ee17cbc14bdd1ee449e63c2dd55508d0b313e4d376db650a7ee","sha512":"286bc5ea0487861b65f516a7c94d8097b92d3f8a343a1e10bf7aefea5236aa1fda7986ca664f812fc20f2e7d68e88cc8dea7c7836486aa7d4d2f3e12c1766dd8","ssdeep":"","tlshash":"d3e0cdd3d7456183f736431934ba773e673d33045adc19e9f44a176513506910978e80","first_seen":"2026-04-26T13:04:41.468888Z","last_seen":"2026-04-26T13:15:42.310404Z","times_seen":2,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/widget-spacer.min.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /widget-spacer.min.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 287\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1793,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1793), with no line terminators","md5":"c329a1f8486b82d9b9c7cb4d7060f346","sha1":"85b874b1c09c4f163738d439cacd53e6141f4f2b","sha256":"808a659eb4e85607c6efe022bff149c3076853c5570a322bd35e5e8cb9458904","sha512":"414974a35c9d401df85422ca92e886a3e0b57c6cd071023dd97d2987157fc9976d777d7b44c0c8d4a8caac81b0c1b862828bdaa67e5b05345894964a1dbe81a4","ssdeep":"","tlshash":"3731f650bd07662c787fa60f8413129c658494dee581ccc6dba1f60aa2fcde33336935","first_seen":"2025-04-08T12:29:44.439106Z","last_seen":"2026-06-07T08:19:38.672997Z","times_seen":32590,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/base-desktop.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.089Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /base-desktop.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 284\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1121,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1121), with no line terminators","md5":"a9b293285368ff1df10aca9be6c85635","sha1":"0a4664bad66f645ce904f3f87300469cbb6f3302","sha256":"7d3ef502269576e7a08600c7187b6094ea55a496d36ab4f74dcf26990cc4d01f","sha512":"f80d9e3b736cf8bdd0640b210f45ca02d65e52d54c92129e6ca2ade10747720a3ceeefda5927f810162b593969a0ac284f28405b81d1fde6ab52700c55976ede","ssdeep":"","tlshash":"84215730b503553a132fc44eac96b64f509582d373d673caf9616022e9ad5407fe7306","first_seen":"2026-04-26T13:04:41.471273Z","last_seen":"2026-04-26T13:15:42.297153Z","times_seen":2,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/content__cache__asset-cleanup__css__item__uicore-framework__assets__fonts__themify__themify-icons-css-v1c7cdf3bd0a8ffd92.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /content__cache__asset-cleanup__css__item__uicore-framework__assets__fonts__themify__themify-icons-css-v1c7cdf3bd0a8ffd92.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2861\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":17711,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6a9b52a1997623a56d81e15004ab84da","sha1":"7bdfd23160d66a315d50fcd4764bdac61d5885b2","sha256":"5e3835e28d5d814916e65bedd2d7f66b83573940950bfef8b24bd47b66d1ff67","sha512":"62c67a28c972e43539bd9e4ee395f573c0fb7f37a0ebbe23c91bfba05c477cc95508d7fb267fc33b22f028dd61993b3bae630480a4be966417e5c3625442808d","ssdeep":"192:0K1qE9WvDVHQj7a6kK8y+GBTg4g/XzC5BCv7/6N:LqXJw7NIGBTg/jf7U","tlshash":"5c82e2d89cfa18941311e191638bf235f30eb626d9492e6ee383ee7c5ed5a11c1d22dc","first_seen":"2026-04-26T13:04:41.472954Z","last_seen":"2026-04-26T13:15:42.293267Z","times_seen":2,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/quark-drainer-logo-header.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /quark-drainer-logo-header.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 10:18:11 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2092515\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2092515,"size_decoded":0,"mime_type":"image/webp","magic":"PNG image data, 1536 x 1024, 8-bit/color RGBA, non-interlaced","md5":"d61bb8571b0db4cd7ca6c04c84a39ac1","sha1":"4bc5006fcf1539ad8940253977db30270134b0ae","sha256":"ccf22cf6a57f87d172f7b96b8b6e0acc9c6db85455b6f90771dae52e4c3ac4f9","sha512":"600d00c250a792b31ce1857f47d129c64b3d68da7ac751fdc965feda5862c2c3c829b97de4554e9903ce5b10c695eb54b1b39c968b491d55a7df3f1d158371fa","ssdeep":"24576:+IihgDLmSsidlkkGMaoVhoZDt/iKsBus5gdgAAd0yUC4N:+D2Dq9igkSmkpiBuKAq3UDN","tlshash":"a5253358f8028e16df223df02af7371baa2832833bd49f8558718d46dba490f765b745","first_seen":"2026-04-26T13:04:41.47435Z","last_seen":"2026-04-26T13:15:42.287326Z","times_seen":2,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":470,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/tron-drainer2.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /tron-drainer2.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7420\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7420,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8d3d39614cc0ffe8ef10e43216b731f2","sha1":"ecc2641dd169f35775ab280ccb8ef192a55c2bad","sha256":"79fef1e19135fa7a061859c50abe0fcc628ecd12845edcba9efb1b52f715f522","sha512":"668c083df0243f826961cdad9e242fefa99cafa5b11c62c1f4f0a03d3aeb82acc53882a2f747f7cc26ce633f9609fe22e754120f1825e45016ec45d3decc0682","ssdeep":"192:IoM6YmyUb+EaclhI/t/B1ybcfP5l7knBeNbbBnV7/FppvVuDe:ZyUb+EVl2HXb3XptEe","tlshash":"7ce19f55f96c86e4c53b5250d6b704baafb9e01db9c7737b18cc5834b463a06c286271","first_seen":"2025-07-19T05:21:41.585838Z","last_seen":"2026-04-26T13:15:42.28811Z","times_seen":4,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/doge-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /doge-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4436\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4436,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a6f99313c4f06606644b019c81453a61","sha1":"8d7dcade2621acf988104855bfa7c2a9fa91e9b0","sha256":"8c8a7b6024d2ca5b24b830c6d5878edd0d131a60b383a11133a335984b4d9f8b","sha512":"37c43607476e41d03a227ff666d65f5f61052da2a341dc125362b1e8ade5dcfbb2d878d9b4bd8384267757c1ece5ad80edc62b5f2ce6fa4a71fc52bd233aa51a","ssdeep":"96:eDuyu18hswPObYg/0YmySJ0901jwmYn+19bVn3AhXFj:628hsw2F/0Ymy6WyjC+lkx","tlshash":"92918e08e2c99215e50897b36baf5adaffdfc9610d434fdd501d376eb4e40138a02b68","first_seen":"2026-04-26T13:04:41.478009Z","last_seen":"2026-04-26T13:15:42.23376Z","times_seen":2,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/optimism-op-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /optimism-op-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3840\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3840,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d5d5f3e255ce99149776be7e0b1094f1","sha1":"de50e333df068af49eccb7eb7a5bf1674baf8fe5","sha256":"fe6c474d27f27b8ee8eccf255321d227240ccd52532805f99a99c7d8b8f5affc","sha512":"5bad6059d7e885850f0bcf74840232b2b1707e3175e338da8849a5cb6eb034006321555629644bf1f45444bc2db0f35fbaa39bfbf827728882b270d04e0ed295","ssdeep":"","tlshash":"b1817d0972842451ecba5e6cb317af703555e0e2e0f07158cf246a40b5352977fc4eb8","first_seen":"2026-04-26T13:04:41.48106Z","last_seen":"2026-04-26T13:15:42.31417Z","times_seen":2,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/content__uploads__elementor__google-fonts__css__chakrapetch-css-v0b5b798be663cc04f564a4bd715c706786b09ed9.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /content__uploads__elementor__google-fonts__css__chakrapetch-css-v0b5b798be663cc04f564a4bd715c706786b09ed9.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 722\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":13864,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (384)","md5":"2a2f1dc94eb15bf42ca207f87fc9a1d2","sha1":"422d33c3f10869678e9aeaf5ccd6908bb1dfc6b4","sha256":"97adc7eab3f414b8e3e131b1ae3020814457a9bc70cd2494c548165526dd6c0a","sha512":"bec642669cccea989c1321b22d45093fce0069eed5236da6481dc238ba071575f379178d1beda79730ea9b6aa9094a251f240a377f9c288933aead4bb6c2f185","ssdeep":"96:jP1BJc+uja1FJc+uW719Jc+uH31hJc+u/O13Jc+u7CV1+Jc+uXL1EJc+uVX1+Jc6:hxRt31wRZjYuuQAKu92GaC","tlshash":"a052cd70342e5244d9934dd222ce3f3375a9a020a5651a30bbfd499dddebc7363a5f28","first_seen":"2026-04-26T13:04:41.482973Z","last_seen":"2026-04-26T13:15:42.29277Z","times_seen":2,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/usdc-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /usdc-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4728\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4728,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2467ac00bbe5add3a5aad0707b36a530","sha1":"c258bc6cbf74b78f26a38905f0f50d351b4c389e","sha256":"205264d921282f55020dc513bc5d854c7fc3d9463feb9e586e0ea8e30db03903","sha512":"f272a1a1e61dea992df508d1cccaca526657934021336b1e16b14bd16096129066902cb14f70497f94c44a9ffc1c5a4f4890c56a92f24cf412c08141676c66d5","ssdeep":"96:ZWILUzLZ09gFFBLMw8KRGvTvs/lnHWEfEc9xkVMiBvkVAAzmsDkXksKNx:ZOvZ08LgKRGviln2EnaV/LAzmsDKANx","tlshash":"bfa18da450ce1d2c874a08d964ca8521ebc5c979ce479cf01c0b3653742efb097e4a6f","first_seen":"2026-04-26T13:04:41.484291Z","last_seen":"2026-04-26T13:15:42.24245Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/shib-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /shib-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7606\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7606,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cb4bd85d3e19d36dad7c8e86cd0f9d78","sha1":"b8835e8335d65555aa49ff4c81722cca081bd129","sha256":"d8ed19a792d15477404147d809f716ae17b17d2e62b20950f4fab96febe65a93","sha512":"84fb379d2611a89e0576755a4278d257861a841c69e2a8f60f0de219f8da29035a571fce036d18d566285f9b7f8f1c96848dad755475686a7f322cd38fbd48a0","ssdeep":"96:GDhj56/5v8Gw8huGtmgRL7c1YWDCxqv2FY6Xzp31OfIStGZkFKzXdIM+HVwBm9ai:6YIGvWDCzF1t3etGZkFK7ydHImxD","tlshash":"e3f1b022811fc319aff1bd6cbba53a9a49cf23d08d15e5068744eb6180af16a85bc649","first_seen":"2026-04-26T13:04:41.486227Z","last_seen":"2026-04-26T13:15:42.257228Z","times_seen":2,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/phantom-solana-wallet-drainer-quark.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /phantom-solana-wallet-drainer-quark.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 882\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":882,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 128x128, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"44dcae97b990dea2c2cbc7e4c3bed235","sha1":"4ed8e55e4af3a4cdd40d7f6efd47f313d6507e7b","sha256":"2ea3ff3a0716a2ebf9efb01c052c8456c57e9f4fe1cb386c6f3cc98160464bc1","sha512":"69bb3912c228ccd37711b201f7def3894799d46f9cee691643cad984c87da7fa3b2c27c2ccebb2eea3459bfc1bce566020dfb75805fd1ce937f255eb89891996","ssdeep":"","tlshash":"6e1163e9ee705d23c488e9975b2da83260ce6d129f2caa5200b654ec1cb5ea02d4a498","first_seen":"2026-04-26T13:04:41.48787Z","last_seen":"2026-04-26T13:15:42.227474Z","times_seen":2,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/quarklab-drainer.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /quarklab-drainer.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 80532\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":80532,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"94f0704978c0947efacd2bc734b60de0","sha1":"794734e4c8ef0afd109be23172b7643e64bc6c17","sha256":"f3b4aecd8ec0cba58d579bcefa5286cb14268f41c4213139dc75a672a04d64a2","sha512":"4b9bf1d76e3a53da3cc9469b08ce77b37ca97874558368c0dd073cf009c6a1ede67ae69383f9c3b134141039c3afb016eee0e61c3df05d3b59c95c9abc6af47f","ssdeep":"1536:XQoVqNVfI1Ga21CAd6BG8nFweOxzjfnePnm3FDgOYSU4UT:dVqbI1Gf8m2nSeOxzrn8m1DSSU4UT","tlshash":"b373128126b7f063589835ee2240f5f5a5b848e7a674c6b38cdcd8ac597cc7344f2a53","first_seen":"2026-04-26T13:04:41.489851Z","last_seen":"2026-04-26T13:15:42.300574Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/aura-network-points-claim-lander-quark.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /aura-network-points-claim-lander-quark.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 29194\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":29194,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x642, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e94743b15369fa4193eafce80f016487","sha1":"f384c6891283c77f685a71e28a2cd0a7abe40d46","sha256":"22e947bd8ca0c9d06a48b027f3888d74c8f8cb722230d5e5ca027244294ea7fb","sha512":"2a4c4176eb347bd0d5e5b0e924495f10c6cf54c0a8b06d423a0521bb991d55b11729f27a501347eeb7a5ff285a98a5ec192908838208adb64bd34759ff2cdc29","ssdeep":"768:O1lAjL2/UxWEmnnALQFku9GBEm6GIrUPI:/X2MAeLfDEmSuI","tlshash":"85d2f179964650e1ffbfad5624d84fcb143516fd082bf62e4014ae62dc2d2c1f056db0","first_seen":"2026-04-26T13:04:41.491445Z","last_seen":"2026-04-26T13:15:42.282247Z","times_seen":2,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/post-grid.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /post-grid.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 46\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":46,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"ba60b6340bbfec27bfacf542ba9aed64","sha1":"aab98945f328f3086777c39f1d83f4d53377608f","sha256":"df7d9427dee342cca727e6aa4a1e7b54487c1fefa2a07872d690c5880e474672","sha512":"4ae38cccdf1a750ab1a31a2e703da6d3043bbca51e61fc94548b8b8d7ca1d5daf66db853daf9c70e06df5185842d86b93e2aca9a996b63122bf9aca8f7301f7d","ssdeep":"","tlshash":"879004307c0171151d0501151043145d1f4410cff7c145c01c7034d541d47d11130017","first_seen":"2025-03-18T10:38:54.661204Z","last_seen":"2026-06-06T22:52:04.453432Z","times_seen":31,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/widget-heading.min.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /widget-heading.min.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 126\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":560,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (560), with no line terminators","md5":"c3be9e612baf8fc4af612de8af4c0864","sha1":"f6b1366e30a459deefca035c5563f1c929c8ed10","sha256":"f68e889145cb0e47b7b190b2fdf087a9213a264ad33951512880c9f8bb6d0cd8","sha512":"aee455fe10d8126deb4d1015b6b4450ace4851e5b32890505af619f7863469c56b788b5d822849986759aa85efde260da77ed12bbb236ce2bf6629bf6759f4ca","ssdeep":"","tlshash":"f2f0c0237e4b94aa383f1d571083337c74944ec893a0a8d8e9fa91435cf4cb27330622","first_seen":"2023-10-14T23:00:09Z","last_seen":"2026-06-07T08:19:38.660936Z","times_seen":99057,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17934677356","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.8","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"7B:71:3D:9A:FE:85:53:DF:44:BB:90:D6:C4:82:1E:58:A2:A4:4B:F0","sha256":"CA:E9:C5:B9:FA:2B:F0:20:19:FF:0A:2C:CB:22:9F:C6:8B:41:0E:09:94:8E:E6:48:22:CA:02:F6:BA:10:B7:A3"}}},"request":{"raw":"GET /gtag/js?id=AW-17934677356 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nexpires: Sun, 26 Apr 2026 13:04:09 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sun, 26 Apr 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 138191\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":400914,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5929)","md5":"f9f8bce08cb34b77b0c41488082e7051","sha1":"c61ad5f95d7b4d679fd10a41377856fed025a79d","sha256":"fe47171a3895752d7bbbbf482a9a19e1a4a62653af7b4e92ead0ac9b6bfcb000","sha512":"be8c722cb36c837cd06e604acf416a4c11f2fd2c28810b0aa6c78a38bf922dca64c2e91a233869a4ad17010e234575e608285d2ebc74d5a48f2dc20738ec6a38","ssdeep":"6144:KiFze4lEHxdMOguHKyoHqDUZApASTbq86S1Geg:xz2xdMdyoH8Y","tlshash":"0d8419cdb3d674565393f478903f018ba27a78a2b84cc899f185c8e42e7469a4277f7c","first_seen":"2026-04-26T13:04:41.49924Z","last_seen":"2026-04-26T13:15:42.233083Z","times_seen":2,"resource_available":true,"data":null}},"time_used":442,"timings":{"blocked":163,"dns":0,"connect":7,"send":0,"wait":32,"receive":26,"ssl":211},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/matic-polygon-drainer-quark-1-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.124Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /matic-polygon-drainer-quark-1-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3916\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3916,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1edc68c009de3fad33602719ec5cb097","sha1":"685d3a3f8f8022427621de8b60a1c1cc6cf078f4","sha256":"545981f794de97bea72ba583e087e591279934e4b738371c82107ab67946ec00","sha512":"a08d3aaa340e6bfa94133fed296ea84cc23f1662517670a4cbfe8b7dccf38943a1ecf7e3beb89408d348254dd061cf85955fffe5836c8a9af75f12c526e93dd5","ssdeep":"","tlshash":"ea818d064266366fbcacb9e908c7824b867c8e28c1478972f7f85f9d028a54f0e152b0","first_seen":"2026-04-26T13:04:41.501307Z","last_seen":"2026-04-26T13:15:42.278441Z","times_seen":2,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/tron-trx-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /tron-trx-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4330\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4330,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3bbd5128577d24d8fbd76bc282912277","sha1":"95b6b56f5523f36e0d1dded6d71f8c48d0b3fe7c","sha256":"06df842cff2bc9ac8b089fd47567a44fa4eaebe81ec460d45534756b18c773f1","sha512":"d172095d5eee171d0991f270819d7f32069b989ba36fbdd71a37f50b7a2982a485aab3b745ba469d04885d6c19560bb7187d544f193997e99e9a6ae54ac13f1d","ssdeep":"96:V8fyb+aLWLLZn4v8KnWP/KQBlMgpNNaPU8RVLuBwT:Voyb+NZ4v1nWP/KQfdp/2hf","tlshash":"7f917d0bd3bbc633a1497c5ac6600bb54830bf3ed9704ca466caf7e81278086d40ddd5","first_seen":"2026-04-26T13:04:41.502844Z","last_seen":"2026-04-26T13:15:42.243242Z","times_seen":2,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/cronos-cro-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.130Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /cronos-cro-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3754\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3754,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"165f68cb26d1edf8c0fb6e4fcd2b2682","sha1":"72604f95060db328a5b0a7e7cb2aa52311279ee8","sha256":"353c009700d2c478f7aa49626726009ef09d16d9b65380393bd899b623efae54","sha512":"27fab4f809bd3dde01722d6ee659ab912cc29217967f97b2f07918d4f412a66bba702eb116739c43d8d4c90a2229998fc62d251e360b200a232987fa9dddd080","ssdeep":"","tlshash":"6f714cb05c02750adc81c9595e16b3eaa36d8fea3cd6883fc94c503ca02ca61969b6d5","first_seen":"2026-04-26T13:04:41.504317Z","last_seen":"2026-04-26T13:15:42.282743Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/fantom-ftm-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /fantom-ftm-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4546\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4546,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7cfee240d727d4f78f53a61f3be3bdf6","sha1":"658bc3bf40eea98bc00eec62a882ee57a79ec936","sha256":"f38953f5c51ee76c2268bb7bf4a9ffca3a1a01501c6e164130c076307b3bd804","sha512":"3572c34d99956c736817935b248c99d18d87108b61667a496d0f5adee1281dae8e6a5497eb9cc6b3d22b70e0dfb69506160e6f751b5e37a483448e71a9a6f057","ssdeep":"96:TsNqcxsCkbKJSo1+yWgxv3CXjOFvMYH29VHlPJVEZyah+X5UqY/:TsQA14yfxKixMH6yN5UL","tlshash":"8a918df3a735a1d6c62d366e417a7ecba247832f587600abc20020b54839b9b2120dc8","first_seen":"2026-04-26T13:04:41.506989Z","last_seen":"2026-04-26T13:15:42.29976Z","times_seen":2,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/Rabby-Wallet-drainer.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /Rabby-Wallet-drainer.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2566\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2566,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 400x400, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"88fd49030e81bef155c2cfb113623a87","sha1":"66c9d93780d0f3f283414971c2055b0e942838a3","sha256":"3eb3a76da73017bdb5751eba18097f48bbd5d77c2b9448f8a81e6aece61bc6d2","sha512":"90aa5df21970be301577a074535720f4b94bb8fc5a4d033027a9f58a7223024bb4081571f9b0d6b99ddeb9968e359c6650cc5bcd8710debeed6d34a36e011838","ssdeep":"","tlshash":"a35109a906346121eb62b9f87ddc7c418748909c3c57c65c1c75ad2b16772252a4ddf4","first_seen":"2026-04-26T13:04:41.509257Z","last_seen":"2026-04-26T13:15:42.290176Z","times_seen":2,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/quarklab-wallet-connection.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /quarklab-wallet-connection.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 10948\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10948,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fd2f2f621d20661e0743cc6a4bcc1467","sha1":"52b7ce49c8a0f151e677fe96691bd8927708799d","sha256":"5d5263a9b84c7a27154713f79dbd14b0f7e4b5d2f9375b83e767275958ff9e22","sha512":"22c2aff35686a49b62effa791920f5b766c5560c46b8af281fee33628c10cc0a60a1f9b5f869ad6a53001e13b97e7d2e38b17d6e967447df668ec1f8a2fc94fe","ssdeep":"192:+9nm8N8FQJPNosDuOrnCh9IickCGqtRbouxLg57:4vY8la2nCwGkRboD","tlshash":"5c32a03459bb727e26d32dc6546dee19e3a8a151a38eed710432fe3cde62c1a0b3d500","first_seen":"2026-04-26T13:04:41.510532Z","last_seen":"2026-04-26T13:15:42.28484Z","times_seen":2,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/Telegram-wallet-drainer.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /Telegram-wallet-drainer.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2488\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2488,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 320x320, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"459a81ce49e7843c02299a4285ab97bc","sha1":"658f3ea93619d0bb5c9423935ee1a66fbfbc4c6c","sha256":"daa23b4b96320e0477c45e71cdc392a91827f46b6687523e7661f9e5257644ed","sha512":"0286db90298dcfe449f842d4fa504f052f4790e3046fbf16befbce8afaa705c567eb8eed5ae4131d415e0dcc63530599bf27b97f8e23e7fd72009823271abca5","ssdeep":"","tlshash":"16514ad6a040db2409a74e1d1afbb7a0fa2b58c5791a16e1283e7cbc5cf40625673732","first_seen":"2026-04-26T13:04:41.511744Z","last_seen":"2026-04-26T13:15:42.294322Z","times_seen":2,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/pepe-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /pepe-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3852\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3852,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"60e4565b9133dbf53f1e31bcce0c2b7b","sha1":"c77226bc7f842a316e213e93925f4dcf4da44201","sha256":"b615b2538ee8c6607e46835679f42121af2bf4c3cfd8f5bd0b4cd3d4536ec6d8","sha512":"096bd79f4ed3301b2a1a887c6e032b4e3b014c75fb100518abac3fe30a5ad48cca4f654dbe83370b5420ad0f8b9df2997e002b80b9e76508b67ffd4a186c7acb","ssdeep":"","tlshash":"ec816e8557620a3d3698df185cb32bd866126465fce7c273b9fc27c680bc01df160666","first_seen":"2026-04-26T13:04:41.513089Z","last_seen":"2026-04-26T13:15:42.289089Z","times_seen":2,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/Quarklab-dashboard-1536x860.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.165Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /Quarklab-dashboard-1536x860.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 84094\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":84094,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7adb4f1b38023b0619a6902bcffe84ef","sha1":"02101a4323fc3156d15727a82249632c3275b444","sha256":"74cacf630ea917f8bf9281aa0eecf00b522bb3b99881d9f340d846ce2288522c","sha512":"54882e51c8281f9f9728ecdd3a4d69f31d27f259ff2b4e8015b2a55b593ad695ee28aa55c8039c031d0e1f053230052029574c0d3eb911e7aaef47966668ae06","ssdeep":"1536:1+5t3teuWE5DouoIxgNtgaKveyYohDW5rd5tXelpz9Zzj:Y3teuLmNtgOsDWFdnaP/","tlshash":"0b8312f11b99598a0c0fdb1777ee39649032c91f82abdc297676adb73f109c6493e102","first_seen":"2026-04-26T13:04:41.51434Z","last_seen":"2026-04-26T13:15:42.307056Z","times_seen":2,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/cryptocom-quarklab-1536x656.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.173Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /cryptocom-quarklab-1536x656.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 31964\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":31964,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1536x656, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a72a238702efbd10632776bf7ed10f18","sha1":"f1857a7747c6fcb1b5bc235654255bf8150b5dc8","sha256":"631efbaee4c7e1b295dee2a52cb62b278235276e5d057ec2322b28b7527b3c0f","sha512":"05479fbe19325b66b721fbb44531bf76c2711554264c648eeee7fb0ae3145a2022a4a9f47a6854f56bb4a6ccdf7dfd449164750b7eafcc58390416478a1a3b03","ssdeep":"768:FURxb6zc1ENWo/pMzfcpGhjO9GoFUig13DN2vvBee:FulQcIW6ibcpqjOQniMDy","tlshash":"8be2df2a007dd096db014b782ac0db859e325181978be0e17c2b7df73b50e676fb5d4a","first_seen":"2026-04-26T13:04:41.515796Z","last_seen":"2026-04-26T13:15:42.22824Z","times_seen":2,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/a39ff433af093b9c3eee82bf3e5322955cab6f4e.svg","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /a39ff433af093b9c3eee82bf3e5322955cab6f4e.svg HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 64\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":64,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"5357f16a999a350ce50170553aad43e0","sha1":"a39ff433af093b9c3eee82bf3e5322955cab6f4e","sha256":"01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c","sha512":"e386d55540d717138e4bfd3865ce3b22b7a5b90ba38e43dfeda76dc76b9ea6e09e7b36fa184dd29fda20baef46486fff95b389668bb8450a226fb42401bf0e6d","ssdeep":"","tlshash":"afa002ee81df4e28b21a89247cb55d549e2b605050c403b9d9e60a25a2455913706568","first_seen":"2025-11-06T07:58:18.947521Z","last_seen":"2026-05-11T23:16:54.092091Z","times_seen":25,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/icon-box.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /icon-box.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1625\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":13371,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13371), with no line terminators","md5":"5ee2be7d087312b0b96ed7a2abc18355","sha1":"05576ba98ace5ae122f8647cf3ee8a50caeadffd","sha256":"21ec4c5fd2037e985d85d89d3b5b7f7e3133030721c45fd1b658be9b7dadcec8","sha512":"4f57ef777c83b8643dc23c1c4328d102aacf761c705b5257704e3bec73e7b5f1b74f6fbfcd668e32fc175001dd4b7094abe10d9eacb2c1e8faff1138affc013f","ssdeep":"192:gaZkQ458458k58GEENP3BSoIg+ia+KcGwb6Hd+6+tr69Lj9OWF:hIl/003BSoIg+ia+Kc/69fJ","tlshash":"fa528884fc4399e8331b54e74bd754fd7664a8c9ec619ea4bdb2af0300fa9e41322635","first_seen":"2025-11-20T01:51:51.728503Z","last_seen":"2026-05-15T10:50:56.174577Z","times_seen":19,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5ardu2ui.woff2","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5ardu2ui.woff2 HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/content__uploads__elementor__google-fonts__css__notosans-css-v3db4ff6b721e63e03b19c0b3644a29c5451235e6.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 20080\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":20080,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20080, version 1.0","md5":"9d065b00390eb4ec7a36438451b90885","sha1":"6da63da2a3400062f3ad4aa3b096d2a2e362e8d1","sha256":"6ab64433de6077ca5ad31b05420450ce986a616a4ea47b6ad16f3217055dafc3","sha512":"f06acaff61c50e1ba05a0d93e85a59fd5a0b7c5604ed947ef1cfd98ea8d63cbbc972e2c8ebc11c5a31ece50e1e736931343749413f5fc61160fdc185e1570ea5","ssdeep":"384:WbYV4tx3GwS6MxSaqz4mED7HI5Kv2kGMcuGYnyRyhmdmFCFg38:Yx34Tc9z4mEvAKvFdcuFFAOM","tlshash":"e592d1a8376a3435bb2849aca447f1633a15747eed8423ec0f67490993df15eca7a18c","first_seen":"2024-12-04T23:46:11.118135Z","last_seen":"2026-06-05T17:57:14.617772Z","times_seen":135,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/uicore-blog.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /uicore-blog.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 5167\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":33224,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (33220), with no line terminators","md5":"68f840fd46b00ef260e6d0883e847d31","sha1":"8e88fff05e8178c5a7d6b7cd027a5eb3eb173046","sha256":"960c46b2d65f1498a167a51de647d7a74b59dcee48a5169391971223eebbef30","sha512":"43c59c4a1518ef81f920f2226d105d3438ca6664012171b36f339b060578fec9eeab6d8d2161e4ffd238f7dd829110cbdf8754ade4f8f900afb999b7e4aaf768","ssdeep":"768:lmc4Op+1KSn45hHDITw97d0RDoQMxAU6QJKYpeIrhE:lmcfp+1KSnMhHDITw97yRDoQMxAU6QJC","tlshash":"01e20ed5f214685c8ba3115eb5c55ccf1b0cf10eae9e88eefe106ac110c6bfa05ea917","first_seen":"2026-04-26T13:04:41.520541Z","last_seen":"2026-04-26T13:15:42.251207Z","times_seen":2,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/arbitrum-arb-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /arbitrum-arb-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4222\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4222,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8069ec8f1147983ba5e175b7c217e6c1","sha1":"ce0314cbebce2fcef094245217e5051b3d266098","sha256":"9c5ea7a3e4c6b33d5e2d9bafa97536199b10f2558ab32ecbf97fb4e0d016064f","sha512":"f2c49b721fa25e5a924aa10c80ce84c41f9d8acb9399218f4edc7777bd231f8e739b3aa50a04b2506d79262dd0b0e8a4922492489a9ae958fa15cdaf1160298b","ssdeep":"96:yGzcYc5EwwAzPN9zu72Q+viLY4UPdcje2OCbbxZBOzuA3r:yGAYA559zu72BPGbbAH","tlshash":"b7917dcf08e58159751a9ee8f39e46401bddc0b120f75930935196536e3d216bf0ecfa","first_seen":"2026-04-26T13:04:41.521829Z","last_seen":"2026-04-26T13:15:42.310957Z","times_seen":2,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/icon-list.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.197Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /icon-list.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 533\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2342,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2342), with no line terminators","md5":"51523dca4515bc70fae22d263521a90a","sha1":"6b85ce7af04336b752466cbc2d95e63c4a111836","sha256":"1fee928c2d12421e6ffcd6462fad2bf5c28725a4c1f53ac405720f349af6ff6a","sha512":"e9b2cae2d34f042d8c43ff20e3e2cc2e1d9bb3f752caa766ea435d32cda3fa0c979aeb1bdc8d1805db53b5e377b9ca4f13f6ea2b01c7cf01fd6bf65026a76e2a","ssdeep":"","tlshash":"764144c0f853d5a47387808b05d228dd3a54e4ceeeb2cd90ed71af4340faae52b11139","first_seen":"2025-07-25T10:06:43.975645Z","last_seen":"2026-06-06T20:41:47.903364Z","times_seen":101,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/pagead/1p-conversion/17934677356/?random=645957918\u0026cv=11\u0026fst=1777208649743\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117227714~117266400~118131810~118463261\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Faurahacklab.org%2F\u0026rcb=15\u0026label=8V64CLPkzYAcEOzq9edC\u0026gtm_ee=1\u0026frm=0\u0026tiba=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=74191181.1777208650\u0026gcl_ctr=1~0~0~0\u0026data=event%3Dconversion\u0026gcp=2\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=8\u0026ct_cookie_present=false\u0026crd=CLTesQII8t-xAgit4bECCKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCLTGsQIIk9qxAgjb3LECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgj02rECCJfUsQIIyduxAgix4bECCLPhsQIIpt2xAgiw3rECCIDbsQI\u0026cerd=CgEA\u0026fsk=ChEI8O-2zwYQq6Kw9Lep-82dARIsAG5O4mWP34JE5dfXwXu8lBV2Y7-IFQjV2P5EDrFuBE1jG5ekAmK0YTW86MsaArhp\u0026pscrd=IhMI8e2XksqLlAMV3af0Bx2EXQCEMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhhodHRwczovL2F1cmFoYWNrbGFiLm9yZy9CWENoRUk4Ty0yendZUTVjTFVfLUxaa3FxakFSSXRBRkF0eDkzd2ZpQ1NNbDMxZWlkRURQamZBZU1lUUxsQnhTRVQ3VHRXRnFJanJaMEZyVXFLVlhtWk0wdnd6DAgJYggIABAAGAAgAA","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.150.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:37:36 GMT","end":"Mon, 22 Jun 2026 08:37:35 GMT"},"fingerprint":{"sha1":"08:79:9D:7F:DB:8C:0A:9F:3E:E2:C7:8A:F2:4D:E4:E2:5B:36:28:22","sha256":"07:42:F0:13:40:B6:A1:62:31:62:8E:96:2F:96:8C:7C:C0:5B:F0:8A:DB:0B:A6:E2:44:14:41:7D:B2:7C:B9:74"}}},"request":{"raw":"GET /pagead/1p-conversion/17934677356/?random=645957918\u0026cv=11\u0026fst=1777208649743\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117227714~117266400~118131810~118463261\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Faurahacklab.org%2F\u0026rcb=15\u0026label=8V64CLPkzYAcEOzq9edC\u0026gtm_ee=1\u0026frm=0\u0026tiba=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=74191181.1777208650\u0026gcl_ctr=1~0~0~0\u0026data=event%3Dconversion\u0026gcp=2\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=8\u0026ct_cookie_present=false\u0026crd=CLTesQII8t-xAgit4bECCKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCLTGsQIIk9qxAgjb3LECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgj02rECCJfUsQIIyduxAgix4bECCLPhsQIIpt2xAgiw3rECCIDbsQI\u0026cerd=CgEA\u0026fsk=ChEI8O-2zwYQq6Kw9Lep-82dARIsAG5O4mWP34JE5dfXwXu8lBV2Y7-IFQjV2P5EDrFuBE1jG5ekAmK0YTW86MsaArhp\u0026pscrd=IhMI8e2XksqLlAMV3af0Bx2EXQCEMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhhodHRwczovL2F1cmFoYWNrbGFiLm9yZy9CWENoRUk4Ty0yendZUTVjTFVfLUxaa3FxakFSSXRBRkF0eDkzd2ZpQ1NNbDMxZWlkRURQamZBZU1lUUxsQnhTRVQ3VHRXRnFJanJaMEZyVXFLVlhtWk0wdnd6DAgJYggIABAAGAAgAA HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aurahacklab.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 26 Apr 2026 13:04:10 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nlocation: https://www.google.no/pagead/1p-conversion/17934677356/?random=645957918\u0026cv=11\u0026fst=1777208649743\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117227714~117266400~118131810~118463261\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Faurahacklab.org%2F\u0026rcb=15\u0026label=8V64CLPkzYAcEOzq9edC\u0026gtm_ee=1\u0026frm=0\u0026tiba=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=74191181.1777208650\u0026gcl_ctr=1~0~0~0\u0026data=event%3Dconversion\u0026gcp=2\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=8\u0026ct_cookie_present=false\u0026crd=CLTesQII8t-xAgit4bECCKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCLTGsQIIk9qxAgjb3LECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgj02rECCJfUsQIIyduxAgix4bECCLPhsQIIpt2xAgiw3rECCIDbsQI\u0026cerd=CgEA\u0026fsk=ChEI8O-2zwYQq6Kw9Lep-82dARIsAG5O4mWP34JE5dfXwXu8lBV2Y7-IFQjV2P5EDrFuBE1jG5ekAmK0YTW86MsaArhp\u0026ipr=y\u0026pscrd=IhMI8e2XksqLlAMV3af0Bx2EXQCEMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhhodHRwczovL2F1cmFoYWNrbGFiLm9yZy9CWENoRUk4Ty0yendZUTVjTFVfLUxaa3FxakFSSXRBRkF0eDkzd2ZpQ1NNbDMxZWlkRURQamZBZU1lUUxsQnhTRVQ3VHRXRnFJanJaMEZyVXFLVlhtWk0wdnd6DAgJYggIABAAGAAgAA\r\ncontent-security-policy: script-src 'none'; object-src 'none'\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Faurahacklab.org%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=677018761.1777208650\u0026dt=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026auid=74191181.1777208650\u0026navt=n\u0026npa=1\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117266400~118463261\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-17934677356\u0026tid=AW-17934677356\u0026tft=1777208649760\u0026tfd=1219","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.150.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:10.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:35:08 GMT","end":"Mon, 22 Jun 2026 08:35:07 GMT"},"fingerprint":{"sha1":"02:11:B2:1D:09:0D:9E:4E:5B:DC:0A:6C:D5:4B:C6:4A:5B:50:C8:26","sha256":"99:E1:4B:50:60:0E:C3:94:CB:2C:15:85:8E:68:FF:F1:9C:B7:0C:9E:E0:8C:B7:29:52:18:12:81:67:C4:38:23"}}},"request":{"raw":"GET /ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Faurahacklab.org%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=677018761.1777208650\u0026dt=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026auid=74191181.1777208650\u0026navt=n\u0026npa=1\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117266400~118463261\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-17934677356\u0026tid=AW-17934677356\u0026tft=1777208649760\u0026tfd=1219 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sun, 26 Apr 2026 13:04:10 GMT\r\ncontent-type: text/plain\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-26T13:04:08.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sun, 19 Apr 2026 07:50:21 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 26951\r\ndate: Sun, 26 Apr 2026 13:04:08 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}],"data":{"size":232504,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (3550), with CRLF line terminators","md5":"bb80aca8e14f975ba9657982abb5bb8a","sha1":"b17b097d0cc9456787ea37c774f29512b122ae01","sha256":"0b5e7795c6a43b8666ea1d4ce903c1158bb8077f30aa6e2aff029d84c270c892","sha512":"b99d7699c4fa1dfee482a18f8f9d3e0172037fd1a1f3dcd021c37b40696de6f2b2c0b6b3f76e345d8f86fa885dda0c0dc85936e372479e11e562dadbc1e53173","ssdeep":"6144:hkRoAy0tdjchTNTUCOzjWBOIinWVSrgTa+:n","tlshash":"14349551b5a7603a313f61cfc1221f5cd983efb6d6926ae571bc0266d3f6c503a831a8","first_seen":"2026-04-26T13:04:41.524727Z","last_seen":"2026-04-26T13:15:42.309315Z","times_seen":2,"resource_available":true,"data":null}},"time_used":449,"timings":{"blocked":187,"dns":113,"connect":34,"send":0,"wait":73,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/content__uploads__elementor__google-fonts__css__notosans-css-v3db4ff6b721e63e03b19c0b3644a29c5451235e6.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.097Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /content__uploads__elementor__google-fonts__css__notosans-css-v3db4ff6b721e63e03b19c0b3644a29c5451235e6.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1032\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":47538,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (405)","md5":"06b7f1aae4491247fcde348c50e7c05d","sha1":"272bba800e53d9b10923dce60a5666582dfaf9aa","sha256":"7344519bce72f15138dac2efd88a3e73cd5114458fda06e584f03b874255d113","sha512":"9ce3ea7d99a3f51bc976d3ac89c9eb6b48357c0180a47983fa373826007448b8e6a58e44d23636395d1f5a5805c57e059717362799e427856e3822cb97faa9c3","ssdeep":"384:nCc0qiYASqsU6aeTIB9sObb2xC8AOemMKOqoGuOMSHja6vwQKS/gG:5","tlshash":"74237ba4502f9455a6638cd376ce3f137038e03460a95632abfd8569ade7cbb13b4b1c","first_seen":"2026-04-26T13:04:41.526031Z","last_seen":"2026-04-26T13:15:42.306072Z","times_seen":2,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/Web3-Marketplace-Supported-Image-3.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /Web3-Marketplace-Supported-Image-3.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1372\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1372,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9d686031e91930b763e945ebad0511d7","sha1":"9511f3ae45fd94caab2c29f5b6c605dba0e2ee38","sha256":"57e2d4fc0f99a3ed009e27579580a8576ca1ba86689d7f9dc02e1dc95717c30c","sha512":"a17cf9d51bcd3fc045b2c96ce962d939c45489e104a61721e2251ac65e7e849d4d48b43bf41be1f15539cbec4e66f8d0d121edd58443adbefe912c7a253dbe4b","ssdeep":"","tlshash":"9a21280a40f5101efb041b9bda21a0d2da1758f8300e3c9ea4d30138027ad9bb14a84e","first_seen":"2025-07-19T05:21:41.518092Z","last_seen":"2026-04-26T13:15:42.302159Z","times_seen":4,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/solana-sol-drainer-quark-1.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.106Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /solana-sol-drainer-quark-1.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4468\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4468,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"44d44fc9ac45b808839c3bcdbd6b5059","sha1":"866b0d90de88f58cec3a79a2870588563a0799c0","sha256":"942a5a29e49389daa415bf2310da85d5e83f03438f637d526d8891de4e2f7258","sha512":"7ed8a6a0deb63a051accc128f17a5e4eb13529e61b8e02b11615e0456d9ffe72e9fdd1ae2e7301f29b2e986a9c8dfd0d698041d9545221af7cab7c137a3a2164","ssdeep":"96:ibHcItNAL5l/wP12kiYWnMmr3sVte899WbS13EKEwG7aAX5pX:yHlAlW9zenDr3s7pia71LGX","tlshash":"04919f8fe5797c5aeb779493648305c5042bd4394175317ad73c8d2c15ca3cd6b25845","first_seen":"2026-04-26T13:04:41.529271Z","last_seen":"2026-04-26T13:15:42.23979Z","times_seen":2,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/solana-sol-drainer-quark-1-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /solana-sol-drainer-quark-1-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4300\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4300,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"025bde45786825de8892ce4ab49a034f","sha1":"f7039151834fc374630c4146e2ce41f4427a7593","sha256":"ca506906f6e6e7e5c70957b6fb2892b1044a922019b83c37a977625c678ee6e2","sha512":"6fe523640b2c5bb59f5e086b0469e41d3b5fe24593c844467deabbc0a451d6ba7d128f8e6fb93cf1e4c96d19aca654705e766dc345acfd730e0c4128f5385506","ssdeep":"96:PNsqESLHz7o/s2BMDuIu8mShiMA3W4/VDtD9NHLmvF1R5lLg76Car6I:PN+Kk02Ypl9k24/VDtJovFbY7Er6I","tlshash":"e5918e89da7099b9a50093900e3ed65b33dd77f80c16dec34690ea9b8d2b074b8e4274","first_seen":"2026-04-26T13:04:41.530863Z","last_seen":"2026-04-26T13:15:42.280251Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/uni-uniswap-drainer-quark-1-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /uni-uniswap-drainer-quark-1-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4286\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1fb9affd8fe19e26503833fce720d270","sha1":"698771d8ccd25061e55c84b9dcdd0b0089b394ae","sha256":"a271994af26ce4a689b52f4441286b85d5f908f9b40dc5d707a17502bbe566df","sha512":"26d4d0e0c15287957a1051fd607231cf27b77e120f1c5488a7b85f771ab466e432b0be050cd927deab301afb48c405f0137643a07ab59f43ce4178a9835b6934","ssdeep":"96:+edxDYb274Hx17b8bzlyoNTD/Fc4pI1hHiQP8vNYsC8caqgqSK4Hanu5+2n:1HDCjf7clRBc2+Fi2sNYwckaO+2n","tlshash":"7e919e2ac8a048ace1f84fb87a4e59effd4fdda3474e26bd4c4a1a3517b020041582e4","first_seen":"2026-04-26T13:04:41.532256Z","last_seen":"2026-04-26T13:15:42.30655Z","times_seen":2,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/Web3-Marketplace-Supported-Image-2.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /Web3-Marketplace-Supported-Image-2.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2168\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2168,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a4ad868c074d8f023f0897392fdbd95f","sha1":"886e92231648a2332ee14b424a5102c4f76d5573","sha256":"2cbbd155104a0e9b994ab1a47f9683dd69efbf6147fae9e1b3585cbb01df59c1","sha512":"e62dff50a2111bb5d1830dfde4c539379ddcd709ad0ef014554fb95a63b36dab112744f8c88ce1fef612a62f3da458f1dc21517ab5fc54f4acfbc22f55819b01","ssdeep":"","tlshash":"b2410a50b1cfc538e112adbe94921322c245687ac31d7f6567c5f6eb0a50b172277394","first_seen":"2026-04-26T13:04:41.533891Z","last_seen":"2026-04-26T13:15:42.289578Z","times_seen":2,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/trust-wallet-security-update-lander-quark.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /trust-wallet-security-update-lander-quark.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 48622\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48622,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x726, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b19da8497354a4e89a00dc50bc5a3d27","sha1":"8d5b2e3ba6deee06802343a3196a504b28ee3fe2","sha256":"25510f90d8e2628b4f82f3b41022b220470fdf3c84078bcda68b0776d06dd140","sha512":"d27d6dd3234b6a8b58d87185a0eaa9709eb53da620cd36747aefc013c9be9e3781d22575e30e845df7e0d1bec7b249f90adb5208bd02792d59d9c3d24f4c3bc3","ssdeep":"768:j3VoLLeDaDVFx9k5kX0EpMrVtuHZUX4hDYafiIG8ygECKP3HZ1bBcfBTBZ7d7XE:jlueD+Vk5lV4yariIhtEzfZFkb","tlshash":"6623e10b3d43bd62e49b5372d0580a4c811ab3122c493fe7bc7d9b997d65e04164e9be","first_seen":"2026-04-26T13:04:41.53568Z","last_seen":"2026-04-26T13:15:42.243869Z","times_seen":2,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/post-243.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /post-243.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:29:21 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 15114\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":260327,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1e226bad1a84ee0d04e9cf3986d38f24","sha1":"2b43e99e86abc2947c744c2237f5412da3492d9c","sha256":"63b821bbcd7a77e04243db8fa099eaf17680e54a555b1d51f8a637ce71fbad1e","sha512":"b0d53309959b5ee95db115f2812fc58ae8e5c4c59f7f48d93065d691a6d9b9fc1199cb5266e7bacb66c67842acf9d54a246083318bc38a5b63aa37c7f92062f5","ssdeep":"6144:tAkbJYa4K1r+WbBuaboRdKPGCCyeqSymWCiOuya+CGu6+ymWHX7xOUDdnJpJHTp9:U","tlshash":"cf4428a27d0340197a2f665b9143a5cd71201ccaeabe3bc7e8a09053f4bedb537d0979","first_seen":"2026-04-26T13:04:41.537446Z","last_seen":"2026-04-26T13:15:42.292015Z","times_seen":2,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/quarkdrainer-modal13.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /quarkdrainer-modal13.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 18534\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":18534,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ba199c41ada5d51250e637094fdf2498","sha1":"c78531a419c3ad69fa5ef5e2fa2fe7d1898374a4","sha256":"b379fbd159c860a5cd72816624d3402f49bb3a1a41cceea469793aed4db8c378","sha512":"0f7a3027accd83300f6a7f69da6f6d52e7b4efa83774dda212a125ce9495847defa77681936634c0b7b949a9408a8c33ff78ce3a1c20fa9674935a963ff35a4b","ssdeep":"384:YLGtUnrUuAX9/LKD3EtXU+CvclTE/5/KcGRyQTSOvcSJ06GfSKnYJoD/Oje:YnnrgtjKzEtXucMCcGOOvcSCf1nY0Oy","tlshash":"5182bf3b75fab3191b6ae2b5f2027e66b6144cc43cfb6b8b206010b99e55c0d153b4f6","first_seen":"2026-04-26T13:04:41.539212Z","last_seen":"2026-04-26T13:15:42.313028Z","times_seen":2,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":197,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/ton-drainer-quark-1.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /ton-drainer-quark-1.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1170\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1170,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"63dc9bed0b60d9e8742ac02fd3aeb459","sha1":"b58ab9c459defc2a9b5cd995ab5033ad6d9c218b","sha256":"6e4d61d158650a9028f70473848eb2a15d81607ec21c14cc2de6a2d1c4a0ba8c","sha512":"1893ac127586678628455142a5d8868f11b1e7117e34f33f2ee63f5d92c621601e66b1b93509a4a52cd03941a93f72b3b50221d7c264304a9b333f5cef5857ac","ssdeep":"","tlshash":"9b210a150587130dff0e90012a837265e41c0d46a6c21cb7b2ac5a050be770977e87cd","first_seen":"2026-04-26T13:04:41.541056Z","last_seen":"2026-04-26T13:15:42.298728Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/post-3118.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /post-3118.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 869\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":8877,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8877), with no line terminators","md5":"9b3b886d19ec5e6b14f09090c9cc57bf","sha1":"6ab82d5a168808dab3bec47bf0f44006de5ebee1","sha256":"343509dc5ddd55795de9fb623d8d421fe691b0df85147945ac3e8f563072edac","sha512":"bf3e24cdd5f1ab4712825b09dbed35a83882e104714b50c8ce8e3d3c490aa8aac799672ab8744c0993f449ca80913b1666f57130b5fff0a7a9c113f20394245c","ssdeep":"192:5hu5DO8XOudHIlUNOx/OW/Lhu7u/BgANuwfu6:9gM","tlshash":"2102e2983c534458b67f665f00536a8c255e8ccfe4797de2f6220267f0bae853bf09a4","first_seen":"2026-04-26T13:04:41.542636Z","last_seen":"2026-04-26T13:15:42.260025Z","times_seen":2,"resource_available":false,"data":null}},"time_used":247,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/animated-background.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /animated-background.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 660\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3968,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3968), with no line terminators","md5":"3f7680c877c7972a45dc315df6e5d4c3","sha1":"a5f53f2f644445a3d8d5bd0a95626d163e350c29","sha256":"2e6ae6599437ccf07e004fdf9f7a32ec6b31f8160dd1a138a33ed9630ccfe467","sha512":"a263919b7cc321f48d0d05379723b98de6e780c11c1e3c365f39f44f0f3acb2737259bd358b6cb94ad16ae252f8af85f836bb708d78b64c494136ca08c298cc7","ssdeep":"","tlshash":"2081332488d7e405fe73d3a5b254129ca8399d64fa3312bed0bb75dd53472e90226cf2","first_seen":"2025-12-10T03:43:41.328395Z","last_seen":"2026-05-07T15:12:04.49862Z","times_seen":26,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/sketch.svg","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /sketch.svg HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/post-243.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 17 Jan 2026 09:19:29 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 535\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1010,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b5d6089d28397b2545b2eb5cd2464f9d","sha1":"9f7b2823b051dad2af421d8c00646069fdf3c673","sha256":"19d306e8190cdb758f58e8dcf267a93c57d3eae5b3a846b7a17075a77124a713","sha512":"87618ca2914735e54cdf957b99132c40bff7a450d2931498c3c7fbcdf3ddd5bea6c36e443c4a03fe436036ae00230627547c0138dbead9f42c39a44ff9e0b12f","ssdeep":"","tlshash":"811125b713a247de3ac90b8c5c32a5b1b986d46071a561e8cb152851edc8cf2106dd79","first_seen":"2025-07-08T12:37:42.828365Z","last_seen":"2026-06-05T01:53:24.206678Z","times_seen":99,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":47,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/Quarklab-dashboard.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.529Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /Quarklab-dashboard.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/post-243.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 104936\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":104936,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"66d1764426fda6ec3c0f414d171d4c07","sha1":"742b44d3603d8d10603a70a1fd251ee2d40a15a4","sha256":"047ba01f216ede9736df46127aba5e54b1c0bd47e0f0dcb642e3b5388fd167f0","sha512":"1478d05f522e36b33a552d43d948cfc3345376719d6543092e0502ae14e337f5cab97d9b670b4919c3d4e11ba56733bf738022a6bdd988ebc5cc4bffa93da632","ssdeep":"3072:Kq4JuR83k3BGeJ5KCRaGxHhpXbdCbCc0T:Kq4JuRUk3BGe++aG1hpbvT","tlshash":"e3a31225800fe3ad55c3ac9903a7cea84e5b6a71452e206dc4b34237d2939f8b6649cb","first_seen":"2026-04-26T13:04:41.547513Z","last_seen":"2026-04-26T13:15:42.308151Z","times_seen":2,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":41,"dns":0,"connect":0,"send":0,"wait":52,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5a7duw.woff2","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.530Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5a7duw.woff2 HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/content__uploads__elementor__google-fonts__css__notosans-css-v3db4ff6b721e63e03b19c0b3644a29c5451235e6.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 35840\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":35840,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35840, version 1.0","md5":"00427f129772e9f049050a50407952d1","sha1":"0f9e19ecc1d89758fd59d187f35b5a73e499eb45","sha256":"086bfcad0e112af1c9ac0cdea1744dfb11dfdda61906ceee1b32439437096add","sha512":"26478f6744d0875901f6c20b13f4303abe0d579ac2ffe02b74a5cee4a6af48b23a6d611116fc5f1f1b9aa6ef8b083a992e80aa1675e3a211b5332c480050e90c","ssdeep":"768:haAL1lUUxZ+mIxfVJ5tYBU+ma5q71y9SWeGt7UMaVJc2PtupNFtpXjN:NLEkxyJjUUza6ygxGWMaV67/LjN","tlshash":"c3f2f15f368e8e17f4d8691c5a667d523e022dfc9e30c622504f5efd3939320946ceaa","first_seen":"2024-12-04T23:04:18.137977Z","last_seen":"2026-06-06T22:59:21.36292Z","times_seen":2071,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":41,"dns":0,"connect":0,"send":0,"wait":53,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/content__uploads__element-pack__minified__css__ep-styles-css-v0fa0f34e54d92ef0c7f5918a4165e2387bd4faf3.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.065Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /content__uploads__element-pack__minified__css__ep-styles-css-v0fa0f34e54d92ef0c7f5918a4165e2387bd4faf3.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6464\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":43760,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (43760), with no line terminators","md5":"f4c7027437041f7b7023febf0ce0a23d","sha1":"79297056a412ff64cb19fd48efff537ea02c3472","sha256":"c308db18997bace6690f7797885cb35f9c7706c1ff6ae02ec7e752d118cb2e3f","sha512":"4a4136edc7bd5d632c3ef2c1e3d81f17b011bf0d6251eecfe08aaeb3468d00106fc8658a7e2d15836fa05da4a6c3e7abd30c6dd57c0731fcbab646510c951dd3","ssdeep":"384:VppMwe4XzdwONXnVIgrRmrp4UTW+kXcZjchuaQZYuWr6AFd/ZzyVdKc3JrPZ3N61:6I+kXVhuOyVdKc3JzxD4So/XwHq5T","tlshash":"e9132d50e90742a97732c246c38aa21d7574fc61fa832c4af58791198dff19e05cebbb","first_seen":"2026-04-26T13:04:41.549431Z","last_seen":"2026-04-26T13:15:42.231982Z","times_seen":2,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/ethereum-eth-drainer-quark-1-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /ethereum-eth-drainer-quark-1-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3438\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3438,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ec31156205381804e50d897b8fb182b4","sha1":"3c7a1ffa141162fcf77097b25757cd5bf29906da","sha256":"3d3c01994b5ed55fee1dedd328de5d3527f79823428b5d372b4e0820b48089bd","sha512":"a8952e0ec46638aca0c6d85b5f2c6924121584fad148f6d7a3af10d8bcc8e6fd4b0ae8f7bccf12c99fb5e6e2be5e186b8bae396e7275aef5aff078a85282b04b","ssdeep":"","tlshash":"5a617c70db6988f0f8b3587bfb25826b30208771ac6990f21ee03ed4c8e211790468f7","first_seen":"2026-04-26T13:04:41.55118Z","last_seen":"2026-04-26T13:15:42.313611Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/bnb-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.118Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /bnb-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4262\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4262,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"7c5aa9ccfbbe36af7c79b05d110c5e5a","sha1":"a6cc0a0dae5bf53dcb392c7b9d3c3d277597e0d9","sha256":"4d050bba1faf3f7227f58ba09759489359d1d50378b0e6a000dce52888fc97c5","sha512":"1cecac3f5dcd904192d4b36235bb3260c6f74f089eba1206713b822d6fc9a5c81b20623cf4483f22a0969bb597ccd085ffaa0096e1827f8da267ff0982dbc075","ssdeep":"96:grjdZ0Vy7Hjf++8vXpYclh9XItG9grifH/n9hnPapKCotgmn:grjU8+NpnhdJ9gri9FapG7","tlshash":"b5915daae7ad4106650d7c21893f4b3f4cd60d1b4bc5ebf095ccbc5c146a50b642fb46","first_seen":"2026-04-26T13:04:41.553102Z","last_seen":"2026-04-26T13:15:42.277761Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/quarklab-1.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /quarklab-1.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 55364\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":55364,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1125x1005, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"164a77c1048a419cee34cc99d2769601","sha1":"02df4b354cf964ea606300a5961fccbf8fb8b316","sha256":"cb002a4d67c3147641020cb91fa6d06b7284299a52733014728339ae9877c875","sha512":"3d3935a0bfadea2c487e353548cec71ba6a82fc12b8161af963e98fc9ac3b64ed57b580539e6c8f67111b75e312b99b312751f0fb753f9139fc8f79d6086670f","ssdeep":"1536:IJ+Tm1h/MLUYn4a5z6yRoY/4A5YwaMit6IYRe:IJAWMLPn4uznRRpOt6IYY","tlshash":"9c430224037a31faaf26e1535462120b61f7c496ab2e62058bd2c2dc9d74fbaa15cf1d","first_seen":"2026-04-26T13:04:41.554808Z","last_seen":"2026-04-26T13:15:42.285322Z","times_seen":2,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/solana-sol-drainer-quark-1-300x300.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /solana-sol-drainer-quark-1-300x300.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 9834\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":9834,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1625060f8b080f188362518f6a12b183","sha1":"d9add6edd3edfe3ce7a3bb5c94a15de71cf51c8f","sha256":"fd5713613dc7e535e2f6254bce4d9362aa687c3e4cc786bb398d7f7ef4e731a5","sha512":"81b0a713c738d5249ee1fb25dbbf1777d535d1b0e74851d83246f7e7c78f484f6eeba7986c91aee75d878d0540f29d5ba4a5a0a8cec046bcdf0658bdb0f53d7c","ssdeep":"192:vJg3hBxP9mMnM1X1Sf3MR3H4qrubHsk707qATcT7Lohsv+mdjZsXuo:vyNoMnMX1F3H4Eg7eqAQDwsvFoXh","tlshash":"4212c0d3d9a32d34e7934f813258d3a5bc0a1202dd54851567bf96daa3abfc463d041f","first_seen":"2026-04-26T13:04:41.557038Z","last_seen":"2026-04-26T13:15:42.280813Z","times_seen":2,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/highlighted-text.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /highlighted-text.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 431\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1493,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1493), with no line terminators","md5":"e57332b18312cfcd3ca58a07d22f697d","sha1":"119c97aff7a6dd22609eeec1be60501cb2e7e2a6","sha256":"d410ca74cc4474f70ab03603dcab96397335a8d9dabd12f0c69079cf34580773","sha512":"84fc1ca872775c43de584b10d23cdea838c2c321de1ffea49dcfa60cc5b8237bf114ecadc68592ef558487302caf0c4f89a82eb8dcb5ab827c336b3645fe38a2","ssdeep":"","tlshash":"3a313f01fb828968e82b45fb1a8a719e7e680ec7f794dab4d4bd130b2154c525337474","first_seen":"2025-10-25T03:08:18.445425Z","last_seen":"2026-06-06T22:52:04.446306Z","times_seen":132,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":245,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5a7duw.woff2","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5a7duw.woff2 HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/content__uploads__elementor__google-fonts__css__notosans-css-v3db4ff6b721e63e03b19c0b3644a29c5451235e6.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 35840\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":35840,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35840, version 1.0","md5":"00427f129772e9f049050a50407952d1","sha1":"0f9e19ecc1d89758fd59d187f35b5a73e499eb45","sha256":"086bfcad0e112af1c9ac0cdea1744dfb11dfdda61906ceee1b32439437096add","sha512":"26478f6744d0875901f6c20b13f4303abe0d579ac2ffe02b74a5cee4a6af48b23a6d611116fc5f1f1b9aa6ef8b083a992e80aa1675e3a211b5332c480050e90c","ssdeep":"768:haAL1lUUxZ+mIxfVJ5tYBU+ma5q71y9SWeGt7UMaVJc2PtupNFtpXjN:NLEkxyJjUUza6ygxGWMaV67/LjN","tlshash":"c3f2f15f368e8e17f4d8691c5a667d523e022dfc9e30c622504f5efd3939320946ceaa","first_seen":"2024-12-04T23:04:18.137977Z","last_seen":"2026-06-06T22:59:21.36292Z","times_seen":2071,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/ton-drainer-quark.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /ton-drainer-quark.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3874\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3874,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"947228ca6b5cea4c98641528c6196880","sha1":"a6188d9fd1b743fd9b4a124e3cc131bffb537989","sha256":"cb7fc82c2fe8cb82529a78f229b9a0f95a5abca078d93308ee505c79f49c95ea","sha512":"11903545f9edeaf8365e8f11c36e8d6912d25e12a76b75963165ad701209b57803cb16c25b8aee0c0413f6458682a3368bf577faedc306da2069738819c5166e","ssdeep":"","tlshash":"02814ae777bcd7eb09923d71e0a00c152aeb26eb41e0a7aa321594474b85ba64b30380","first_seen":"2026-04-26T13:04:41.559396Z","last_seen":"2026-04-26T13:15:42.312348Z","times_seen":2,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/Web3-Marketplace-Supported-Image-1.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /Web3-Marketplace-Supported-Image-1.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1788\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1788,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"280ade977abddf04420b1812a184d755","sha1":"9a5adf10b6ed5ab61008ad334ed91dec46ebde57","sha256":"6b3820654242d510fafb168923516d1b7e8c7d2ea175df295826d581352cebe8","sha512":"a8e2fa899ff8b5db87b270cbbfaf072857e3b8f4c22b21869e1523262553a6aa0518ff9faf42c969f1c0715e517a00d696e42f24543191340ce0ca9b90d804d1","ssdeep":"","tlshash":"fe312b49e6a3d388fc075f348e26352145673a0282e03d0b4dc0a5f694d5dd3ad21cb9","first_seen":"2025-07-19T05:21:41.58109Z","last_seen":"2026-04-26T13:15:42.245542Z","times_seen":4,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/evm-quark-drainer.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /evm-quark-drainer.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 23898\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":23898,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"a05abf2aa821dde2a4ab1336e4106e6a","sha1":"52dabe778f872b65154825c8b396f3c5d8568286","sha256":"31cfda8a71724fcf63c4b0118960807111624bec3dcfb909c9946fd89a4114b5","sha512":"7102554ef324dd17cdd22623d84d87221898476f0f2b7f146f132251569a3abc7572d3c523144d072eee5b95f0992c2678116ee8728b9ac736a77af6590754f0","ssdeep":"384:6evv+yjf87KIjvcgiJAqa2LC/0/61jXMGB5OqPE/WQnrwv+HggLv+2+l2MdVL9:6uGp77j3P/0/qjXMGPPRv+ZK2GZ","tlshash":"46b2d13d36bb98a361ea0c4f8487b471a791d1ec01e088d82b6a9e7e06d746df285725","first_seen":"2026-04-26T13:04:41.562454Z","last_seen":"2026-04-26T13:15:42.297695Z","times_seen":2,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/Cryptocurrency-Platform-Binance-Cryptocurrency_.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.159Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /Cryptocurrency-Platform-Binance-Cryptocurrency_.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1718\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1718,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"83ade3eba18c05a06b52d659adffe6f3","sha1":"3551e52581a1d9bf8e5daf5caf355f2538b9d228","sha256":"fe39b4e2ba8325941c761f37919ebc7d1b5adfa43845c52689f5cafca6c414b3","sha512":"b50a4668a5a54322684cb360b9c1d9d99482b3e0c70e9cde4401d5222e758f177ced8397dddcb135d0ecdefb9f3e434d1b9a82c6b19d9f7a423f5a9e41b9132a","ssdeep":"","tlshash":"70311abc44367dc4e20d0cfdd32492e97520b8544b9cf6884359b837ac036d171ab5bb","first_seen":"2026-04-26T13:04:41.56397Z","last_seen":"2026-04-26T13:15:42.238162Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":160,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/evm-drainer.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /evm-drainer.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 32768\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":32768,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3268b7df3fa01d1f083c2173f6618d8a","sha1":"1c8cdd624019fbad72c7b273cdb64f15ffbef667","sha256":"dfd772c1b5c04d967d333eb905e736bbd1ffeb91ebcf4024004e63644b74bea1","sha512":"46bae3be324ca530a36c6840c522017b87136b6932d2a061041637f1358fa916daf3dc15350e253b343ae0fcc1dc52362511efaf1ed4c0c96219567cd5624c58","ssdeep":"768:BZvWdQsLaDWUgtb9f5VvHanTucLDB0U1HHY4/WKrZ:BZSOIZfbyBL10IJt","tlshash":"99e2f1fd76ee858dc3411ad4b788aa71af40669ddd2ff221f1473b840778d8f2182662","first_seen":"2026-04-26T13:04:41.565199Z","last_seen":"2026-04-26T13:15:42.296155Z","times_seen":2,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/index_1.html","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html\r\nlast-modified: Sat, 17 Jan 2026 09:29:21 GMT\r\naccept-ranges: bytes\r\ncontent-length: 165\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":165,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"ce005e8bcf9ddb52ba5acbc257e4fcf9","sha1":"8389ea68f3176ff4424606f22ea023d06ac5d41c","sha256":"f8bdb98de6a5e92ff8515362c7e5194db98a82a7a19aa25d9f83785b7e4c9656","sha512":"3182cc3f48e3fcf44688727432faedb367b7c22b5f77c1ad8ef830a3d3cd30d49f89229d42ca5a6215dc9a50d16a486e095499740d071539191af547466b1f73","ssdeep":"","tlshash":"fcc08021fd300c1f78606a51cf85f4c484018c1ca4216c5574617184d8ec521d456548","first_seen":"2026-04-26T13:04:41.434261Z","last_seen":"2026-04-26T13:15:42.229609Z","times_seen":4,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/uicore-icons.woff2","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /uicore-icons.woff2 HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/uicore-global.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6600\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6600,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 6600, version 1.0","md5":"c7ea0bd7722bf1c5ea6ee1fb64ea1768","sha1":"6d1d53d4c0b196e67e258bb65b8abd94e0938b7d","sha256":"86ca79c6879848dae3564ae2934a52e0cd5375f51eee55e917555a9149269d1d","sha512":"439d53a12b34ac5e1a893d83eab2126bdcbe84e8d7e7ab103d0af901a79ebdae374233616bacf85d9099a44127c2b3b3d03110eae2fcc1476f49e6397739cbdb","ssdeep":"192:N8bM3sndytABvn4Cc/h+R6xwXewcDd+1n:X3sdyWBvncAkQJcx+1n","tlshash":"3cd1bfb7e212f1e9e2289672704458d28d07bef88744339e74785a794bb10dc14ec7e4","first_seen":"2025-08-03T23:42:20.35844Z","last_seen":"2026-06-05T18:37:19.751183Z","times_seen":222,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":40,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5a7duw.woff2","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /notosans-o-0bipqlx3qulc5a4pnb6ryti20_6n1iphjc5a7duw.woff2 HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/content__uploads__elementor__google-fonts__css__notosans-css-v3db4ff6b721e63e03b19c0b3644a29c5451235e6.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 35840\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":35840,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35840, version 1.0","md5":"00427f129772e9f049050a50407952d1","sha1":"0f9e19ecc1d89758fd59d187f35b5a73e499eb45","sha256":"086bfcad0e112af1c9ac0cdea1744dfb11dfdda61906ceee1b32439437096add","sha512":"26478f6744d0875901f6c20b13f4303abe0d579ac2ffe02b74a5cee4a6af48b23a6d611116fc5f1f1b9aa6ef8b083a992e80aa1675e3a211b5332c480050e90c","ssdeep":"768:haAL1lUUxZ+mIxfVJ5tYBU+ma5q71y9SWeGt7UMaVJc2PtupNFtpXjN:NLEkxyJjUUza6ygxGWMaV67/LjN","tlshash":"c3f2f15f368e8e17f4d8691c5a667d523e022dfc9e30c622504f5efd3939320946ceaa","first_seen":"2024-12-04T23:04:18.137977Z","last_seen":"2026-06-06T22:59:21.36292Z","times_seen":2071,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":38,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/ethereum-eth-drainer-quark-1-300x300.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.166Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /ethereum-eth-drainer-quark-1-300x300.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 6810\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":6810,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"193238e7ba1c595a3b7da1d08f827955","sha1":"c08e2b46c6485d2f29e30585757dfdbe3c586172","sha256":"2ae42d607a98b31ad60e1f4bcd8273ce00d86aa142524abdf9656ef3b9eddc32","sha512":"55fc97b6509a073a6909933c440fde9a5067da1bebf26c4c8e9333990947c365eb3b45f0e29afedfc42c529659e8d40a864393ff2eef181f58ec7c365c4a13e8","ssdeep":"192:414or7tFwUUEkiqPa8UfRLoJYMO5bxNu9qiIeD1:oFFwUvk5PaVLM3ORxNAqHM1","tlshash":"b2e1ae4139898214e4c1a1bfb88a7e5d45bb6f02cdfdde59b7230224d42c5a8d2e32de","first_seen":"2026-04-26T13:04:41.56813Z","last_seen":"2026-04-26T13:15:42.296605Z","times_seen":2,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/bonk-solana-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /bonk-solana-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4570\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4570,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9e4b3daa22794d7284c5e8ab22cf7968","sha1":"83f5a4300ab058aa7d91ee5cb69328b56f3da92c","sha256":"182d56eb0e226e2fbebeaf7140a4960881e5dd904b4227bf6765e0367e67344c","sha512":"0ec0c71f4b523933d478c02fee40413b588f87836e82ee23b991c358d345f2bbaa4da3d4d2b1c4c6d84698ddb381fa10cf4df1d13f726e3ef5f2aab7374ae98b","ssdeep":"96:3hzD6f0DXoS0K0ApLUT+JYKBbK8ZmUOog2sPACrOsAAmMlQzTl:ZO0DXoS01uUTSYKoIvg2aACep","tlshash":"63915ca05775e30ba354326067810fd45d4a7d12fc33269c7eee5ad2a32f12ad992f09","first_seen":"2026-04-26T13:04:41.569509Z","last_seen":"2026-04-26T13:15:42.252739Z","times_seen":2,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/gnosis-xdai-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.137Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /gnosis-xdai-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4388\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4388,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"639430361bb98a929e635a3b1d9f8884","sha1":"4a51c07fb54965d6b6c69fb1b7f8271a4eb5d1f4","sha256":"03369c9126a266956a5426977301c6933eff12f2f0f9494a5555386233d19203","sha512":"93bfdf42c199ad1cebf8a528dc87879dd0f210c1cd60555b5e5e257d4cb84e9316687a3ec6f8f308cedd23693af979f7954cf3cdde1945c47acec51db08ccad6","ssdeep":"96:sdwpfbizI+lwIZm75z2ZoqcYD2Zm48ZMLWWE/iGftwQyNEqB6Mu4:sCpzizI3IZmlaZoqcWj47LWlKGftwQy7","tlshash":"ed917edbf496d111454ddaf1e92722827b4134dd9f884c82b2b02be604676122bfedbc","first_seen":"2026-04-26T13:04:41.570928Z","last_seen":"2026-04-26T13:15:42.29567Z","times_seen":2,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/ton-drainer-quark-300x300-1.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /ton-drainer-quark-300x300-1.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7590\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7590,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"8540a281482399336f2494228f7c4830","sha1":"e6be2a57b143de77e98c42e4a7513d5fe0525c50","sha256":"0797728ec7a6c8ddb90a75816392beec2f55ca56cab88f27ea3a4a9863e46966","sha512":"2ff1e31d1ec57aa70940691bb0e1baea4250ff0fad8f8ddff072cba91518c989cd90e8a3849721a616c84076e4366e902e6b47e0fd9b1b8b99c73e88350ec513","ssdeep":"192:DJI5V/WT4sIeq0HMienXgdyTcFz+UXzbwRlXQ73A9H:DJI3WTRqkIuyQFzVCXQQH","tlshash":"29f19e6dbe0024810bec554258a83ee70e285c2eec4da69c0b6e86fa5e1a2d175c2394","first_seen":"2026-04-26T13:04:41.572292Z","last_seen":"2026-04-26T13:15:42.281739Z","times_seen":2,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/memecoin-drainer-solana-650x431.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /memecoin-drainer-solana-650x431.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 45040\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":45040,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f1360361ef61a7edd3434aa3e0e054e8","sha1":"1f81f03dd9d74f7dd735c46b5571de84da91b58e","sha256":"75698671ab806af2aadd73776b3b8d679735defa688b8229b59ab6a7646b4fce","sha512":"95b865c55f425d92115a195c801439d74d8b0e707542869551c357ad94bc46fc1dcdaf29ba909beed2778813a45f8503d82119741d3eb39ef2c905d0acd84c26","ssdeep":"768:1vR+geyzC+Y9q4ax0zfae+MdbEaqGcHkEzSe+TsES/b2XuS8xY:1vPHzCL9qwzie+eTEzSessEAb2","tlshash":"ec1301b5d573c4ac2dc88fd9da7b86c1b6d2ac3d26167daafa3173452022240e147a39","first_seen":"2026-04-26T13:04:41.573656Z","last_seen":"2026-04-26T13:15:42.244975Z","times_seen":2,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":49,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/buy-crypto-drainer-650x433.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /buy-crypto-drainer-650x433.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 45290\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":45290,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d8638f94666d44f434d4dbb1199a2235","sha1":"f91fd72c48cf6591183122456eef833141597cef","sha256":"6f467ce384401f15ed978c9cc35bfbef0caf0bcfd38559790f7798dea49e7cac","sha512":"064808af0755b89905745c70f5ca871e9d29a3337753047a8b771aca38df8e7a751c56f632bb23442c4fdb355ce991146e0a9b5d1e2947263d34ad19219a98e5","ssdeep":"768:ON/lNsQpQAqOp9F8VZ2XbejqjkAo2E1MqgCDyTi9hg7rkNosDc3z1q2YodkG419:OxlVpzY8hE1Mqxu0g7fsDM1DI","tlshash":"bf1302a2399140fd538d2fe8bfbe80f4b5afb90545ec6421591347c746bb2586c9dcc4","first_seen":"2026-04-26T13:04:41.575011Z","last_seen":"2026-04-26T13:15:42.304784Z","times_seen":2,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":42,"dns":0,"connect":0,"send":0,"wait":50,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/themify.woff","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /themify.woff HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/content__cache__asset-cleanup__css__item__uicore-framework__assets__fonts__themify__themify-icons-css-v1c7cdf3bd0a8ffd92.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: font/woff\r\nlast-modified: Sat, 17 Jan 2026 09:19:29 GMT\r\naccept-ranges: bytes\r\ncontent-length: 56108\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":56108,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, CFF, length 56108, version 1.0","md5":"a1ecc3b826d01251edddf29c3e4e1e97","sha1":"9394f35bd2addd24666b79bfc36d4f9d247cb01d","sha256":"0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7","sha512":"2329063d667b5480a2862fe4e11154b4dabf3b8782fd67be79ebfe55bfda96e28e70f8f438f73c7ef9901afcb16370897c3022c8b649a33cb74459c610cca00a","ssdeep":"768:tImTAHYFg71fAWsOKi5qSy5LBaK+mn2noN5IO3RCtebWA8ipCWUa:GmTp0gpBpv2a58oSA81","tlshash":"244328747f6a5b2bde839db9fe850e5160f098c61f43f123c09e98522c7b7a88979143","first_seen":"2023-04-05T04:30:11Z","last_seen":"2026-06-07T07:18:40.926425Z","times_seen":29496,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":37,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/cropped-Quark-Drainer-6-192x192.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /cropped-Quark-Drainer-6-192x192.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1794\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1794,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9fedcc64aec93622f400b6079341e9a9","sha1":"2ee93acf72d810e94ff705a983111afea18b7d46","sha256":"1bb9066068292b7891170e7be00164f0b3a9df5c7354be01eb5c365031f50486","sha512":"6487b39cca8ffa4c51cc12534ffc372ab0857bed18de70f0b8ae0a1dcb548dfb96caf7e06293459b3a8efd09030df33d1581e24ea693f68c0b3c9afeada77d8a","ssdeep":"","tlshash":"e4312b414485dae67038b16fb1f0d482fe2547712e11c7234ba4ff377ac8eb365182a1","first_seen":"2025-07-19T05:21:41.508311Z","last_seen":"2026-04-26T13:15:42.235747Z","times_seen":4,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/pagead/1p-conversion/17934677356/?random=645957918\u0026cv=11\u0026fst=1777208649743\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117227714~117266400~118131810~118463261\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Faurahacklab.org%2F\u0026rcb=15\u0026label=8V64CLPkzYAcEOzq9edC\u0026gtm_ee=1\u0026frm=0\u0026tiba=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=74191181.1777208650\u0026gcl_ctr=1~0~0~0\u0026data=event%3Dconversion\u0026gcp=2\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=8\u0026ct_cookie_present=false\u0026crd=CLTesQII8t-xAgit4bECCKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCLTGsQIIk9qxAgjb3LECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgj02rECCJfUsQIIyduxAgix4bECCLPhsQIIpt2xAgiw3rECCIDbsQI\u0026cerd=CgEA\u0026fsk=ChEI8O-2zwYQq6Kw9Lep-82dARIsAG5O4mWP34JE5dfXwXu8lBV2Y7-IFQjV2P5EDrFuBE1jG5ekAmK0YTW86MsaArhp\u0026ipr=y\u0026pscrd=IhMI8e2XksqLlAMV3af0Bx2EXQCEMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhhodHRwczovL2F1cmFoYWNrbGFiLm9yZy9CWENoRUk4Ty0yendZUTVjTFVfLUxaa3FxakFSSXRBRkF0eDkzd2ZpQ1NNbDMxZWlkRURQamZBZU1lUUxsQnhTRVQ3VHRXRnFJanJaMEZyVXFLVlhtWk0wdnd6DAgJYggIABAAGAAgAA","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"216.58.201.195","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:10.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:38:39 GMT","end":"Mon, 22 Jun 2026 08:38:38 GMT"},"fingerprint":{"sha1":"28:27:63:E6:8D:9F:5E:83:2F:93:1D:17:8F:A5:D2:B4:07:94:69:56","sha256":"86:54:70:19:0A:EA:E1:98:29:B7:6F:10:12:6D:C3:A7:B8:98:D6:2B:0A:87:0F:67:18:D0:50:E3:8A:88:B0:BF"}}},"request":{"raw":"GET /pagead/1p-conversion/17934677356/?random=645957918\u0026cv=11\u0026fst=1777208649743\u0026bg=ffffff\u0026guid=ON\u0026async=1\u0026en=conversion\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117227714~117266400~118131810~118463261\u0026u_w=1280\u0026u_h=1024\u0026url=https%3A%2F%2Faurahacklab.org%2F\u0026rcb=15\u0026label=8V64CLPkzYAcEOzq9edC\u0026gtm_ee=1\u0026frm=0\u0026tiba=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026hn=www.google.com\u0026npa=1\u0026pscdl=noapi\u0026auid=74191181.1777208650\u0026gcl_ctr=1~0~0~0\u0026data=event%3Dconversion\u0026gcp=2\u0026sscte=1\u0026ct_cookie_present=1\u0026fmt=8\u0026ct_cookie_present=false\u0026crd=CLTesQII8t-xAgit4bECCKG4sQIIscGxAgiwwbECCLHDsQIIisWxAgjCybECCLTGsQIIk9qxAgjb3LECCIfbsQII08WxAgjrzLECCO3OsQII1c-xAgj02rECCJfUsQIIyduxAgix4bECCLPhsQIIpt2xAgiw3rECCIDbsQI\u0026cerd=CgEA\u0026fsk=ChEI8O-2zwYQq6Kw9Lep-82dARIsAG5O4mWP34JE5dfXwXu8lBV2Y7-IFQjV2P5EDrFuBE1jG5ekAmK0YTW86MsaArhp\u0026ipr=y\u0026pscrd=IhMI8e2XksqLlAMV3af0Bx2EXQCEMgwIA2IICAAQABgAIAAyDAgEYggIABAAGAAgADIMCAdiCAgAEAAYACAAMgwICGIICAAQABgAIAAyDAgJYggIABAAGAAgADIMCApiCAgAEAAYACAAMgwIAmIICAAQABgAIAAyDAgLYggIABAAGAAgADIMCBViCAgAEAAYACAAMgwIH2IICAAQABgAIAAyDAgTYggIABAAGAAgADIMCBJiCAgAEAAYACAAOhhodHRwczovL2F1cmFoYWNrbGFiLm9yZy9CWENoRUk4Ty0yendZUTVjTFVfLUxaa3FxakFSSXRBRkF0eDkzd2ZpQ1NNbDMxZWlkRURQamZBZU1lUUxsQnhTRVQ3VHRXRnFJanJaMEZyVXFLVlhtWk0wdnd6DAgJYggIABAAGAAgAA HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aurahacklab.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 26 Apr 2026 13:04:10 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-security-policy: script-src 'none'; object-src 'none'\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":296,"timings":{"blocked":134,"dns":2,"connect":8,"send":0,"wait":27,"receive":0,"ssl":121},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/bdt-uikit.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /bdt-uikit.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 15086\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":99246,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"acb303a7900439d4ae45005d5572953d","sha1":"84d2a54c49ebd5fa136a9d679b0cfe345524e0ee","sha256":"ede8dbad62522c0edd36c1f98386204d4608e3bfc2d676b7f03f40747e3f5691","sha512":"ee6f3bd6f4fe4989c76964b2f99205c84b6d406b773060311159432890fb2083bb1019c0db1b29fe1615368a0d06d8cf9303c956f51af205962b9b195c592621","ssdeep":"1536:CPkcRmDUfMFoDBUn7WNmJPMFCQYKcOzMiN04O+8ieZ0oVIkE:/Uv1af1ix","tlshash":"e0a3a3855d5030adf16b8515dbe0fa6cf3294c81f7270beab5d2a36687cbad10633a1c","first_seen":"2025-12-31T16:06:25.674863Z","last_seen":"2026-04-26T13:15:42.249717Z","times_seen":4,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/ep-helper.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /ep-helper.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6091\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":41877,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (41877), with no line terminators","md5":"d8126572aa8541b5e4386067ef8a6849","sha1":"cb6526cdd0e3248fe94c497329a01a96b269cd82","sha256":"49ba042ba2fabf8c0a22b75440f72333b9e7d037a4fd78b7d0af08468ee40c01","sha512":"881e5ed14d92d7554d76ba77a0b4cf438cb7f89d6c1b1938d44ab03ad0a74fd77c50889c5f0402ad2fc1adaa90df6bd9fb331db6143447b4b9dfa05fcc894cd7","ssdeep":"768:O2VVT+AgCdBeDTeISc+R0hOFx+fCGcvcctTD8JStP+NdzrszV0GOzoiAn2ZJ:KDTOF+NdzrszV0GOzoiAn2ZJ","tlshash":"f313ce467f432068755b092ed7ebd65ca474b8c1f1428d9ca6e1682687fbcd8233e93c","first_seen":"2025-12-31T16:06:25.726917Z","last_seen":"2026-04-26T13:15:42.305305Z","times_seen":3,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/155b503e1bc15a574a5653980f781e5d9cb8ab27.svg","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /155b503e1bc15a574a5653980f781e5d9cb8ab27.svg HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 68\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":68,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4eff7ea9be53151fe7d47ebd58b0883a","sha1":"155b503e1bc15a574a5653980f781e5d9cb8ab27","sha256":"f6edc2adab55f4cba79ca16c3d8e8380871487832c3398b0026694bb0852e8c7","sha512":"f10f7cb21efb84ad0950145797757d97ce8daa7f05ea881786fb9c185e84a026e2cc906bae2530cb2dc09ad268da7808815967cd65ce42389ba2b89fe1bab861","ssdeep":"","tlshash":"a9a022ce80ca8e088208c820bcb00c008c2f200000c003a8e8e20a22e002a803300c28","first_seen":"2026-04-26T13:04:41.581564Z","last_seen":"2026-04-26T13:15:42.2417Z","times_seen":2,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/quark-drainer.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /quark-drainer.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 49340\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":49340,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"34c05ebdc4cefc3e1c2eb9e82978e521","sha1":"30893620c029f8969f4ea8e30f50551832f603ea","sha256":"252bcc2a1165eb7c1b58d82871a1d786b95ff9f7da0b2d92b328d30f8850e09e","sha512":"7274f807bb355c521b5806202e6ead6f42ab1a4a5405ad8c905072e974a009ff48bdddd31f9aa45db4e0e02af763c24482b35200a1a498da0fd541c49caf796a","ssdeep":"768:drd0tp51ghDIJjejNj2sjBhZbFgiQXyByVtnMKeNB+K2nFiFPDof+INA8iZD:jW18sje5njDZpHLMVwX1F7oZA8id","tlshash":"b823f1451476b3f7a6b080b760e1ffd2181bd0e521eb11ef6884355ce29b07d2beb6a4","first_seen":"2026-04-26T13:04:41.582954Z","last_seen":"2026-04-26T13:15:42.279114Z","times_seen":2,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/Web3-Marketplace-Smart-Image-1.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /Web3-Marketplace-Smart-Image-1.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 35188\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":35188,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"362f86a3ed168adc092ae6e4f40d7bd6","sha1":"174e304245d0e4611127633bfe54bfc58360d7cb","sha256":"4af77d177127ba68effd9ce9fbdd26ec4bd3592b4c118cd59e856fdb252e5e2b","sha512":"f169637041077d7cf7c8d5d2fe594dcc4872d983c80f24ab81b048d2605bed81d2d7a2f62119c494bbe838d9a976ff9fa2a3f86624ef4c21b4e9426b7d475abe","ssdeep":"768:8zM0BacPRx/0byYfTe2DvlosUdjEmPfpWH8F54XJlx3JJdG:8LjPRx/ay86rpW4MJlxc","tlshash":"d0f2e181a88a63ecfde541970c068059a05e54ff4be601f2ad743deb53bcbae73056b4","first_seen":"2025-07-19T05:21:41.579467Z","last_seen":"2026-04-26T13:15:42.279714Z","times_seen":4,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/what-is-crypto-drainer-quarklab-650x433.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /what-is-crypto-drainer-quarklab-650x433.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 46376\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":46376,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"875be771a5a88ff74670737b72ccbb68","sha1":"a8740982a31fe7b3133897324d860205277ce4b5","sha256":"42f72515c2ea39e21f011308cc25adad0682124889aa45af05315250d2fd9548","sha512":"38ab71c4dbf1fa68e3504bd44d4e06d32dcd90ebb2a49aa2f94a316d9ab51774283c56cc03aff73b069b127815a6d44d9481df074457bc9cdad91adc262a5526","ssdeep":"768:RSwvQeI8GZp7gNxyaPgVGA0G2XLqsr1rCdsIPoWn5AcVLtSG+DVrRde:RrEB7gLyaiSG0LqcNeBzn5AELQR6","tlshash":"5a23f13e02f51216937752e2f9c7ed232e83558dc72d03a7160bb26ada3b68c4759c1c","first_seen":"2026-04-26T13:04:41.585672Z","last_seen":"2026-04-26T13:15:42.234518Z","times_seen":2,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":47,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Faurahacklab.org%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=677018761.1777208650\u0026dt=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026auid=74191181.1777208650\u0026navt=n\u0026npa=1\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117266400~118463261\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-17934677356\u0026tid=AW-17934677356\u0026tft=1777208649760\u0026tfd=1219","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.251.150.119","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:37:36 GMT","end":"Mon, 22 Jun 2026 08:37:35 GMT"},"fingerprint":{"sha1":"08:79:9D:7F:DB:8C:0A:9F:3E:E2:C7:8A:F2:4D:E4:E2:5B:36:28:22","sha256":"07:42:F0:13:40:B6:A1:62:31:62:8E:96:2F:96:8C:7C:C0:5B:F0:8A:DB:0B:A6:E2:44:14:41:7D:B2:7C:B9:74"}}},"request":{"raw":"POST /ccm/collect?rcb=15\u0026frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Faurahacklab.org%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=677018761.1777208650\u0026dt=Aura%20Drainer%3A%20Crypto%20Drainer%20For%20480%2B%20Wallets.\u0026auid=74191181.1777208650\u0026navt=n\u0026npa=1\u0026gtm=45be64m2v9248370851za200zd9248370851xec\u0026gcd=13l3l3l2l1l1\u0026dma_cps=a\u0026dma=1\u0026tag_exp=0~115938466~115938469~116363098~117266400~118463261\u0026apve=1\u0026apvf=f\u0026apvc=1\u0026tids=AW-17934677356\u0026tid=AW-17934677356\u0026tft=1777208649760\u0026tfd=1219 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://aurahacklab.org/\r\nOrigin: https://aurahacklab.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\npragma: no-cache\r\ndate: Sun, 26 Apr 2026 13:04:10 GMT\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://aurahacklab.org\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T12:09:50.953634Z","times_seen":16211433,"resource_available":true,"data":null}},"time_used":420,"timings":{"blocked":194,"dns":0,"connect":30,"send":0,"wait":31,"receive":0,"ssl":159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/widget-icon-list.min.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /widget-icon-list.min.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 928\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":10255,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (10255), with no line terminators","md5":"1c6df716953f870be76c3e88a69a326f","sha1":"55001bbb898eb7636eabd0418275a9f5aa96ac51","sha256":"1b34d4c7324321e36db5d35f05bb011238a1326f89058a4399d028d1f6c47dd5","sha512":"d2cb3f58b7f5b83fac1744e81367e6ef4e350a073aee634b85a2ad87b4676cb78561db329bb4c9da20617a1be770b0d399ca731d0dc6792fd1f37e2ca116432d","ssdeep":"192:eKTrGZCLG+tlR3080ur1R6gxrcazf7fneLG6AHRJSJ/JwJp+XuknI0:eyv0","tlshash":"a52283917d83814e1aff651b141b2a4ca1c9c4dee8b6ecd6e866130782ffec53772528","first_seen":"2025-12-13T14:03:51.781572Z","last_seen":"2026-06-07T12:58:08.669342Z","times_seen":40477,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/local-243-frontend-desktop.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /local-243-frontend-desktop.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 127\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":592,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (592), with no line terminators","md5":"7ba6b2e4dec6c0a6294d308a84582cc1","sha1":"f115fa2233b5b15143d1751ed14712968ea5a13d","sha256":"d9f2a559f9d7e12f12121caa4423e11e7b0b0078f7958b060fe04b4e3ad959dd","sha512":"8ee783c20948ac9ab5c41e238a714077359faaadc8c38fa898b0a48a3bff882e516e09789cc4ae3de00e2471cee2cbb7b35d59bcbafd028fd83253147daf8b76","ssdeep":"","tlshash":"88f0964284938284cd77b6020fd025a233400cb74ce5d9f7cc074b67e4ce22536a7b4a","first_seen":"2026-04-26T13:04:41.587527Z","last_seen":"2026-04-26T13:15:42.226685Z","times_seen":2,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/tron-wallet-connect-modal-quark.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /tron-wallet-connect-modal-quark.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 17364\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":17364,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1160, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"32e7764f0d65029cd4bb11ea5c86b8ab","sha1":"45058ba059930078d7a480646a784bfab57450ca","sha256":"17f102dff4208c597d74d31b82167502121e3533c9a51cc27f3c84dac2fb0dc5","sha512":"4b59a97cad39f0c542f801a9f022b46466c7f85a0014ca758fcbb6b281f5d9299f5e8e28f900987bb4bd73c41f625d0765a8855b6348ab9c9769643ad978e595","ssdeep":"384:WdM3Xl8Ex7ySv/1hJd9sWrgCSzPWglwz9NLqzxP19qr+:d1vd9sWU/zPWglwRIZ1J","tlshash":"7872bf60b04b3d38a406a560197b3aebaa4d92e0f313fdd717378a215274a0d38e66b1","first_seen":"2026-04-26T13:04:41.588776Z","last_seen":"2026-04-26T13:15:42.298191Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/tron-airdrop-claim-lander-quark.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /tron-airdrop-claim-lander-quark.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 55914\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":55914,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x724, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"036370d838459b8ace4b475ca1bceb7b","sha1":"0b516682f744f78168daec76cfd3c36e4450bf10","sha256":"e17b730c033ac1180f693aabf52caedca1813346857a2ea2fbd8d3ef98da681f","sha512":"8595374287b2d21ecb3f60ec8f46dd9aeb381478af886f60c285d8f8622d99c35c7b71b4748c968c61dea7896ad712334207f9402d6a4b54c07b567f1fb5bdd0","ssdeep":"1536:moL72eIdY9chsVOq5OVligYJwYO7BwH8g5KYeLy6:moLibia3YiYO7U8e6","tlshash":"e74302d5e3800732c694aeb11b1f869451a64379b4106b95724d3fefc777b14c3a52cd","first_seen":"2026-04-26T13:04:41.590256Z","last_seen":"2026-04-26T13:15:42.30322Z","times_seen":2,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/chakrapetch-ciflmapbsek7tdldtez1bwkeji91r5_f.woff2","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /chakrapetch-ciflmapbsek7tdldtez1bwkeji91r5_f.woff2 HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/content__uploads__elementor__google-fonts__css__chakrapetch-css-v0b5b798be663cc04f564a4bd715c706786b09ed9.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Sat, 17 Jan 2026 09:19:28 GMT\r\naccept-ranges: bytes\r\ncontent-length: 9900\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":9900,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 9900, version 1.0","md5":"56706b63a0f0391ea247202feebe2a68","sha1":"d09f6c283158a5c34a1a0fb3f1f2149989f05956","sha256":"ce5095dc1cb200aaa939e38067a0677018d10e9f26ec38cdcf1557ac524fc775","sha512":"b15d8da95c966ea4751ce32272f0dbb88c730994096cb7e1a2a5386942529e63c38ac0eba17dc4321efaf637b9b1a4b1bf9c75988e7b0ac0040b3a5bfa793774","ssdeep":"192:3jKminRc+/sXhY52YXvSTChIrFNmg8aa9FrQUJuE4MhlmY1A4NRX:3jFinGRhY52Yz4F7a9FdiY2kB","tlshash":"eb12b03042bd76a1f6bfedf611a732371007a05102a669379faf132d5e7aba01c4165b","first_seen":"2025-04-26T08:41:49.507205Z","last_seen":"2026-06-06T22:03:41.060607Z","times_seen":2041,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/cropped-Quark-Drainer-6-32x32.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /cropped-Quark-Drainer-6-32x32.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 442\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":442,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"deeba1c829adb9839126079962a282a2","sha1":"3f36dd308413ea9c4e75ed1853c61a1a37ee3251","sha256":"8ec7f292b26263b4cec5a06b09324036e98fbc2339df0ec55fef525e1519c0ef","sha512":"605e66ec18b977747ef5a926f75dba7ca835111bd7e0f1a262ed6dee16360af31a58e84900601ae58c73aa34f7d697ce406a41f657226b67920b4fe2d1c7553a","ssdeep":"","tlshash":"97f023d1426230c0412d87b764a5226530c358019203c6f785c1c23c426de7eabaab5f","first_seen":"2025-07-19T05:21:41.552269Z","last_seen":"2026-04-26T13:15:42.2391Z","times_seen":4,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/uicore-global.css","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /uicore-global.css HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: text/css\r\nlast-modified: Sat, 17 Jan 2026 09:19:26 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 14649\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":98827,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65490), with no line terminators","md5":"3786bfb6dcf8ea52a60934ab9d0717da","sha1":"18f39a85f166ad29f652cc88f0b1e465808cdc0c","sha256":"4f884b1a1b109af486ac1b80e46c453cc1bc308821d946fe2f01e8e9c7b452cd","sha512":"b116a7d80d1246611b0e67f0e8f24b93cab53f225f50801ff998ce3aa1c9f4d6fba012d3e283c25cbed8d6bd748c174870593f20a7ccc92fcf1a8ce6edb1d291","ssdeep":"1536:9WbfE5M3+ENH3SFevU8y3NFrKAzbaaZYr9:sBXkevU8ydFrKAza","tlshash":"e9a37780fd42183427a7411ef7ca9edf1b24b18ded4e58defc6069d907cbae70269906","first_seen":"2026-04-26T13:04:41.593742Z","last_seen":"2026-04-26T13:15:42.23635Z","times_seen":2,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/ton-wallet-connect-modal-quark-768x836.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.114Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /ton-wallet-connect-modal-quark-768x836.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 32084\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":32084,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 768x836, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"2b6c8271a58c89f8925b0218fbf30939","sha1":"86a140148514b4ef4bfee6edfade2eb8446ad1df","sha256":"0bf6123d4c132cea176387d66df1100b36ab0467999a6dad56d18ef0bc7727fe","sha512":"c6829d1f52b3c40f9e09cda39e3b9b42fab8ceaf42787e4bd9d8c849b590cbf131dcc2ab7a6ef55a4e56e02fc3ec20fa1718a116e42f830dada6962dc6002ef9","ssdeep":"768:P7fB/U0z3bRDMxmxBpFqDcuVwJtMs9N3B9VqxYxFsxC7JNR55xHSz0:PRU83bRDUmx5qDcdlXxD6YxsC/xo0","tlshash":"08e2e17533c391a9d41be2cbc2d48b69bfd7693db29138c35b888056a0acc4160ffa75","first_seen":"2026-04-26T13:04:41.594956Z","last_seen":"2026-04-26T13:15:42.30984Z","times_seen":2,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/wbtc-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /wbtc-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 7364\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":7364,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"712afe5d4a33e646624e69ebf4b6b7b4","sha1":"3de6f34d77d35b98241ea9cb4db02987bcb84e99","sha256":"6fd451aaafc9601978ca6a41d0f165bbf620121ff4c89fdf9e56d65910e51c44","sha512":"cfd141dcabba518d9b95072ea509f298f1e38ad5891fa019ba6f688ea6bfcde77e9d0b1057e95c24caa1f4b482718d8f5d3e58e7ab74de6829056c92f16d3dd6","ssdeep":"96:fFC0SOPq4y1i61WoCFPevY6KD5O56z9XuTU+3PDKob9p+cY8WvAhW2QWcuQfeJqT:fmvwFPchKNFzJunfDV9ptY8IAbQFbpt","tlshash":"9ee19d02b36ccf192853d7fdd2e2f644ad156a588ac8ee8884c629db225f35f5812891","first_seen":"2026-04-26T13:04:41.596281Z","last_seen":"2026-04-26T13:15:42.299299Z","times_seen":2,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"aurahacklab.org/wif-solana-drainer-quark-150x150.webp","fqdn":"aurahacklab.org","domain":"aurahacklab.org","tld":"org"},"ip":{"addr":"178.63.205.58","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://aurahacklab.org/","date":"2026-04-26T13:04:09.129Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aurahacklab.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 19 Apr 2026 13:31:27 GMT","end":"Sat, 18 Jul 2026 13:31:26 GMT"},"fingerprint":{"sha1":"ED:0B:48:80:1F:B1:DE:50:BE:F2:E9:59:B2:41:9F:7A:AA:EB:A6:3A","sha256":"6D:9E:78:F0:24:0A:A1:F2:FD:90:AF:52:54:B5:32:15:9C:76:CF:33:A4:66:E0:22:B7:08:F0:FA:E8:1C:09:7A"}}},"request":{"raw":"GET /wif-solana-drainer-quark-150x150.webp HTTP/1.1\r\nHost: aurahacklab.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://aurahacklab.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Sun, 03 May 2026 13:04:09 GMT\r\ncontent-type: image/webp\r\nlast-modified: Sat, 17 Jan 2026 09:19:27 GMT\r\naccept-ranges: bytes\r\ncontent-length: 4690\r\ndate: Sun, 26 Apr 2026 13:04:09 GMT\r\nserver: LiteSpeed\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":4690,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e59a1b934a8c86381749821ba7c6affa","sha1":"9d471673e8e7d058dcceb2bf54d3ef54f5bb35b0","sha256":"53c33e102b2217b5b26e6abe17d64312381f4480b288178c0e1056b6ec554fec","sha512":"1933e5f4929e4ad78d8fb5ccb0c71dd34af3a103adaac6e0f3bdc014a4d1ad27bc4864f4b9d87dbd1f40fd832f0bcd7c4d9ecf09f7ffd71ab62327e4f6e9b5c9","ssdeep":"96:B63eBE3S7Qzc39saVAR/2/bj5smodSrS0rNyOz7:Hep+Kai2/v5s3dlun","tlshash":"07a16d9e87fb4b7a9b4cb3103c8a00c9a8ad500181a7a0e4b614dde5e3f552d19dec5e","first_seen":"2026-04-26T13:04:41.597455Z","last_seen":"2026-04-26T13:15:42.302705Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":163,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-26","alert":"Sinkholed","trigger":"aurahacklab.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}