{"report_id":"de4cadf0-93b9-4ce0-8470-a60b09fa0b37","version":6,"status":"done","tags":[],"date":"2025-09-02T03:33:09Z","url":{"schema":"http","addr":"hacg.mov/","fqdn":"hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.hacg.mov/","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"title":"琉璃神社★分享动漫快乐"},"submit":{"url":{"schema":"http","addr":"hacg.mov/","fqdn":"hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-07T03:33:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-02T03:32:49Z","timestamp":1756783969,"ip_dst":{"addr":"172.67.207.93","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.6","port":58238,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-09-02T03:32:49.037006+0000\",\"flow_id\":1077928970508647,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58238,\"dest_ip\":\"172.67.207.93\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"hacg.mov\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.hacg.mov/\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":545,\"bytes_toclient\":744,\"start\":\"2025-09-02T03:32:49.022887+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.hacg.mov","ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-01-27","domain_rank":1279387,"first_seen":"2024-01-29T03:42:39Z","last_seen":"2025-08-29T13:51:33.556515Z","alert_count":11,"request_count":11,"received_data":609935,"sent_data":5386,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"hacg.mov","ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-01-27","domain_rank":639138,"first_seen":"2024-01-27T17:08:03Z","last_seen":"2024-03-31T15:48:42Z","alert_count":1,"request_count":1,"received_data":3506,"sent_data":477,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-02T03:32:49Z","timestamp":1756783969,"ip_dst":{"addr":"172.67.207.93","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.6","port":58238,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-09-02T03:32:49.037006+0000\",\"flow_id\":1077928970508647,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58238,\"dest_ip\":\"172.67.207.93\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"hacg.mov\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.hacg.mov/\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":545,\"bytes_toclient\":744,\"start\":\"2025-09-02T03:32:49.022887+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.hacg.mov/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b52275388e57710a7caf234fad05781","sha1":"ce5605dd9c13b12b04b5d22155801933a1ca7966","sha256":"d4ffe92d1cf27a8d1162efe109bd2b1c682a23659af7eb5eb1be6edf7019f65e","sha512":"97db6fa4dcd05ea1003e6be40b8769e724ee673af0da97f7f7fdd7badc8754fdc4e7a40ded37c1f02c2c4be171cc9dfa29e38672497cc0c346e66ce05dec5577","ssdeep":"192:7WWOLGwZ0QldkCSYGskC3OkIyIFUkWeWB4Ghym2ML:qW27CQleoIOkWeW4XML","tlshash":"ab2207cb3d5b15d4d21041b100ffbdc79ba9efac60b1ad0b821d68a86f24b48395bd69","size":10091,"data":"","first_seen":"2025-09-02T03:13:38.053835Z","last_seen":"2025-09-02T03:36:03.153072Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cb1bc52ed6fcb54221a17cc0c11dec59","sha1":"d36804761310d42a6eb19427ea8ee8252e3e5552","sha256":"d36e2852962dcd4c32d51deb2e91e1e05ae2fcc2e54fcfd153b611f8cb591066","sha512":"3fb8e518d948aad0184e9b3d7aa288085e1fffe5a2fae784ef82054a199b02df38203102c81f3be6af95dcccae62dc080faffa3d22edd664777a5cff09477c46","ssdeep":"","tlshash":"2ce0c08d387858e695e3b2fb73f3591c74a22b0c6550feb34aae854c2400986449b1ec","size":390,"data":"","first_seen":"2024-08-20T00:36:47.864707Z","last_seen":"2026-03-05T02:17:35.806113Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d807cd812a75a98e6d5214f506c8c670","sha1":"9060b9b9f3c5341f15000cbe58d23b0259b6f986","sha256":"f90a11d1a56d5fb5c1a6437e5509b45b44a29c952face2caa914a6eb7b91e1dd","sha512":"541a07458ec8dc47adceb8c141bbc7c7978af95a17f295818d8e624c26496af712f92cfde4eaf127941587f49cc64a3d156e268dd90ea47e67bdc7b4f34ccf45","ssdeep":"","tlshash":"441100753b1a1534c6d5818b31bee7a93d3220617e02a184c36ccc289d28e8314efdbe","size":902,"data":"","first_seen":"2025-09-02T03:33:10.829717Z","last_seen":"2025-09-02T03:33:10.829717Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/sandbox%20eval%20code","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-03T16:31:19.628097Z","times_seen":770027,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e79b671afa3c15ef669e9c51e982a13","sha1":"56780fb03d126e34d95f532a0274d6bf0b226e85","sha256":"3e6e78959f3a5f64da4a3900bb43893f83a3d6d797d5798af31cc8d0b5a01b3a","sha512":"da44988dd71baa881c98ab52df9f4c8b5080065197f27482389f2f32b927088f13677c465ad903809312aacb3a7cfd340e0e7750d1d46fbfbe190eb8041f3036","ssdeep":"","tlshash":"e1d02355197e843061f8024650f5d3dc356021907b51774081ddcc6b9e31dd305f365d","size":217,"data":"","first_seen":"2025-09-02T03:33:10.832249Z","last_seen":"2025-09-02T03:33:10.832249Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-04-03T16:31:19.702535Z","times_seen":768485,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"hacg.mov/","fqdn":"hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-02T03:32:46.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 02 Sep 2025 03:32:46 GMT\r\nlocation: https://www.hacg.mov/\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rEr8S1c8ie0jQ2nfGzwTTRYVwPqT%2BfneFxSLf9N9B4rO%2FlGznpeEWwyWZb%2F%2FvrJEFKyAaawzofOkbMYWLHyowdR54muzjZbA\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9789f12bf822c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3006,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T16:31:03.652024Z","times_seen":13295266,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":41,"dns":24,"connect":1,"send":0,"wait":4,"receive":0,"ssl":15},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-02T03:32:49Z","timestamp":1756783969,"ip_dst":{"addr":"172.67.207.93","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.6","port":58238,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain","source":"{\"timestamp\":\"2025-09-02T03:32:49.037006+0000\",\"flow_id\":1077928970508647,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":58238,\"dest_ip\":\"172.67.207.93\",\"dest_port\":80,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2045976,\"rev\":1,\"signature\":\"ET INFO DYNAMIC_DNS HTTP Request to a *.mov Domain\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_05_31\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1568\"],\"mitre_technique_name\":[\"Dynamic_Resolution\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_05_31\"]}},\"http\":{\"hostname\":\"hacg.mov\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.hacg.mov/\",\"length\":3},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":545,\"bytes_toclient\":744,\"start\":\"2025-09-02T03:32:49.022887+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/2/img/toptitle01.png","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:49.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET /2/img/toptitle01.png HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.hacg.mov/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Sep 2025 03:32:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 3391\r\nlast-modified: Wed, 09 Sep 2015 12:23:26 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"55f024be-d3f\"\r\nexpires: Sun, 12 Jul 2026 09:27:23 GMT\r\ncache-control: max-age=31536000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9RfuvME9WDu3%2BH%2F5l3Fykg4OXJgFXwd815TCTTEzoWXC%2F299o6X4puzP3nE9mDvAtH46diYFeS1gpxBmhwvfulY56AO7UodUO9s%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 9789f141c9337131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3391,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 219 x 59, 8-bit/color RGBA, non-interlaced","md5":"e0701a3c6c0722194a3aa4b6af5fc075","sha1":"9278e55a0b12492971ac8bd546f5230a4dd167dd","sha256":"0c6d90f78fa5fc4c5c6e9ce524d33efe97850a39c037329803abc19bd6cd726e","sha512":"ff65cf88c2930875519f1374d1fa5b89b29729c3455f2d06584804f9804c55dcb9662036db113f7a0a60f2568d93259a48f46b315eb65a3a744944c16c93c16c","ssdeep":"","tlshash":"f1612afd67c0148173f6d98718d3ad3f986209005ea52950fc67d9614e769ba2c6e0ca","first_seen":"2024-08-20T15:22:20.364399Z","last_seen":"2026-03-05T02:17:35.787029Z","times_seen":6,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":300,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/mp3/onj001.mp3","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:50.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET /mp3/onj001.mp3 HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nReferer: https://www.hacg.mov/\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: audio\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\nserver: cloudflare\r\ndate: Tue, 02 Sep 2025 03:32:50 GMT\r\ncontent-type: audio/mpeg\r\ncontent-length: 126432\r\nlast-modified: Tue, 01 Dec 2015 08:41:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"565d5d49-1ede0\"\r\nexpires: Fri, 10 Jul 2026 00:48:53 GMT\r\ncache-control: max-age=31536000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\ncontent-range: bytes 0-126431/126432\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g2Z45233Ni5sCLzKJeMt6Hc1IzO4bhcbTsnEOrSZQ2TlNG9T2qxyoGM%2BNZ%2FyHtK94ZJt0R8hwGM449eb5p2LLc9iOieIhDjr2Po%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 9789f147a9387131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":126432,"size_decoded":0,"mime_type":"audio/mpeg","magic":"MPEG ADTS, layer III, v1, 320 kbps, 44.1 kHz, Monaural","md5":"f2bb3ad206e910fecb309c8a958419f1","sha1":"8b9270887e90599f359d0417611a930f3095452c","sha256":"912643f1332f8e043c74ee5d6b9cd1e163635def51cc3ba59ccbb618f035e7eb","sha512":"f3070e8cc14053e9df930bf3e52a5c11dfd8e1c19f2afe9787a67cfb62a16a5f83d795e3ef2764d4e92a3f2aa912d074e74a35baa2e840d4ca0e571b7fb85db7","ssdeep":"3072:K8ERpIDVEqDYY3gYtau3S8LEw6vnAdE3RS9O3T33:wpI5HgCauix6rKr3","tlshash":"d0c3124f8deda3eab60640b9b0239e68fd282d050c4cb2dea613731e64db731e7d0645","first_seen":"2024-08-20T15:22:20.36895Z","last_seen":"2026-03-05T02:17:35.791974Z","times_seen":4,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":284,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/favicon.ico","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:50.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.hacg.mov/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: cf_clearance=0uDvNQCri9dzKrzuVNGBrXqIuNHLCdxgfii1f3x4B9c-1756783970-1.2.1.1-ZU7xp6qzJL2p7jVpfJh2O7KtOExG_WNku2CQGCjSNjFzE79X3taEOz8bqi_8ZPLYVWpfQRnA7rueIRYY9QGSlxTmEEhJiWIDm51xg0Rd7BU8euP1apauxCrCU3SckkT9PPZzXy3KbhW7oIaCgihahg7b32IJGFr_56XoVlbgK7s5qNXarfC4P0IS77rrgCDub8jI8GpRIcLtqxardYpuz37.aT1KcnCXZ9EinO4eusU\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Sep 2025 03:32:51 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Sun, 27 Dec 2015 09:20:15 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EWKz3iaeFm0yeQ9pwVawDkkNO5R3h3CZhJJSA1OcWDHJxj3vMTPF%2FfRcTfriPmTwdAbd29UAyreTAxYCYzgf0hvqNRE4KUfl5b0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: \"567fad4f-25be\"\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncf-ray: 9789f149793d7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9662,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"16a01fa1d9039337dab81b9a8a52c9ad","sha1":"285e4d6a2e975dcd347c3bbbc11be1373edb52e2","sha256":"c2890d185be79bbd9a7ec4241ca8a92b533b21f4ccb60abe8376960142efc668","sha512":"285634090d6caad3a73e5ec9a36b6905ee39452bd5c6f0077fbc4529e0dd3ee6da53c7ebced5ed3eba6577b82f14c1c5ac0aa5b3c590679b1cc004baad737a5e","ssdeep":"192:N5U2mAW4TPOOOueHTmR/SIOOOukbOOOXIOOOpOOOuqdOOOvKiF:NDRQgBqEKiF","tlshash":"6b12bab191788004ed84ebf4a5a4fc622bab7f856eb8a47d45f474c023b35b6fc2454e","first_seen":"2023-11-09T03:25:46Z","last_seen":"2026-03-05T02:17:35.80027Z","times_seen":14,"resource_available":false,"data":null}},"time_used":284,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":284,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/2/new2.css","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:49.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET /2/new2.css HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.hacg.mov/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Sep 2025 03:32:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 10 Sep 2015 14:27:47 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6bgPcLv2nZvNTviQSGzELcmLjAaq0EE0it0xEuvf2B5ND%2Bp3Oma6DbmBlJ05%2Fg5IifuQXugcO1YjCUbyCe3NWwHqlO6UBqJu6BY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\netag: W/\"55f19363-1354\"\r\nexpires: Sat, 11 Jul 2026 19:49:19 GMT\r\ncache-control: max-age=31536000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\ncf-cache-status: HIT\r\ncf-ray: 9789f141c9317131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4948,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (412), with CRLF line terminators","md5":"f6b6bac063f94e7d75132d69dd3bfdf4","sha1":"3c51fb9293daa8c491da9ccc7968a41c9dd0652b","sha256":"c5de4da6136f6555f7597dedb01d4860ac58d3c393aebb89dcbdb03d3076526b","sha512":"43d900d8e0432ed2bcc20683baa2e861590eeaed982ee862a5a8f3d927c7f09831db23dddc6c1a524cda6cf3f9e184d737c2152d81fb5fd4d72cdf77cf0b9c5d","ssdeep":"96:xqP0OdyCAyWfKwyT0Kji2LiXnD9NsN21NJInGp26OOnhnsJGaJIJynQIfzbgU:xzO55tlji2LDsZhhsJGaJIJy3bbgU","tlshash":"ffa141204b337489f7339ba937f41b745d384121be0b01adf1e6b9169346a683973aca","first_seen":"2025-08-29T13:51:33.88036Z","last_seen":"2026-03-05T02:17:35.78325Z","times_seen":4,"resource_available":false,"data":null}},"time_used":816,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":816,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/2/img/topBG.jpg","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:50.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET /2/img/topBG.jpg HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.hacg.mov/2/new2.css\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Sep 2025 03:32:50 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 400640\r\nlast-modified: Mon, 04 Jan 2016 10:52:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"568a4ef1-61d00\"\r\nexpires: Fri, 10 Jul 2026 04:33:00 GMT\r\ncache-control: max-age=31536000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0I8SxKxAtWmy%2FjbAFFNWTP6i8NqaZy7HdAGiVXsR0Vs%2BtgOU78Ue1FXkeFL74ZmkLUSEKNXWJixNELFnwFK6A3SYjjoNFM2EbIM%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 9789f146f9377131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":400640,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1600x1067, components 3","md5":"68425bf5329a71e6dd8f162972d717d4","sha1":"d0be1e7d041267c469fbea4d95a23f1766e8e073","sha256":"97f5cc407c7539f060efadacfc787e401a131b76abcc7e51616cf7561ba35670","sha512":"ab2786727956c1efcbe04ebe7331efff1014127adf64b42ccf8b5cec543b4807bbf3027b96327cd2f0d9fc951d30fcd7441b1a1537b0637121c17e0f67508a05","ssdeep":"12288:kyfejkGBsf++cxmroLZnpZfcJgFBzB/qPax:kPD+csro1nPcGFFBCPax","tlshash":"d08423227b291300d65474f7c06c4491ce9b93aa748fd1db8e5e43b6313b11a7bb9ee8","first_seen":"2024-08-20T15:22:20.366932Z","last_seen":"2026-03-05T02:17:35.78972Z","times_seen":4,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":273,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/cdn-cgi/challenge-platform/h/b/jsd/r/0.06483753562872659:1756781579:66oUofYuH9BeChJzFKWCIADhgY70_pOROKYgwamG-e8/9789f12c38b77131","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:50.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/jsd/r/0.06483753562872659:1756781579:66oUofYuH9BeChJzFKWCIADhgY70_pOROKYgwamG-e8/9789f12c38b77131 HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12077\r\nOrigin: https://www.hacg.mov\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.hacg.mov/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ndate: Tue, 02 Sep 2025 03:32:50 GMT\r\ncontent-length: 0\r\nset-cookie: cf_clearance=0uDvNQCri9dzKrzuVNGBrXqIuNHLCdxgfii1f3x4B9c-1756783970-1.2.1.1-ZU7xp6qzJL2p7jVpfJh2O7KtOExG_WNku2CQGCjSNjFzE79X3taEOz8bqi_8ZPLYVWpfQRnA7rueIRYY9QGSlxTmEEhJiWIDm51xg0Rd7BU8euP1apauxCrCU3SckkT9PPZzXy3KbhW7oIaCgihahg7b32IJGFr_56XoVlbgK7s5qNXarfC4P0IS77rrgCDub8jI8GpRIcLtqxardYpuz37.aT1KcnCXZ9EinO4eusU; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=hacg.mov; Expires=Wed, 02 Sep 2026 03:32:50 GMT\r\nserver: cloudflare\r\ncf-ray: 9789f148a93c7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T16:31:03.652024Z","times_seen":13295266,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-02T03:32:46.084Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Sep 2025 03:32:49 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mpPGrm2%2FnAfGWCwJB4fQLOwwhyY1wlYVtM9aeFGEbbNt6o7a8toM4ZL7GEiFE4lb6FLAFYtqZMMDNP6vqOJS8DguDtF6qyQgCKM%3D\"}]}\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nreferrer-policy: no-referrer-when-downgrade\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9789f12c38b77131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3006,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (926)","md5":"25f67dc013e43de6cf014f97d2bec0ea","sha1":"4595edaeff94682e15c4410ce3d9f3970f720665","sha256":"e8e82acfc1d357b9be5f8b6ce6cb19b0828c47925b06c9205e02020415df498a","sha512":"001948bebdab6ed1ddef61cc727b1c7387a32749325a4e16ee2846055701c946adf8293f6bc7d06d2cc92af4e6993e4087f50aca69012a2776cd0f2da8cf8d68","ssdeep":"","tlshash":"1151b5b5a92e442445f211c7b7ffaf2834236234e6529102d1eddb5b1380e924e9fe6e","first_seen":"2025-09-02T03:33:10.82047Z","last_seen":"2025-09-02T03:33:10.82047Z","times_seen":1,"resource_available":false,"data":null}},"time_used":3168,"timings":{"blocked":34,"dns":0,"connect":0,"send":0,"wait":3134,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/2/img/toptitle02.png","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:49.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET /2/img/toptitle02.png HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.hacg.mov/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Sep 2025 03:32:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 1326\r\nlast-modified: Wed, 09 Sep 2015 12:26:37 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"55f0257d-52e\"\r\nexpires: Wed, 05 Aug 2026 19:36:46 GMT\r\ncache-control: max-age=31536000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OlOhOe19Ib25CIVHXqtwpWQBZnC6bNNM99iT5QIRLey1GYtHaN6ALR3rA9JwH3JnpGvPCGXAdgxd7evUX9KJjDiHwgvFRywKIoI%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 9789f141c9347131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1326,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 59 x 11, 8-bit/color RGBA, non-interlaced","md5":"ba56dcd128a5a3d31f44a1fbeaf55589","sha1":"0195f0c8690cfb4a7606cfb6a51def06cbb0006c","sha256":"9b12a4615a6783d9d51db2d9f02dc477cda4446fc2324c9f8470ef1fe8568e8f","sha512":"3da176ae3be10be34a384b947a888025bb55ee7def6aca5d598c54aab37db243ee8c5a7d551f33b5443b6c5edb83c29be00c51921ae32f03aea79648fb0fecac","ssdeep":"","tlshash":"fb21c8c9fda0e481cacdf1d228e61013c92b9c5046e9d11674cbec675bb11f1c55a5cf","first_seen":"2025-08-29T13:51:33.876794Z","last_seen":"2026-03-05T02:17:35.797967Z","times_seen":4,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":285,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:50.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/b/scripts/jsd/4710d66e8fda/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Tue, 02 Sep 2025 03:32:50 GMT\r\nserver: cloudflare\r\ncf-ray: 9789f147a9397131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10091,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T16:31:03.652024Z","times_seen":13295266,"resource_available":true,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/cdn-cgi/challenge-platform/h/b/scripts/jsd/4710d66e8fda/main.js?","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:50.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/4710d66e8fda/main.js? HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Tue, 02 Sep 2025 03:32:50 GMT\r\nserver: cloudflare\r\ncf-ray: 9789f147b93a7131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10091,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10091), with no line terminators","md5":"0b52275388e57710a7caf234fad05781","sha1":"ce5605dd9c13b12b04b5d22155801933a1ca7966","sha256":"d4ffe92d1cf27a8d1162efe109bd2b1c682a23659af7eb5eb1be6edf7019f65e","sha512":"97db6fa4dcd05ea1003e6be40b8769e724ee673af0da97f7f7fdd7badc8754fdc4e7a40ded37c1f02c2c4be171cc9dfa29e38672497cc0c346e66ce05dec5577","ssdeep":"192:7WWOLGwZ0QldkCSYGskC3OkIyIFUkWeWB4Ghym2ML:qW27CQleoIOkWeW4XML","tlshash":"ab2207cb3d5b15d4d21041b100ffbdc79ba9efac60b1ad0b821d68a86f24b48395bd69","first_seen":"2025-09-02T03:13:38.053835Z","last_seen":"2025-09-02T03:36:03.153072Z","times_seen":3,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hacg.mov/2/img/toplogo.png","fqdn":"www.hacg.mov","domain":"hacg.mov","tld":"mov"},"ip":{"addr":"104.21.77.119","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.hacg.mov/","date":"2025-09-02T03:32:49.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hacg.mov","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 11 Jul 2025 21:36:59 GMT","end":"Thu, 09 Oct 2025 22:35:22 GMT"},"fingerprint":{"sha1":"D5:77:DF:0F:94:7E:90:8A:B1:5B:2A:B6:B8:9A:17:F2:57:61:5B:2C","sha256":"13:FB:9A:AE:D3:E3:27:ED:C6:52:AF:42:14:6E:83:06:04:FF:BE:57:CE:83:1C:47:8B:10:0E:73:CA:24:05:4F"}}},"request":{"raw":"GET /2/img/toplogo.png HTTP/1.1\r\nHost: www.hacg.mov\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.hacg.mov/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 02 Sep 2025 03:32:49 GMT\r\ncontent-type: image/png\r\ncontent-length: 33414\r\nlast-modified: Thu, 10 Sep 2015 05:07:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"55f11000-8286\"\r\nexpires: Tue, 21 Jul 2026 01:51:27 GMT\r\ncache-control: max-age=31536000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QXwskHAJvYz5i43IodjLBOSkSGK6vsk07scj%2BsKfmui6d9uxcXX2QuFMuDqqDrr50np%2F6g2qXG55UD3M5zxDq2M1vzk5TrZBxJo%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 9789f141c9327131-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":33414,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 244 x 244, 8-bit/color RGBA, non-interlaced","md5":"1b6578d1cb454a3a064eac42f426eb7d","sha1":"8d86f297fac014f6c245b372bf41c123553d4090","sha256":"03be933ba438a6522570ad6a6ba084518b83fb5a76af8b947a48246ab9954753","sha512":"9e0977518bc66489863607b55f7db2f1dd3827bd92bc64e3f048889a68abd8881b827466018b78589916a9edbf5351233b23db4bcf7893ff5cc9d9cc434831df","ssdeep":"768:d4Oby+RNOLVrNF/MhEuy+3P+btZTJ8H+X4XbygOs/IfjIiDe5MQQAKm:d4ayy0VxOh13f+Zdl4rLxgrIqS","tlshash":"95e2e008824ddd5400ca792d396f36b7ad9f2940e256fed693c43a52a7344eec19743d","first_seen":"2025-08-29T13:51:33.875625Z","last_seen":"2026-03-05T02:17:35.795721Z","times_seen":4,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-02","alert":"Sinkholed","trigger":"www.hacg.mov","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}