Report - haxnode.net/faronics-deep-freeze-standard/

Report Overview

Visited public
2025-04-15 19:58:27
Tags
URL
haxnode.net/faronics-deep-freeze-standard/
Finishing URL
haxnode.net/faronics-deep-freeze-standard/
IP / ASN
104.21.64.1
#13335 CLOUDFLARENET
Title
Faronics Deep Freeze Standard v8.71.020.5734 + Patch | haxNode

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10	2025-04-09	423 B	1.6 kB	142.250.74.132
haxnode.net	210281	2021-02-18	2021-02-18	2025-03-05	30 kB	1.2 MB	104.21.112.1
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20	2025-04-09	5.0 kB	451 kB	104.18.94.41
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-04-09	1.9 kB	214 kB	142.250.178.67
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-04-09	439 B	91 kB	142.250.74.170
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-04-09	423 B	13 kB	142.250.178.74
pagead2.googlesyndication.com	101	2003-01-21	2012-05-21	2025-04-10	461 B	157 kB	142.250.178.66
www.gstatic.com	unknown	2008-02-11	2012-05-29	2025-04-09	484 B	562 kB	172.217.21.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-15 19:58:04	low	104.21.112.1	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2
2025-04-15 19:58:04	low	104.21.112.1	Client IP	ET WEB_CLIENT Observed Hunter Obfuscator Code M1
2025-04-15 19:58:04	low	104.21.112.1	Client IP	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed
2025-04-15	medium	haxnode.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (108)

	URL	From	Size	First Seen	Last Seen
	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.1 kB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:44 Last Seen2025-04-15 19:58 Times Seen2 Hash dba0cb7c701d3d9afba876c5eae3e15a 97cb8ad1b4a20f88cf5fd7637979676928443eca e9d5ab2276778a29720dfb9250b007d0b7c0339a68e288d746a256b637049662 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 141fff4494e483d215293ad3df1081d3 ae859c98313c967dbf35c0b05f21a0a0da9402e7 6a3bc953e0e0d20e788019334d7ab42f8b2c913b94592e3238877be9296ec155 Loading...

	haxnode.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=930e0385cec456b4	ScriptElement	96 kB	2025-04-15	2025-04-15
Pretty URL haxnode.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=930e0385cec456b4 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 39a4fd246b923d9d955ed04ebbe38d43 9b4229bee26fd8d9d5be2919729207274bdff3b2 f02e1a6d1b1f3c30cfe850c14b3bd71b7525799e233bae8931cc0577d3e85499 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 492a240a428c665bd44fb1db43110e42 78305db3a9e16a303e8b244f36d59179c81da794 57a3d6d57f3a9dab5ffba3afe8e2c21e201cd29e3d4d81376b16c4a49a747910 Loading...

	haxnode.net/faronics-deep-freeze-standard/	ScriptElement	94 B	2023-03-07	2025-05-07
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:19 Last Seen2025-05-07 11:38 Times Seen1810 Hash ef4c6f4ed2791029af6637c1ccd58340 ba0d690b1bec64d3a7d573abfe61416d9845e66a 9227f383e313ecc066c659fa9a86bfbbb5e3c828d16a096701b5775cdff65f25 Loading...

	haxnode.net/faronics-deep-freeze-standard/	ScriptElement	3.2 kB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 3e1bceac7a79d8cb552f7fa551f6f5ce 7e89cdb6014b8cce1a390ab16b41612965eb8d86 a3cd9a55f971ca1b38427d547985a8c69d3033e843ab6218d0788b532a8c14c4 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/faronics-deep-freeze-standard/	ScriptElement	344 B	2023-03-07	2025-05-09
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 23:30 Times Seen3104 Hash 8d7432543e755e52d556c531ec9886f4 d5a3e53a8fdbcd624fdf53ef89dc759ad9734dd0 3f0e896a7089d518e75c207fb23eb3af295005b900d2ad7ee86e898afa6b3739 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-05-10
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 142.250.178.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-10 04:18 Times Seen24170 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 97440a61982670f43eab9959d429e324 0db1df5adff55d83db4bfe89d070d11aabce1414 514a45bbd4d38698d26e37c6acd13451d52021c4f9faf40788bb1a623ed4174a Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 246a02006bfcb78c32dd79f9dcfd6bda 3ad75974f71c82ac697627d1ff8c92e35d562cf2 5258a560165df9e28ed1b92c41e454971422581f6a46b084c37b9978fe53dd1d Loading...

	haxnode.net/wp-includes/js/comment-reply.min.js?ver=6.7.2	ScriptElement	3.0 kB	2024-11-13	2025-05-10
Pretty URL haxnode.net/wp-includes/js/comment-reply.min.js?ver=6.7.2 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-13 06:33 Last Seen2025-05-10 04:24 Times Seen3659 Hash e4a49df71f8b98c1d9f9d8fce74d89e8 b95fcda0c8c26305ad94e80343d0cfca8a048a10 9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 7541b62011ba9f05830c9c58d3ab4b0d 5ff8c57338d98ff7520329774bfd4681ef433171 fbd46191f1ea0a8e3cb1b885cf29aaca2956bc144df9669576f47f0ed896d570 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash d5e6d2ef379115642e7b9bd7ca6802a4 839321cac4a1bfae3f85f993941c62703ac8c9a1 a12832bcac2c9a610d744d94790027e19c003a828c79177c28362d83425f63e6 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-03-02 18:12 Last Seen2025-05-10 04:10 Times Seen4857 Hash 6934d9d33cd2d0c005994e7d96d2e0d9 96d89030c1473585f16ec7a52050b410e44dd332 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash d277b417e5a66e7621367ebf3725d5f9 8d2843bb0ab65683817f8a803346aa19ecdf14e6 51ae2f87bfc98710f2305a66c3aa7a0506b2ecca72849f8c78249488b1154aa6 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	ScriptElement	4.4 kB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash e76defbfde859f40053422237c034e2d 83a89644816904bd5f3a0408651c8140ead8b460 aba5c1976abdc320f8ea7293f19f3470f81b4b75f3fb21719db90d7c58eec531 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 378bce73ec5844458240217de014756a d19ce7be0af45cfa06ed748e2a0b8daa50a2bc14 56174fddc4cb33898d2eca6e87d82f9638d0bcc09418d16c8ffb7e44c2e7a68c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash a01f6777e935b525e79a836aeb6f309a daf9f3a95e2555d2eac1206504d928f8e7d3134d ea1edd45018a17f2b2f8f8a5038a82d70e30ac4b7bf9d957300ca4332296a3a3 Loading...

	www.google.com/recaptcha/api.js?ver=1.30	ScriptElement	911 B	2025-03-27	2025-04-20
Pretty URL www.google.com/recaptcha/api.js?ver=1.30 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-27 18:50 Last Seen2025-04-20 04:10 Times Seen2420 Hash 135f37843e2c07df0c7a27c7d3e73042 7cd76532ce4a294c87be1d89a03c62deaa305316 89021fb494eebf4825f0072a390cf555191b27a45f7ef77f07b598e1e4876915 Loading...

	haxnode.net/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2	ScriptElement	2.9 kB	2023-03-07	2025-05-10
Pretty URL haxnode.net/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19 Last Seen2025-05-10 04:24 Times Seen973 Hash f74050f4bacb44b594f0014217a4b3c0 7f45d27c9185b2b4312140f234258bb76573a2c4 66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 1b18d44a7b164ef110a9d50a6966eacb 54d1957d47624f91c5b8e111f0caae69e65546eb 2c853d360ec93fa60443b012123fb81d40e400242fed798b76c8872d0eb179d2 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash d360895ca65ccc33f1aee774e4cd9795 767cf5b4bd0d3ced2013d71643c44202335d7918 3d18f5ea7ca3e5a920e933ee29ca25c713bbde9babcc12b68ede601a2f8c4b6a Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 085639be8a151727495247f504c1a9cd 29f023109b8eaa3b2d2e7df745b76a20766e6c6d 98543d0ea3ebfb0f399bfd33edc6e0e69aa13ec81688d6e5b79d5f64d0a1ba6e Loading...

	haxnode.net/faronics-deep-freeze-standard/	ScriptElement	87 B	2023-03-07	2025-05-10
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06 Last Seen2025-05-10 03:39 Times Seen6992 Hash bd5f648f4fa75f28b17faffe66049687 c9c2791b295684a919a2bfd7b7e2ef5aab3c178a 1a4ba4a340b3f30596d32c1b272ddcfdbf3ccb8e89c2fa917ea60469017aeee4 Loading...

	haxnode.net/faronics-deep-freeze-standard/	ScriptElement	37 kB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash b2b400883bb31c6ea502af535c1ca796 95ebcac5dc26e276e1c2459a2c9bd49ca8ab058f 11f19cbfc925a88ead7c543583084f4616d90ddc2934ce0ae39391363a1975cb Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 034ff360ac01eab35e1289caa55496ce f3c730f5ca160d9ee94d396e610b9f83c7aa911f 80df73314bb8673ded82ce53924d07f430fd1a67b006c2a7cd7793470f166779 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 0de83237008027a33c3730812e9cca63 a4cb7481df6a4121c81b2038ee80f8bde33aca1a 697fc8c1320167ec20ba46e0c0a979e4021f32c3c1f30859077be710a22a6713 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 8c5f81f39b99d24f09324d9035d00a62 467f545079e7a74dd85757311a9d5146efaaf12e 5b58352c8f76db1650384e0ed0c06475347057d56cd80c6400e92a94bf9b5318 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash d85beeb375fa26db2a310fdeb63a1272 c4df09e82eced8c93b7b3ec9efea71bf9c7b173d 17db49eb98f2420e0ba5c6899e2f09583060ebcc551c33070709d1c8e5eaee3c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	87 B	2025-02-20	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-02-20 12:03 Last Seen2025-05-10 04:21 Times Seen11371 Hash 1d2acc5165080dd018feaf08ea69e588 26698128d62a4d0c2c902723f8eb8d62043dab06 6d5c9f536080a954f2b1bfcc1f1273fda5a5d464111900b8fe9c7c49c6f2b9dc Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash d3b7a4384cacc75ccf826eb7368c8898 b3bd1dd2dd0a8c142e6a662803802ae87f83fa8c ccf79697c52355a8a4b50944596af34f368083628de21a795372a598d92c9829 Loading...

	haxnode.net/faronics-deep-freeze-standard/	ScriptElement	100 B	2025-03-20	2025-05-09
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-20 05:45 Last Seen2025-05-09 14:48 Times Seen12 Hash a7ec3f95e4bad0f6f346daf5a5c2d8aa f20ca93388b3701427384e3d094bb23a8b055058 6bebab9324b36b0edd4210fac5ac4d07a4d3a001ebe4f436eb55068a7cd9d609 Loading...

	haxnode.net/faronics-deep-freeze-standard/?__cf_chl_rt_tk=8QGPB98eo.D_.PKqA5qcRknh0rMA9c8jBnpnm.N.7yY-1744747065-1.0.1.1-SRRS2DtA00SIGl4BzrhSlgck9SpHD1kcq3BJggxLEI0	Eval	4 B	2023-03-07	2025-05-10
Pretty URL haxnode.net/faronics-deep-freeze-standard/?__cf_chl_rt_tk=8QGPB98eo.D_.PKqA5qcRknh0rMA9c8jBnpnm.N.7yY-1744747065-1.0.1.1-SRRS2DtA00SIGl4BzrhSlgck9SpHD1kcq3BJggxLEI0 IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash c80038a29e6ae0dded4b8e5fd729f2fd eac0600160897ecf874f0b37a70466ce16dd5d70 9111be3ad7ffaaff0cae41e383bd873ebd1ba5e48fa81339d86ed24d0f73e58a Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash bce3deb47debaedb1b2769f3ce6586a4 df5e7c90be9b7284d563622e1e6d642f845fc2ad 50e779ff06f30bea70e41def1d2c7016bf0515f2b8ce0d5256681f5caff3f389 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-05-10 04:21 Times Seen13755 Hash ff03fc8f0c3179fb4dcf4389f88a1c16 05ff911d7ddf2d7c14b4316a87fd08f42c618f9f 025229ec6bb50e915572750c5045d22c5fe16851fd077f1411f41b19aa1dfece Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2	ScriptElement	19 kB	2024-03-13	2025-05-10
Pretty URL haxnode.net/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-13 16:02 Last Seen2025-05-10 04:24 Times Seen46135 Hash b976b651932bfd25b9ddb5b7693d88a7 7fcb7cb5c11227f9213b1e08a07d0212209e1432 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Loading...

	challenges.cloudflare.com/turnstile/v0/b/580ba44007a6/api.js?onload=cvpQy6&render=explicit	ScriptElement	48 kB	2025-04-09	2025-04-16
Pretty URL challenges.cloudflare.com/turnstile/v0/b/580ba44007a6/api.js?onload=cvpQy6&render=explicit IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-09 17:04 Last Seen2025-04-16 08:47 Times Seen1073 Hash d00e161860ff36cf8482d4768e280cab a6d5b477886524767e67d3edee385cd2c9f41a54 ca540bf2ebcfb08c9c8c92512c58707f1a62a572efd7ac409cba2229b55f012c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash b53058c776946829a3a75b805d992fac 97f1d3ad5ff709b789aab58872f90c1a9aec747a 07432d1feba7db196f9907a7670842ef5563dacaf3c56b86f28b533ccd9b299b Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 2a0b43f10d1768a9f5da37c6c09e563d dff37073ddc6560df1223c68247c4ad8084f3846 6f2af83ce6ebabb9b44062087bf7deb537d57375e3e423181c7366b293498e07 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 7439e0905ca0d747573133234e4ad1b1 ab5b8f33dc72486805b0df2abf747c944f67ea35 3b29b6aeb8bdd636c035897f94aafc1cd123c6ca9c2bf35c794676e4dbc8769e Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 8e364428ac4546054dd59df6ba8a6908 e5e5aa6716e442ee9e729b27b26c430fb3421f35 bed0652dbf8a700e0d431005bc56adf02194399f558f2af503b43a6a47263cc6 Loading...

	haxnode.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-05-10
Pretty URL haxnode.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-10 04:24 Times Seen105782 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	haxnode.net/faronics-deep-freeze-standard/	ScriptElement	1.0 kB	2024-07-26	2025-05-09
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-26 01:18 Last Seen2025-05-09 14:48 Times Seen101 Hash 0146cbea935687f03bdef038fcac1383 8b7a839431f4c84637dbca7ab2ab8108af4d4bee 0a8139c81468cf9a4a21d28eac841a0f2a498179b78c1aecac59dd2914086e39 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 407becb5505cf3e3d6c37862302a0082 3b9a4df0412385474c4acfe9cbb17b756cf3a70e 8ff13c80564304e4e18b54293d4a46428f336c7e9ab202dfad857c9cbbd6281a Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 2c2d6c5542b917545fe9047d0e113b60 7a42736a1f3a570195be02dc9a68a72d9ec02138 c840fe09ed856d6cc616f102ea42f50c724172f9f5157f59a928ea0e1788c0bc Loading...

	haxnode.net/wp-content/plugins/easy-table-of-contents/assets/js/smooth_scroll.min.js?ver=2.0.73	ScriptElement	1.2 kB	2025-03-12	2025-05-09
Pretty URL haxnode.net/wp-content/plugins/easy-table-of-contents/assets/js/smooth_scroll.min.js?ver=2.0.73 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-12 16:27 Last Seen2025-05-09 14:48 Times Seen34 Hash 81f0d173893eab3401131bea6b2a24de cbe1ff491cc8f890c5ac8511302dd89cea5c1239 23288a00ecc43659a2cdfbd9b13996f510fb709bb15bd48712849763491ec420 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=930e038cbc1d5688&lang=auto	ScriptElement	114 kB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=930e038cbc1d5688&lang=auto IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 5e482c6a4f1af883d88c400daa8936d0 9e630cd4992d82bbee180e2f4a74f324ddd4e2f1 10d9ef09990b31e3d5fd56d727476cfefb79061ae22d0e38659635b4d08ca6aa Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 2bd44244b0c3810d935d7b43097b6a70 fc44085a50bf9a5fa12fe58dec033253ac192571 1781f67f95c61f145d76618da2984d61971f55440e266f59304eb1f58cc5f7f7 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	14 B	2024-12-12	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-05-10 04:21 Times Seen13777 Hash 33ff6022e88df59f8dfc9eb546435e9c 7f2ad96c0a1276fbc858c652a6e2d0b3c9d4d3e4 a1c845cab782ea7dec04543ec72e0b354cb8e9aae23acc02ee02b1832e3acd9a Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash cdf30655129711a0e474edc23cbc6c5d 67bf44cdd0f7d86b2f9f39b0a6ef69cfa5c8d4e0 f698e87b2c66677a76c5db3b9b63bd67bfb3138bc84739408c2975b48b1272de Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 9025b2b5888b1fe058c89f55122a1f4b 4a0d88e369e06908cf4338389311608bc13dd777 5259de0187cd6367955f6f71084d9c424e3813cb21ff1aa3976f7b4a20bfcff3 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	blizzdata.site/?h=63ab01231419d7b8b9fcdf8e5caab556&user=7536	ScriptElement	2.6 kB	2025-04-15	2025-04-15
Pretty URL blizzdata.site/?h=63ab01231419d7b8b9fcdf8e5caab556&user=7536 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 9bde43eaf126c92c423e01c01d5af0f1 a93c3f87a01618f8643dbd732da8eafa7317dae3 970d0aa655fc828effda12d0d9bb344e20334038d0b77a018621099a0cb984ee Loading...

	haxnode.net/wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.7.27	ScriptElement	76 kB	2023-03-07	2025-05-06
Pretty URL haxnode.net/wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.7.27 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-05-06 12:10 Times Seen154 Hash 3fb19d6ce1004b6c456dec717f222599 c90c583ad2ac468b93e0ad50276cd18a4d888b27 1891b054a7cf74a81590ee3ea25baa920520a70de1e1ab716a8fe2639b827e00 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	16 B	2024-12-12	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-05-10 04:21 Times Seen13722 Hash ca897fb253cc8807c5aafc947eb02fb6 25137d68712ada7d3ad424c80bc0d688a696f7bb 57f9c536daa79c4d770534dbafbe2e7b2b2aa48b9eb2617b4e670b8a78a4a4ce Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 9f39980a53fe0d997c73f4da94ebeedd e0765df8d863afb4c34d79fe628c311fb063cda6 f7a3fbe3ae2e63a44a4c3436ccc0f58968bc3d6b554d07d26cd4d99b6ff3a3f3 Loading...

	haxnode.net/faronics-deep-freeze-standard/sandbox%20eval%20code		128 B	2023-05-06	2025-05-10
Pretty URL haxnode.net/faronics-deep-freeze-standard/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-10 04:18 Times Seen24379 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash f6ef7450f3e45afbaae206a7753f59ea 215d72a25a56e89f1390d87498b513f0cd853a29 fb87d486a9c28502559815e0af79b06e4ca98f324955abc17b30d9e40905da67 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	94 B	2024-12-12	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-12 23:50 Last Seen2025-05-10 04:21 Times Seen13729 Hash f47389d2f1abd47dbebeef3e2d3ae8a7 dde5aa75f9a647e73d3e2d3fdda68898f850f72d 30893b81b3c71cdbd5cf34b54fb52f8eef50b27d8a3f2498a28d2b89bd987fda Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 542db9d1079fbcda57afd013f6db2eeb ca786b82bc95cfadd40ead7e841176c3235fb152 2ef7248a83952d024a0e81f4650c73a61230f8922fbc0e6d7a0ed0aa2a4c002c Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 5fe761a3732d34a30f936f76b907f8bc 6d01ba476915052c29f0fbc9a7c5c5575726f258 41b6fcabf0b6225b087723e3732db4d79d6e8a34dc5d44ab04bd82f83bcaf3bc Loading...

	haxnode.net/faronics-deep-freeze-standard/?__cf_chl_tk=8QGPB98eo.D_.PKqA5qcRknh0rMA9c8jBnpnm.N.7yY-1744747065-1.0.1.1-SRRS2DtA00SIGl4BzrhSlgck9SpHD1kcq3BJggxLEI0	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/?__cf_chl_tk=8QGPB98eo.D_.PKqA5qcRknh0rMA9c8jBnpnm.N.7yY-1744747065-1.0.1.1-SRRS2DtA00SIGl4BzrhSlgck9SpHD1kcq3BJggxLEI0 IP 0.0.0.0 ASN #0 Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash b7d143c53dce5589525d207301d7e574 b9fe5e023380b955dc835d533526be2bd5c54c4f 6b103f142297ce72588805deed9533991dff1b15f0c913a6c22421b1f7f91b47 Loading...

	haxnode.net/faronics-deep-freeze-standard/	ScriptElement	1.4 kB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash ff2117cf214d6e3e59505aa9fdafbd12 3cae07497d8dbfdd1e548c4c061014a2859cd365 777002a5a0cf7d5243863bfb027c0da5bad60ddff9ae5ca243fdc41d64e35374 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-05-10
Pretty URL haxnode.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-10 04:24 Times Seen92027 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	haxnode.net/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1	ScriptElement	2.5 kB	2023-03-07	2025-05-10
Pretty URL haxnode.net/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-05-10 04:24 Times Seen961 Hash 634ee9f21b34eb24ea532f2ee6042baf 6c32dedd95da07aa54c3b852d789bb529956427d ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.0 kB	2025-03-02	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-03-02 18:12 Last Seen2025-05-10 04:10 Times Seen4857 Hash 6934d9d33cd2d0c005994e7d96d2e0d9 96d89030c1473585f16ec7a52050b410e44dd332 08c9b52f61fadf1eff6fb89169f1735fbae7bb583b23cb119d0e1a0151bac952 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 846b78f422c6427e731738bb8ece9406 da413b533687cb0061f13d5bb3fdb2ad10b3b22e 1dae8dcd57ee8dc69a1f46e3f9f101766aa7d6cf40e3682c56e56af98ca571cc Loading...

	haxnode.net/wp-includes/js/underscore.min.js?ver=1.13.7	ScriptElement	19 kB	2024-09-19	2025-05-10
Pretty URL haxnode.net/wp-includes/js/underscore.min.js?ver=1.13.7 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-19 21:06 Last Seen2025-05-10 01:51 Times Seen4711 Hash 16699a7f2aebe8d676042962c3bb5537 9697e3fe2d92c79debd82478603d4b59fc249714 5152316fade8c592fbfd38bc491e059464d967d3d31a582b0c885c0961deed30 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-05-10 04:29 Times Seen14370 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 9d9310c0dd335470433bd2b98accc165 edeb432d1536e72e3538156bbbba032876032017 f74d58c3f9b74d4c92f3dab8226047f6d07c4ed246c8ace3f6638a10d3892f49 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 6358bed3adaee85426fb08e8bd7ab7ab f0f7ad09ec160e683781908e1004767da913f446 0dae33f83d4b28f1ca6ebe90ba84c4d7b1caa0a5d80cecda08ea560709360720 Loading...

	haxnode.net/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.73-1742137692	ScriptElement	4.2 kB	2025-01-28	2025-05-10
Pretty URL haxnode.net/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.73-1742137692 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-28 05:52 Last Seen2025-05-10 03:52 Times Seen69 Hash 774811547f86870ed5e676ed35bf9e0b 578ba30f95376ce238227be3200092b914e72365 dd3e3bd2dffba91f45f33f2e6c2b831ffa0cb76a3461d49b7d45fb8768f1d2d2 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 0be37f6aedb8db22ffc25bdb1d7988ba 8d560d99f28481329d7ad89bc547cb057582b4b4 59b637b6f9d509540d32a4c1e7fcd615867fc887c0b3759dce835a6a09cc78f8 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 01e6512d7e8cdc125c4cddaf3b619ec1 01e864bdd2d9432ddeecc4c3158c3c53bebd1e7e 80fc46cbcfe2b38679525c46e45607783e053f7292ff38be7fe2043ea61da549 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 5d7b57e37dc2324ec4ed354bfe51c5a4 155d71832b85eaf93b17a4218122d7d2aa5229d5 29124265b1975bf6ebd0fd61227d5f46a27f197bf5a3cd102201b6e97927d646 Loading...

	haxnode.net/faronics-deep-freeze-standard/	ScriptElement	241 B	2023-03-07	2025-05-09
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 23:30 Times Seen3100 Hash 6c92e8a437d52a3e2388f00fd52a69f9 1b25b6abf6e5a38db62f9a993c86fe26729c0f09 2af478968cfdba350d71cea6da37a73a0105a5b34eefb670d31b68e76233e051 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 01deef750f3715155a0faedc723fd7b9 c6a86cfccc91b9fd91df48af2d39d0db299124d9 51a719d4951d0d52253fee8f9674cba173522f3e53f53fa615bf34e18bd947aa Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 9a3cb1dde224dbe7f11c1d93587a75d1 dd8330def8aa5fc4aab9a1c3dd40134f84d8f3a1 b0adbc0a2e98a46984e7033b7a85deaaa433728bd7e31f11b64059b4c01a5fb8 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 1353b6b9252b5c812b5eb458fb22251d d82f0871c8df2bcc6d0b59508a256d3f05cfea27 c0cde5276d2ee4b833fb5db6822fbce5b05f41844a40002247d0c7d5071ada87 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 44ea410c6ba80ac161942951fddd4437 8b824b18b9263a1dd5dc7679b1f8796864ef0145 559e4b17eac03d3885f67b65dd087797a753b90e486ca71d7151dc90cb4d5358 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 0e39ef516238a4aa689b0dada8c77788 620d01353cd6c86d757578c70f92317c92f6885d 7ab39c7ba6882422fda9c49edd6dd8c193fe96de1a599ab04f42f7f675a6e3c5 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	6.3 kB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash d02cbdbf2bc1a732643848083b132569 d7d5830361ecd4b4c0f03a293a28d8eee5d9c369 13c85da4961474907afea110ce32d95a05cf1cbfe98e1cf01c5d31874bf39e1b Loading...

	haxnode.net/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=7.3.1	ScriptElement	3.8 kB	2025-03-31	2025-05-09
Pretty URL haxnode.net/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=7.3.1 IP 104.21.112.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-31 21:43 Last Seen2025-05-09 07:00 Times Seen40 Hash 3554109b91690289dac4fa8bde7f92cc 1f9b6737a19c83b0bf54b572c3623a25b3f53a1a 7120727ca8fcb14d4a3b6cb9376c7df2d7bf6a9cd90970ef16846f782722d334 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	haxnode.net/faronics-deep-freeze-standard/	Eval	1.3 MB	2025-04-15	2025-04-15
Pretty URL haxnode.net/faronics-deep-freeze-standard/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-04-15 19:58 Last Seen2025-04-15 19:58 Times Seen1 Hash 9e1afba8e7a2e39ffc4430a7d714d30e 4c74be02debdb39eff71fb5db7157d6302451aa2 11dabe0bb303868938fbb21e7be0006fac13b00cd417c898169abcc3645f9e27 Loading...

	challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/	Eval	4 B	2023-03-07	2025-05-10
Pretty URL challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ IP 104.18.94.41 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen368861 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

		Size	First Seen	Last Seen
	#1 Write - 086707e4369f60afedcafb16050a7618	39 B	2023-03-07 01:03	2025-05-10 04:21
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 04:21 Times Seen57591 Hash 086707e4369f60afedcafb16050a7618 8216b0cc6876cbd44f01c158e7dff3833ceccd41 a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Loading...

HTTP Transactions (53)

URL IP Response Size

haxnode.net/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.73-1742137692

104.21.112.1

200 OK

4.2 kB

URL GET
haxnode.net/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.73-1742137692
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with very long lines (4233), with no line terminators
Size
4.2 kB (4233 bytes)
Hash
774811547f86870ed5e676ed35bf9e0b
578ba30f95376ce238227be3200092b914e72365
dd3e3bd2dffba91f45f33f2e6c2b831ffa0cb76a3461d49b7d45fb8768f1d2d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.73-1742137692 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 1472
Connection: keep-alive
Last-Modified: Sun, 16 Mar 2025 15:08:12 GMT
ETag: "1089-630770a49bd39-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4AFd5wNREKULYyBif7h%2FcFQfW3UKFy%2Fp64Yo1ahnJr2cUrtqbSiJ%2B5CbVmNBQPw5U8bkEG5jWkM4lPUS6nKxwvjdRg3thyFKMV79Q0OpnlcrRJk1emWzP%2BX6puLvyA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fd7fd356ab-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=766&min_rtt=503&rtt_var=273&sent=23&recv=21&lost=0&retrans=0&sent_bytes=22922&recv_bytes=3031&delivery_rate=23737704&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/930e038cbc1d5688/1744747067377/0Namp5VnG9r_52M

104.18.94.41

200 OK

61 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/d/930e038cbc1d5688/1744747067377/0Namp5VnG9r_52M
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT

File type
PNG image data, 79 x 42, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
09f185d81479c7051a1098c56b3fd668
3eb6494cf4acc6881cf3e89bb510a4bce660694b
93a40f7c9eafef55146940eb2b2f7195311f1fa440038360d0f041bc3b207530

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/d/930e038cbc1d5688/1744747067377/0Namp5VnG9r_52M HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:57:48 GMT
content-type: image/png
content-length: 61
priority: u=4,i=?0
server: cloudflare
cf-ray: 930e039a2f385688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

haxnode.net/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png

104.21.112.1

200 OK

16 kB

URL GET
haxnode.net/wp-content/plugins/chp-ads-block-detector/assets/img/icon.png
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
PNG image data, 350 x 350, 8-bit colormap, non-interlaced
Size
16 kB (15671 bytes)
Hash
134fce13c189ed0e483a1bddb6406204
eed559ac52e9731c56a1fb03eb94fc82e551bb66
723597ec6e9461e79c420faf0454170cf6f9243246a4fac3cef5f05a4b5be791

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/chp-ads-block-detector/assets/img/icon.png HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: image/png
Content-Length: 15671
Connection: keep-alive
Last-Modified: Tue, 18 Feb 2025 14:23:56 GMT
ETag: "3d37-62e6b6422a993"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jT3KNuGoU29%2FrQeii2UjnlvdgWvHhsmjVg58sFYbWCiJAiuBls447IE2ONMKfAIq8C318TwmZiqHzKgfmM6q4uwTG3X4lPGxjh424RI%2FYQSiSmZWzy9Z%2Fs2BK7z5fA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930e03fe0b98b4f7-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1386&min_rtt=414&rtt_var=1222&sent=28&recv=18&lost=0&retrans=1&sent_bytes=30588&recv_bytes=3660&delivery_rate=18190954&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/themes/hueman/assets/front/webfonts/fa-regular-400.woff2?v=5.15.2

104.21.112.1

200 OK

14 kB

URL GET
haxnode.net/wp-content/themes/hueman/assets/front/webfonts/fa-regular-400.woff2?v=5.15.2
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
Web Open Font Format (Version 2), TrueType, length 13588, version 331.-31327
Size
14 kB (13588 bytes)
Hash
847712aaabbeba674afdda86d31cab17
c07631a91ee71c0a1a84a3151db42b1f2d9a9692
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/hueman/assets/front/webfonts/fa-regular-400.woff2?v=5.15.2 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://haxnode.net/faronics-deep-freeze-standard/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: font/woff2
Content-Length: 13588
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2024 17:06:05 GMT
ETag: "3514-62929d8ad8787"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wcdx9xOqH0pZC6YB%2F%2F6vKUJDztuP8Umg9p4L7XcgXQXwG1Swfo3ehd9eTGtWClF%2BrBM7YGAvdG2V44yzCLptOncKGdTOpgTA1u07WSYN3RoNQIrfWrUl0D0Pxtxoug%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930e03fc6991b4f7-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=660&min_rtt=414&rtt_var=187&sent=12&recv=14&lost=0&retrans=0&sent_bytes=13817&recv_bytes=1855&delivery_rate=18190954&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=7.3.1

104.21.112.1

200 OK

3.8 kB

URL GET
haxnode.net/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=7.3.1
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with very long lines (1688), with CRLF line terminators
Size
3.8 kB (3829 bytes)
Hash
3554109b91690289dac4fa8bde7f92cc
1f9b6737a19c83b0bf54b572c3623a25b3f53a1a
7120727ca8fcb14d4a3b6cb9376c7df2d7bf6a9cd90970ef16846f782722d334

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=7.3.1 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 1498
Connection: keep-alive
Last-Modified: Mon, 07 Apr 2025 10:10:38 GMT
ETag: "ef5-6322d72a4ee9e-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbYbIEgEC%2BX%2F1dfIp8F3J0bwyXhrRZBVIXt48CPCsE25sOTIjEk%2FiDKiW3PD0QL%2Blhg%2FCTgySFvR0vhT8lDOf5i0PrPIsjnQKh%2Fbnk2xNr5r1z%2B8lTV4XbvN2ACYBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fb8cba56a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=899&min_rtt=447&rtt_var=209&sent=76&recv=68&lost=0&retrans=0&sent_bytes=86108&recv_bytes=13399&delivery_rate=20368286&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1

104.21.112.1

200 OK

2.5 kB

URL GET
haxnode.net/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with very long lines (2369), with CRLF line terminators
Size
2.5 kB (2542 bytes)
Hash
634ee9f21b34eb24ea532f2ee6042baf
6c32dedd95da07aa54c3b852d789bb529956427d
ef09f4bec10862578ab2a20b0b0f5cff4faef4b3ce0fe01872a1460ad0d72c50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 1101
Connection: keep-alive
Last-Modified: Sun, 16 Mar 2025 15:08:12 GMT
ETag: "9ee-630770a49ccd9-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38RYTJPpt9Y2U09P4Yw13lL721YGSyC33WjeOt7X8p0V%2Fr8xqZVXzLG4VKnlxomNqKwzy%2BNVaRKpZNInbGgm%2F%2BcB1D%2Faih27LSnDFHYgRuhfsnKq9P9uVBAIioIo7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fd5a11b529-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1180&min_rtt=482&rtt_var=1388&sent=62&recv=9&lost=0&retrans=0&sent_bytes=83703&recv_bytes=2757&delivery_rate=7083158&cwnd=251&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.178.67

200 OK

51 kB

URL GET
fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.178.67:80
ASN
#15169 GOOGLE

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
Web Open Font Format (Version 2), TrueType, length 51404, version 1.0
Size
51 kB (51404 bytes)
Hash
b904fcdf1c4c6059fadd6893a7bc7619
f41d1674f02616f03ef77d4e84b3ad8ba28a36fc
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

HTTP Headers

GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 51404
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 12 Apr 2025 08:27:21 GMT
Expires: Sun, 12 Apr 2026 08:27:21 GMT
Cache-Control: public, max-age=31536000
Age: 300643
Last-Modified: Wed, 18 Oct 2023 17:52:59 GMT
Content-Type: font/woff2

challenges.cloudflare.com/turnstile/v0/b/580ba44007a6/api.js?onload=cvpQy6&render=explicit

104.18.94.41

200 OK

48 kB

URL GET
challenges.cloudflare.com/turnstile/v0/b/580ba44007a6/api.js?onload=cvpQy6&render=explicit
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT

File type
JavaScript source, ASCII text, with very long lines (48122)
Size
48 kB (48123 bytes)
Hash
d00e161860ff36cf8482d4768e280cab
a6d5b477886524767e67d3edee385cd2c9f41a54
ca540bf2ebcfb08c9c8c92512c58707f1a62a572efd7ac409cba2229b55f012c

HTTP Headers

GET /turnstile/v0/b/580ba44007a6/api.js?onload=cvpQy6&render=explicit HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 15 Apr 2025 19:57:45 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 04 Apr 2025 13:58:27 GMT
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 930e0388af4356ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/

104.18.94.41

200 OK

28 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT

File type
HTML document, ASCII text, with very long lines (22054)
Size
28 kB (27662 bytes)
Hash
c4fb2c587c451443ec3bf24a799a6b4d
8a925dcf5b710497ddaa51dcc38f0b4fb9f7e3e5
56d90563529ddeebd4cfb24082bffc3a8fd500268fe2a3dd9402330a26810565

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:57:46 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: default-src 'none'; script-src 'nonce-PguKuc7QvewqaCg6' 'unsafe-eval'; script-src-attr 'none'; worker-src blob:; style-src 'unsafe-inline'; img-src 'self'; connect-src 'self'; frame-src 'self' blob:; child-src 'self' blob:; form-action 'none'; base-uri 'self'; sandbox allow-same-origin allow-scripts allow-popups allow-forms
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
origin-agent-cluster: ?1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
referrer-policy: same-origin
document-policy: js-profiling
priority: u=4,i=?0
server: cloudflare
cf-ray: 930e038cbc1d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

haxnode.net/wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.7.27

104.21.112.1

200 OK

76 kB

URL GET
haxnode.net/wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.7.27
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (39708), with CRLF line terminators
Size
76 kB (76124 bytes)
Hash
3fb19d6ce1004b6c456dec717f222599
c90c583ad2ac468b93e0ad50276cd18a4d888b27
1891b054a7cf74a81590ee3ea25baa920520a70de1e1ab716a8fe2639b827e00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/hueman/assets/front/js/scripts.min.js?ver=3.7.27 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 21302
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2024 17:06:05 GMT
ETag: "1295c-62929d8ad6847-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lL1AYNPKOeE6xrcUO68cofQm2FK%2FvYmQZK3DL7%2BReF3ynD9K2PeEPOKRwKKeEantncg36nzYHljUwfpCiD5sU8eRdiejMC%2B%2BUmTjwOiVdb3vgb51cliw6r913EYn5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fde89356a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=885&min_rtt=447&rtt_var=306&sent=139&recv=74&lost=0&retrans=0&sent_bytes=169459&recv_bytes=16128&delivery_rate=56546722&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-json/wordpress-popular-posts/v2/views/23533

104.21.32.1

403 Forbidden

0 B

URL OPTIONS
haxnode.net/wp-json/wordpress-popular-posts/v2/views/23533
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjecthaxnode.net
Fingerprint7A:0A:20:8C:B0:91:B8:62:69:CE:50:85:D8:29:A6:DA:68:95:8E:C0
ValidityMon, 24 Mar 2025 22:51:23 GMT - Sun, 22 Jun 2025 23:49:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /wp-json/wordpress-popular-posts/v2/views/23533 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with,x-wp-nonce
Referer: http://haxnode.net/
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Tue, 15 Apr 2025 19:58:04 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzCvD0gxC9hsigPkl9eYZT1KuBk95UrIHQR4wCePp43iJnmLUnWip4KXSzjSUuN1ujqAVh%2BkbCt%2FdPldEQGEfXfXRl7%2FxK7qHm%2F9I1UI2C4kEz15gdEOa3uv8GR2TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server-timing: chlray;desc="930e03fc68d00b31", cfL4;desc="?proto=QUIC&rtt=9477&min_rtt=4327&rtt_var=3979&sent=15&recv=11&lost=0&retrans=0&sent_bytes=3911&recv_bytes=1352&delivery_rate=1860&cwnd=12000&unsent_bytes=0&cid=c725e2f1b35a5294&ts=18134&x=16"
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 930e03fc68d00b31-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

haxnode.net/favicon.ico

104.21.112.1

302 Found

0 B

URL GET
haxnode.net/favicon.ico
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://haxnode.net/faronics-deep-freeze-standard/?__cf_chl_rt_tk=8QGPB98eo.D_.PKqA5qcRknh0rMA9c8jBnpnm.N.7yY-1744747065-1.0.1.1-SRRS2DtA00SIGl4BzrhSlgck9SpHD1kcq3BJggxLEI0
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 15 Apr 2025 19:57:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://haxnode.net/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://haxnode.net/wp-content/uploads/2019/03/hn-logo-150x150.png
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjYVAulpcMAmA9FDmTG5CY764Z2l0LqR8PnY6v7QCVDbfSCCNvAzKGksg0de5XgO0vNdbwxTbEFVEyvgilVZAhr8yXBSk5rxEpBXvjLaEr5KTZzBPrRNZmCcfLfv9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930e0387fde956a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=709&min_rtt=447&rtt_var=173&sent=30&recv=22&lost=0&retrans=0&sent_bytes=37132&recv_bytes=1040&delivery_rate=17079947&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/cdn-cgi/challenge-platform/h/b/flow/ov1/119380093:1744745139:EEHF1abbIy4B2cDwSFAC3mevmGtDX6YlOD6hCg6zIUw/930e0385cec456b4/P_GlcIzAfvPMYW7GExl4TM.xjNjFnTZ.dhUM.t7jFKY-1744747065-1.2.1.1-e.pK2Ye.UGAa1wc10l.tlhvpMdi12ITaBZT.cdR1D23p_39D2lcNy0_XysTxnuRQ

104.21.112.1

200 OK

17 kB

URL POST
haxnode.net/cdn-cgi/challenge-platform/h/b/flow/ov1/119380093:1744745139:EEHF1abbIy4B2cDwSFAC3mevmGtDX6YlOD6hCg6zIUw/930e0385cec456b4/P_GlcIzAfvPMYW7GExl4TM.xjNjFnTZ.dhUM.t7jFKY-1744747065-1.2.1.1-e.pK2Ye.UGAa1wc10l.tlhvpMdi12ITaBZT.cdR1D23p_39D2lcNy0_XysTxnuRQ
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
ASCII text, with very long lines (16952), with no line terminators
Size
17 kB (16952 bytes)
Hash
a76314cae8796c7e38b4b0da1ee9a623
dc6f3cc9542e5cf8efa27120a22b5bc348347820
30c8c6f66ce603038242e16dc016d42ef678bede8fea7afabdc3ac143d96f726

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/119380093:1744745139:EEHF1abbIy4B2cDwSFAC3mevmGtDX6YlOD6hCg6zIUw/930e0385cec456b4/P_GlcIzAfvPMYW7GExl4TM.xjNjFnTZ.dhUM.t7jFKY-1744747065-1.2.1.1-e.pK2Ye.UGAa1wc10l.tlhvpMdi12ITaBZT.cdR1D23p_39D2lcNy0_XysTxnuRQ HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://haxnode.net/faronics-deep-freeze-standard/
cf-chl: P_GlcIzAfvPMYW7GExl4TM.xjNjFnTZ.dhUM.t7jFKY-1744747065-1.2.1.1-e.pK2Ye.UGAa1wc10l.tlhvpMdi12ITaBZT.cdR1D23p_39D2lcNy0_XysTxnuRQ
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1993
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:57:45 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: WCDvX/WU8iRbZYSaqopfYvGdB4yPh+RrIV1avwcd7EI=$dgq1sX7z89V5f0xDrdf+VQ==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XcDr7v7zXOxDXp3uP9ZTi9VWePBwbfOFbjBJmgI2Nf5fwGygLs0Hkg7vgvVN6kn9mwveMEwTrqtmu0%2BmfBwTwZugDBUW3yg5emOCUGLOVJkeGkjCdpvpYak2Sr2hcA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e0389b80056a5-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=879&min_rtt=447&rtt_var=470&sent=33&recv=25&lost=0&retrans=0&sent_bytes=38112&recv_bytes=3868&delivery_rate=17079947&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js

142.250.74.170

200 OK

90 kB

URL GET
ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint3C:2E:67:30:A6:95:F3:D3:61:49:AB:AC:BC:D1:CF:77:3E:33:8F:B7
ValidityThu, 20 Mar 2025 11:19:46 GMT - Thu, 12 Jun 2025 11:19:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89664 bytes)
Hash
00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

HTTP Headers

GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Apr 2025 09:17:32 GMT
expires: Fri, 10 Apr 2026 09:17:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 470433
last-modified: Thu, 08 Sep 2022 18:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

haxnode.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

104.21.112.1

200 OK

88 kB

URL GET
haxnode.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87553 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 30368
Connection: keep-alive
Last-Modified: Wed, 07 Aug 2024 14:34:37 GMT
ETag: "15601-61f18cf3fb940-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Br4hyRLsDO3%2FXRWrMnP3drOP5%2BmjbwUv%2BZg1hWUf406OpIE0OBHk8ig3gQ%2BXsUDKRGn5VwZLn5hNkKUUWLSlWhfr7AzVhAnj8iBb8c%2B6atRAMn9e%2FPSBJwEHeCtdsA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fc7b850b3d-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=423&min_rtt=394&rtt_var=163&sent=4&recv=6&lost=0&retrans=0&sent_bytes=1501&recv_bytes=1759&delivery_rate=5526717&cwnd=251&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

fonts.gstatic.com/s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2

142.250.178.67

200 OK

57 kB

URL GET
fonts.gstatic.com/s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
IP
142.250.178.67:80
ASN
#15169 GOOGLE

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
Web Open Font Format (Version 2), TrueType, length 56996, version 1.0
Size
57 kB (56996 bytes)
Hash
d5547aea79a622cb2b4d18c905ab22c2
3d69fb0712097f39bd7bf057866fcc4448a37008
4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792

HTTP Headers

GET /s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 56996
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 14 Apr 2025 14:39:34 GMT
Expires: Tue, 14 Apr 2026 14:39:34 GMT
Cache-Control: public, max-age=31536000
Age: 105510
Last-Modified: Wed, 18 Oct 2023 17:53:14 GMT
Content-Type: font/woff2

haxnode.net/wp-content/uploads/2019/09/cropped-haxnode.png

104.21.32.1

200 OK

18 kB

URL GET
haxnode.net/wp-content/uploads/2019/09/cropped-haxnode.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjecthaxnode.net
Fingerprint7A:0A:20:8C:B0:91:B8:62:69:CE:50:85:D8:29:A6:DA:68:95:8E:C0
ValidityMon, 24 Mar 2025 22:51:23 GMT - Sun, 22 Jun 2025 23:49:55 GMT

File type
PNG image data, 876 x 312, 8-bit/color RGBA, non-interlaced
Size
18 kB (17653 bytes)
Hash
5f0ce6ceae4e64c0d5a57ea6dcb07cc7
10106d17208d4ed5cff623074984d229ff8b5f51
83d1ef699bfc77c78238fd2e90f720632161cb9a99ee63aa4948b15e1eb725cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/09/cropped-haxnode.png HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:58:04 GMT
content-type: image/png
content-length: 17653
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3a8Y7eYEg2R0GNEh2mLBD4U5w0KUrGrXOGqC42EIyjKjHi5fmzGoHmQisq%2Ffm4fT%2F63lF5eOvx5j5TfbUJ4tKc8YwN%2BsjjvgLBweukaQmvSVBpsgrZmdU4qpAtaz%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 15 Mar 2021 19:44:32 GMT
etag: "44f5-5bd987a888800"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 930e03fba8be0b31-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9477&min_rtt=4327&rtt_var=3979&sent=15&recv=11&lost=0&retrans=0&sent_bytes=3911&recv_bytes=1352&delivery_rate=1860&cwnd=12000&unsent_bytes=0&cid=c725e2f1b35a5294&ts=18190&x=16"

fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.178.67

200 OK

51 kB

URL GET
fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.178.67:80
ASN
#15169 GOOGLE

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
Web Open Font Format (Version 2), TrueType, length 51404, version 1.0
Size
51 kB (51404 bytes)
Hash
b904fcdf1c4c6059fadd6893a7bc7619
f41d1674f02616f03ef77d4e84b3ad8ba28a36fc
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

HTTP Headers

GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 51404
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 12 Apr 2025 08:27:21 GMT
Expires: Sun, 12 Apr 2026 08:27:21 GMT
Cache-Control: public, max-age=31536000
Age: 300643
Last-Modified: Wed, 18 Oct 2023 17:52:59 GMT
Content-Type: font/woff2

haxnode.net/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=7.3.1

104.21.112.1

200 OK

1.7 kB

URL GET
haxnode.net/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=7.3.1
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
ASCII text, with CRLF line terminators
Size
1.7 kB (1743 bytes)
Hash
c45f68fb3fc3a1b08f93a0827ea4b067
bded618d3417d75a378470e91e070ff92d6c097c
1860b9a4475b564ae977f1a4413f7bbb668ec4a3de07a974baeaae0a6803c02d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=7.3.1 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/css
Content-Length: 578
Connection: keep-alive
Last-Modified: Mon, 07 Apr 2025 10:10:38 GMT
ETag: "6cf-6322d72a4defe-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQeQ7FNplrtw9UheqHvr3o%2FIDKtAwX7i67sPO0w8v9NFtyr33p2T6PgzSXkG3Ova3BuNbiuP13ZDaWyczFmtrC6p4NKPnRUS9FMcmpEBJgyfeJQPG%2FfeKtL4CtPwFA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fb9a840b3d-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=394&min_rtt=394&rtt_var=197&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=900&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/plugins/easy-table-of-contents/assets/js/smooth_scroll.min.js?ver=2.0.73

104.21.112.1

200 OK

1.2 kB

URL GET
haxnode.net/wp-content/plugins/easy-table-of-contents/assets/js/smooth_scroll.min.js?ver=2.0.73
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with very long lines (1239), with no line terminators
Size
1.2 kB (1239 bytes)
Hash
81f0d173893eab3401131bea6b2a24de
cbe1ff491cc8f890c5ac8511302dd89cea5c1239
23288a00ecc43659a2cdfbd9b13996f510fb709bb15bd48712849763491ec420

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/easy-table-of-contents/assets/js/smooth_scroll.min.js?ver=2.0.73 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 553
Connection: keep-alive
Last-Modified: Sun, 16 Mar 2025 15:08:12 GMT
ETag: "4d7-630770a49bd39-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0U8Bn06zcz9sdh45p5JpHEhVPuMDkMIC5cPx3uW5Zr6KKgPf3SN8xhQYRcAaEvOGlKNzuioznTmjyi7wDG4K4K%2B0Q5YYgzFu5AX%2BeO4CxBLA9WMrDIEksEb4TrgLAg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fd2f4256a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=929&min_rtt=447&rtt_var=305&sent=136&recv=72&lost=0&retrans=0&sent_bytes=167959&recv_bytes=15248&delivery_rate=56546722&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2

104.21.112.1

200 OK

19 kB

URL GET
haxnode.net/wp-includes/js/wp-emoji-release.min.js?ver=6.7.2
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with very long lines (15752)
Size
19 kB (18726 bytes)
Hash
b976b651932bfd25b9ddb5b7693d88a7
7fcb7cb5c11227f9213b1e08a07d0212209e1432
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.7.2 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 5062
Connection: keep-alive
Last-Modified: Thu, 08 Aug 2024 03:12:25 GMT
ETag: "4926-61f23655e0c3c-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbudPPeZO3qICGN1MG1Nu6UyVzdjybS6kFkv8HV6VbBKxP%2B%2FKOjYaTMEWo%2B45y21lXEoPn03M5rdYEInoPdlsQgUJ%2B35bCF3cjl9cXZnhHp96gjp9qfdiAksf1zn0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e04003eaeb529-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1125&min_rtt=482&rtt_var=1151&sent=65&recv=11&lost=0&retrans=0&sent_bytes=85755&recv_bytes=3619&delivery_rate=7083158&cwnd=251&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/uploads/2019/03/hn-logo.png

104.21.32.1

200 OK

4.6 kB

URL GET
haxnode.net/wp-content/uploads/2019/03/hn-logo.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjecthaxnode.net
Fingerprint7A:0A:20:8C:B0:91:B8:62:69:CE:50:85:D8:29:A6:DA:68:95:8E:C0
ValidityMon, 24 Mar 2025 22:51:23 GMT - Sun, 22 Jun 2025 23:49:55 GMT

File type
PNG image data, 400 x 332, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4571 bytes)
Hash
1042c6a64956cd4d496049ca6a6b11ae
f66a26b7bf6d57babd930ba54086755a9647dcc0
d24ff7ccd6e6cfa03a826c6081250021965676dcb54f52d82b3791a9cc802d78

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/hn-logo.png HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:58:05 GMT
content-type: image/png
content-length: 4571
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKJg7nEQKVVPGKYt4ti8zm4QHm8rmvCDqxQxEnJt9C94n7Foptq2dsa7sD12i5iPY1tRtOvQYWfFPxULJrT9JYqXj3lZhFecRi2rlxnX01uGP9MixYmvOHZ%2B66aItA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 15 Mar 2021 19:44:04 GMT
etag: "11db-5bd9878dd4900"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
cf-ray: 930e0401f9190b31-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9477&min_rtt=4327&rtt_var=3979&sent=15&recv=11&lost=0&retrans=0&sent_bytes=3911&recv_bytes=1352&delivery_rate=1860&cwnd=12000&unsent_bytes=0&cid=c725e2f1b35a5294&ts=19185&x=16"

fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext

142.250.178.74

200 OK

12 kB

URL GET
fonts.googleapis.com/css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext
IP
142.250.178.74:80
ASN
#15169 GOOGLE

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
ASCII text
Size
12 kB (12225 bytes)
Hash
5e62fc442f2c84d6a5eb1932289eb4ab
9322a461b7ca23fe0f5b4125edb3ad314581fd76
ae45a00bd1971706fc10df3224806940c560ef6425483e87c128a1c383f771a4

HTTP Headers

GET /css?family=Roboto+Condensed:400,300italic,300,400italic,700&subset=latin,cyrillic-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 15 Apr 2025 19:58:04 GMT
Date: Tue, 15 Apr 2025 19:58:04 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

haxnode.net/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2

104.21.112.1

200 OK

2.9 kB

URL GET
haxnode.net/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
2.9 kB (2907 bytes)
Hash
f74050f4bacb44b594f0014217a4b3c0
7f45d27c9185b2b4312140f234258bb76573a2c4
66361c617e79f2f0643b4ce1a922a59cb6d4e048fa3ee5cbc2309ab826af40ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 1280
Connection: keep-alive
Last-Modified: Sun, 16 Mar 2025 15:08:12 GMT
ETag: "b5b-630770a49ccd9-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubijMsODhvJ%2FTKSdAFR2rdpL4LDCc%2B5qqVJexyNezEEhm%2B7DRBLthLLBJ9Sj%2FpiRaoqeiEsCbDrlpSG22cQo5wSt81pHdoyZWh1xB7xIHmdDbTiPXz7i3KbalbEfcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fd5abbb4f7-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=1328&min_rtt=414&rtt_var=1475&sent=25&recv=16&lost=0&retrans=1&sent_bytes=28357&recv_bytes=2763&delivery_rate=18190954&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

142.250.178.67

200 OK

51 kB

URL GET
fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
142.250.178.67:80
ASN
#15169 GOOGLE

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
Web Open Font Format (Version 2), TrueType, length 51404, version 1.0
Size
51 kB (51404 bytes)
Hash
b904fcdf1c4c6059fadd6893a7bc7619
f41d1674f02616f03ef77d4e84b3ad8ba28a36fc
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

HTTP Headers

GET /s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 51404
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 12 Apr 2025 08:27:21 GMT
Expires: Sun, 12 Apr 2026 08:27:21 GMT
Cache-Control: public, max-age=31536000
Age: 300643
Last-Modified: Wed, 18 Oct 2023 17:52:59 GMT
Content-Type: font/woff2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.178.66

200 OK

156 kB

URL GET
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.178.66:443
ASN
#15169 GOOGLE

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subject*.g.doubleclick.net
Fingerprint78:5B:F8:FF:50:87:46:A8:DF:37:9D:38:26:34:7C:3B:1B:89:3C:DF
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, ASCII text, with very long lines (4158)
Size
156 kB (155767 bytes)
Hash
057c938233859d813aba7b3e7630aca7
2c32381c1f60efe47630aa3e5445270c53e65975
ee1179e69716b2c9d7734edf26ad40c7593e2f68ca33b34c41a6f53b838fb2d2

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Tue, 15 Apr 2025 19:58:05 GMT
expires: Tue, 15 Apr 2025 19:58:05 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 13613124441294287981
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js

172.217.21.163

200 OK

562 kB

URL GET
www.gstatic.com/recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js
IP
172.217.21.163:443
ASN
#15169 GOOGLE

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint04:FF:92:E7:16:B0:49:91:8B:B7:8D:C6:93:B9:20:B4:2A:33:9F:A8
ValidityThu, 20 Mar 2025 11:19:45 GMT - Thu, 12 Jun 2025 11:19:44 GMT

File type
JavaScript source, ASCII text, with very long lines (594)
Size
562 kB (561652 bytes)
Hash
a3ba6f3831dfac23271ed79db3467b14
2f93eae45276abdcf26b684ef45036c7bf0d7f61
9c60f375bb60b19dc9bb69d9f8abc316d7652a2f088b26c42fccbdfc15e6ff6a

HTTP Headers

GET /recaptcha/releases/hbAq-YhJxOnlU-7cpgBoAJHb/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 221651
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Apr 2025 18:02:44 GMT
expires: Wed, 15 Apr 2026 18:02:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Mar 2025 02:01:29 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 6921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

haxnode.net/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.7.27

104.21.112.1

200 OK

60 kB

URL GET
haxnode.net/wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.7.27
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
ASCII text, with very long lines (59326), with CRLF line terminators
Size
60 kB (59511 bytes)
Hash
193a764767dd5968360412c9e5a5a9e6
ea38e5ef30f4f918a755b6415151e1413c80b635
6c76cae4aabc1d4236da2fecf8fcae818a2cf95406446774ccf9db5ca14d4b59

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/hueman/assets/front/css/font-awesome.min.css?ver=3.7.27 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/css
Content-Length: 12884
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2024 17:06:05 GMT
ETag: "e877-62929d8ad29c7-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASyVZ%2BZrPTB1u4JZR6pmVVIgcu3jGYn8ZsH1tmqJIVg27PEeWFzQAFx55ekq5kYezt0kyz%2BqoPMRTzMmLHCyW%2BMRYn0C9Db6pAOFtWIU9R3uhCx%2BRRt35uwFoKBtYA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fb9868b4f7-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=414&min_rtt=414&rtt_var=207&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=902&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/uploads/2023/12/Faronics-Deep-Freeze-Standard.png

104.21.32.1

200 OK

30 kB

URL GET
haxnode.net/wp-content/uploads/2023/12/Faronics-Deep-Freeze-Standard.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjecthaxnode.net
Fingerprint7A:0A:20:8C:B0:91:B8:62:69:CE:50:85:D8:29:A6:DA:68:95:8E:C0
ValidityMon, 24 Mar 2025 22:51:23 GMT - Sun, 22 Jun 2025 23:49:55 GMT

File type
PNG image data, 400 x 320, 8-bit colormap, non-interlaced
Size
30 kB (29623 bytes)
Hash
b7f9a789cdc571c4257865076367532f
6ae52f7d34b89684864d0877d1b79b882555a07c
5a03691b01408253b7d316c8a58af022dd0e1009428374daaa7d52e6726f4fc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/12/Faronics-Deep-Freeze-Standard.png HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:58:04 GMT
content-type: image/png
content-length: 29623
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xAJc8eV9KzDD7Jp74R%2BndNelWDsFnnCbB1cosu%2FfcFVw6FGTPNssHc8YBbR6VLT1zp4w%2FA1g4DmPXW0JxsusUOG%2FudqE1AtMt1WiNUiNWoO%2BIUUU0YS61I8i917IMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 31 Dec 2023 16:36:09 GMT
etag: "73b7-60dd0dcd88e2e"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 930e03fba8bf0b31-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9477&min_rtt=4327&rtt_var=3979&sent=15&recv=11&lost=0&retrans=0&sent_bytes=3911&recv_bytes=1352&delivery_rate=1860&cwnd=12000&unsent_bytes=0&cid=c725e2f1b35a5294&ts=18227&x=16"

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1459382755:1744745152:Z5AiYg5gRDuO2TTmHtKmlzSrk4uNKcESg-OLATKce30/930e038cbc1d5688/6KD67YM3Iks38mf.AZ.4rqVr6JtP__T4w3fKoXYzk3E-1744747066-1.1.1.1-Y2UliRW9IDvLC8OgUQpB4FRDsptXKJm0vyKjSUVcDh_zkaweyYVwACc8S8_WsIQJ

104.18.94.41

200 OK

229 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1459382755:1744745152:Z5AiYg5gRDuO2TTmHtKmlzSrk4uNKcESg-OLATKce30/930e038cbc1d5688/6KD67YM3Iks38mf.AZ.4rqVr6JtP__T4w3fKoXYzk3E-1744747066-1.1.1.1-Y2UliRW9IDvLC8OgUQpB4FRDsptXKJm0vyKjSUVcDh_zkaweyYVwACc8S8_WsIQJ
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
229 kB (228684 bytes)
Hash
a4ce7d31899dfa599ceb91a4fef9f7c0
937f2083fbb0a96f68dbfb33202e6219fa0bd7b9
dbd1dc729feb6e21bc5ab4c91f414968c9261700753f111819e92e3c4a5d3499

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1459382755:1744745152:Z5AiYg5gRDuO2TTmHtKmlzSrk4uNKcESg-OLATKce30/930e038cbc1d5688/6KD67YM3Iks38mf.AZ.4rqVr6JtP__T4w3fKoXYzk3E-1744747066-1.1.1.1-Y2UliRW9IDvLC8OgUQpB4FRDsptXKJm0vyKjSUVcDh_zkaweyYVwACc8S8_WsIQJ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
cf-chl: 6KD67YM3Iks38mf.AZ.4rqVr6JtP__T4w3fKoXYzk3E-1744747066-1.1.1.1-Y2UliRW9IDvLC8OgUQpB4FRDsptXKJm0vyKjSUVcDh_zkaweyYVwACc8S8_WsIQJ
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 3767
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:57:47 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: I/zz4ZO5Uu5+lrpra3otdqRJO3QKEGE+Ofs/dGxGNfMiUhaUvezKk1c0Nt2QLUCFPJvSVxV1F6CBnuusgjuMa25Vf/FPCx55SZ1oRMNbPo8zdVPcsut+F67Qgjna3xfL60ZPWZif4zXF5qj96PbaPSP2+eNW9rNhoICOYkN+8BAa8e3yBirAoabLlsAYd4shD0v2KNmB3WkKCrEUOnbvIRculHKB2byA4qzh/VOmAXyyI0TasruKLZuvX3Hv2BU/zWFjXE6TPYOfQCZ15Z6MgleWYX3VooW/dAIHlLH9SjLkg7h2JgRx7ggnacj9QQgn1Dd5Ktyhvoh77463mBNvY8YJIx8EPAI5kTo712ZFUaFzruVR35Xgv4oxMsSQ63xrHCaeMfkJ/fbfOA2qNRsU4PVhn5qfa6N1TdzQvaPBDQSOBKiM3NyhNtJgiHq8QaqNPBsBh0+Xr4xBpK5eE+iVm1tlChfC4YPh3DNKz1URNYbWUC20KTZBEB3D0mf4yL2GbvPmysog2PbXYuLnW7rPxUihnsPqe52ckOlr2LY3T/7ShDA8lGPnvDAhdiOxS00S4bRxI31+rnGCfrDjxNRlnMfQ06Bk8g2b/o/JSr0HiVzcGC1QWGhhUTOnIiKhLwQ9xgrdtP0z1c7AsxFfgEvqsRhOwQhAtQhvWH430AvOuMJwinaYrnkiVG3k58qBFTkb3ts+0RLxIk101s1GJoc+H5exacxOMMeF5fjZJr0Hq1RJqBADTeyQBH+5LE/VB+7lR/LBGIzsojMSE8OZmtEBmQ==$p8dt2LFb6RT535XWNs9TbA==
priority: u=3,i=?0
server: cloudflare
cf-ray: 930e0392fd945688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

haxnode.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=930e0385cec456b4

104.21.112.1

200 OK

96 kB

URL GET
haxnode.net/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=930e0385cec456b4
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
96 kB (96067 bytes)
Hash
39a4fd246b923d9d955ed04ebbe38d43
9b4229bee26fd8d9d5be2919729207274bdff3b2
f02e1a6d1b1f3c30cfe850c14b3bd71b7525799e233bae8931cc0577d3e85499

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=930e0385cec456b4 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://haxnode.net/faronics-deep-freeze-standard/?__cf_chl_rt_tk=8QGPB98eo.D_.PKqA5qcRknh0rMA9c8jBnpnm.N.7yY-1744747065-1.0.1.1-SRRS2DtA00SIGl4BzrhSlgck9SpHD1kcq3BJggxLEI0
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:57:45 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BNjJw6TWIg%2B2jciG%2FgFjFSrYxl0ZFHqurcjKNrmAGhVepI7ArlqpNh%2BHZdRXywpSLo5Glit24RiDz6tuJeCA28h8NMpP9HPmBIPhBaQlEZgGRKQacGO2ItDmc4LapQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03877d4456a5-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=447&min_rtt=447&rtt_var=223&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=541&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/uploads/2019/03/hn-logo-150x150.png

104.21.32.1

403 Forbidden

0 B

URL GET
haxnode.net/wp-content/uploads/2019/03/hn-logo-150x150.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjecthaxnode.net
Fingerprint7A:0A:20:8C:B0:91:B8:62:69:CE:50:85:D8:29:A6:DA:68:95:8E:C0
ValidityMon, 24 Mar 2025 22:51:23 GMT - Sun, 22 Jun 2025 23:49:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/hn-logo-150x150.png HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Tue, 15 Apr 2025 19:57:46 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 930e038adae95694-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FUWDJmOyt4BCvWpq0mq7ErCiTjk0O9NZmiVew9RTfLYyDYMcuJKlpzdaqiJbcNoY0GLAyTa56xBT8EoBfi4imdRxI603tNFMyR4bBI0%2Fsuo81uZTh6ob4N2cdNGM7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="930e038adae95694", cfL4;desc="?proto=TCP&rtt=1136&min_rtt=593&rtt_var=599&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3276&recv_bytes=1209&delivery_rate=7180165&cwnd=253&unsent_bytes=0&cid=335fac9bb2f73752&ts=39&x=0"
X-Firefox-Spdy: h2

haxnode.net/faronics-deep-freeze-standard/

104.21.80.1

403 Forbidden

7.8 kB

URL User Request GET
haxnode.net/faronics-deep-freeze-standard/
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthaxnode.net
Fingerprint7A:0A:20:8C:B0:91:B8:62:69:CE:50:85:D8:29:A6:DA:68:95:8E:C0
ValidityMon, 24 Mar 2025 22:51:23 GMT - Sun, 22 Jun 2025 23:49:55 GMT

File type
HTML document, ASCII text, with very long lines (7772), with no line terminators
Size
7.8 kB (7772 bytes)
Hash
79af7c7276cbd36f60d269864186c189
d43e460e79073e42ceeda67db5b9d5f8978e3558
62cc1730662ae813b75635488388bad974d593e9ae2e81d7b499ab9c947db3ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /faronics-deep-freeze-standard/ HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Tue, 15 Apr 2025 19:57:45 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 930e03844c5356aa-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vQ%2Fix%2BXWl2pE0ShFbdjcB4zb9lNeFU7Ickny1F9J%2BP2SwzPr9w%2Fr6tLqkv2YBVZNJo0hrImZmBUohLobAkD9pKdJRygwXh9A7tCJ%2Btnc51BBMtp3pZavz7ExhYgmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="930e03844c5356aa", cfL4;desc="?proto=TCP&rtt=567&min_rtt=493&rtt_var=148&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3275&recv_bytes=1267&delivery_rate=7017770&cwnd=254&unsent_bytes=0&cid=7f4576bba6624c63&ts=59&x=0"
X-Firefox-Spdy: h2

haxnode.net/wp-includes/js/comment-reply.min.js?ver=6.7.2

104.21.112.1

200 OK

3.0 kB

URL GET
haxnode.net/wp-includes/js/comment-reply.min.js?ver=6.7.2
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
ASCII text, with very long lines (2991)
Size
3.0 kB (3026 bytes)
Hash
e4a49df71f8b98c1d9f9d8fce74d89e8
b95fcda0c8c26305ad94e80343d0cfca8a048a10
9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.7.2 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 1375
Connection: keep-alive
Last-Modified: Wed, 18 Dec 2024 05:12:48 GMT
ETag: "bd2-6298476f8bc85-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2BamgsFn66RdiagQh4PBoLbTRaH4qQPZfLqbBOIzaOyE76QD4q1hgaCz9Ie2dm3I%2FVDBjK2VeM%2BfH1CwEKapon3XpzVarM1kr9cFgWXr8T9cvUCdWs8EHkd1uH22kw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fde88a56ab-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=749&min_rtt=503&rtt_var=238&sent=26&recv=23&lost=0&retrans=0&sent_bytes=25344&recv_bytes=3890&delivery_rate=23737704&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2?v=5.15.2

104.21.112.1

200 OK

80 kB

URL GET
haxnode.net/wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2?v=5.15.2
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
Web Open Font Format (Version 2), TrueType, length 80252, version 331.-31327
Size
80 kB (80252 bytes)
Hash
9ae050d1876ac1763eb6afe4264e6d5a
72344eab2e7431eec313caa21f266cbfda7caf60
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/hueman/assets/front/webfonts/fa-solid-900.woff2?v=5.15.2 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://haxnode.net/faronics-deep-freeze-standard/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: font/woff2
Content-Length: 80252
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2024 17:06:05 GMT
ETag: "1397c-62929d8ad9727"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K7pv2xO5zfRJkwnviEXRxeJO%2FwV7RL%2Fo%2Bs71L1Gkr1Gk1Po4SAr%2BuRqDKZ9isIHTANGzmlY%2FeUbHsU7Uf7GcGdmyT081udkT2uwTYGk3Lm1WL%2FtZ5qAEztyot1y3Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930e03fc78c6b529-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=535&min_rtt=482&rtt_var=229&sent=4&recv=6&lost=0&retrans=0&sent_bytes=2526&recv_bytes=1858&delivery_rate=4000000&cwnd=251&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/uploads/2019/03/hn-logo-150x150.png

104.21.32.1

200 OK

9.8 kB

URL GET
haxnode.net/wp-content/uploads/2019/03/hn-logo-150x150.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjecthaxnode.net
Fingerprint7A:0A:20:8C:B0:91:B8:62:69:CE:50:85:D8:29:A6:DA:68:95:8E:C0
ValidityMon, 24 Mar 2025 22:51:23 GMT - Sun, 22 Jun 2025 23:49:55 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
9.8 kB (9832 bytes)
Hash
9a4dacead90b77b35ee454b09a138b7f
a59f56b02e01dc2156841f1ac9c0974f72a8a6b1
e8786d98ef6b3ae6bac929392caeb8aacc848d97b9e18e463d2019b46285d91a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/hn-logo-150x150.png HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:58:05 GMT
content-type: image/png
content-length: 9832
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G4%2BL%2FjkIoi0ukrOtaJnubiS6SIFekMK0eXsU7QmPFx9bzN64tWno9fQcPlZoLBXUJ%2BjBhD8OKqRGuhvl9w8emgoWC4qQ5REvFodWGA0mIqSh6Ohm0KwzdYQ886%2BKTA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 15 Mar 2021 19:44:04 GMT
etag: "2668-5bd9878dd4900"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4206
accept-ranges: bytes
cf-ray: 930e0402091a0b31-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9477&min_rtt=4327&rtt_var=3979&sent=15&recv=11&lost=0&retrans=0&sent_bytes=3911&recv_bytes=1352&delivery_rate=1860&cwnd=12000&unsent_bytes=0&cid=c725e2f1b35a5294&ts=19040&x=16"

104.21.112.1

200 OK

4.2 kB

URL POST
haxnode.net/cdn-cgi/challenge-platform/h/b/flow/ov1/119380093:1744745139:EEHF1abbIy4B2cDwSFAC3mevmGtDX6YlOD6hCg6zIUw/930e0385cec456b4/P_GlcIzAfvPMYW7GExl4TM.xjNjFnTZ.dhUM.t7jFKY-1744747065-1.2.1.1-e.pK2Ye.UGAa1wc10l.tlhvpMdi12ITaBZT.cdR1D23p_39D2lcNy0_XysTxnuRQ
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
ASCII text, with very long lines (4200), with no line terminators
Size
4.2 kB (4200 bytes)
Hash
872bb6fa43e0fe069b27a1dd12bb49f6
415e09a791f715a25c9121cc79f2cda4aad61e54
75308c3a4bf230d02aebd9258e4cbf2721041544709713fc89e5b3cd7d009d84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/119380093:1744745139:EEHF1abbIy4B2cDwSFAC3mevmGtDX6YlOD6hCg6zIUw/930e0385cec456b4/P_GlcIzAfvPMYW7GExl4TM.xjNjFnTZ.dhUM.t7jFKY-1744747065-1.2.1.1-e.pK2Ye.UGAa1wc10l.tlhvpMdi12ITaBZT.cdR1D23p_39D2lcNy0_XysTxnuRQ HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://haxnode.net/faronics-deep-freeze-standard/
cf-chl: P_GlcIzAfvPMYW7GExl4TM.xjNjFnTZ.dhUM.t7jFKY-1744747065-1.2.1.1-e.pK2Ye.UGAa1wc10l.tlhvpMdi12ITaBZT.cdR1D23p_39D2lcNy0_XysTxnuRQ
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 4199
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-out: LK8bpGYgOYkTjF21BWE9ZsOQVM1+otQY4B7xbwaJM47MGwYS4MX3QcO/qUngEkGjujq/S0jWrMz+J50MSbAyNg==$y/U39UZTF2X9spC76z3gdQ==
set-cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9; HttpOnly; SameSite=Strict; Path=/; Domain=haxnode.net; Expires=Wed, 15 Apr 2026 19:58:03 GMT
cf-chl-out-s: eAkZSVOxfjQBMlRTmv/Ov41PMX2Bx6YoHmGfd+5tq9w1B4vmvPMm75j9qmVcEsaCVCwDGuE2f5qB1TaKYLVKM+dXi/NHGHJOV5uuiyc41KzP8/IwDeFII8UF7PtijjZRV5QXdHnh+MG5/7MLtdto+juhYFMlNGsl45c4Yq9tesPEGu5rfx5j4fDk4n0ln0wA3DIb3MWAR+o6sVAg064HsFZFL/f03uIp752kjn7hdqPjq7fgteLShplNMgeJS7vl$cDCo+RRfjHUlAPDCPH8TGw==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Op81Ri9VlDo7nysVdApmXfX8qm34ShfuISB5p%2F7KwLf9E3xv97BR951SwexDeRzTVS5Y8riaE3aLBqLs5GTutg8sLlbhIRcppwlqjAwYkbWxCgo9V1oRKrTl4OFrhw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03f65ccf56a5-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=6372&min_rtt=447&rtt_var=11055&sent=46&recv=36&lost=0&retrans=0&sent_bytes=51808&recv_bytes=8902&delivery_rate=17079947&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.7.27

104.21.112.1

200 OK

94 kB

URL GET
haxnode.net/wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.7.27
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
ASCII text, with very long lines (65536), with no line terminators
Size
94 kB (94304 bytes)
Hash
b5528d5457cdacb7c721bd2f7ee2ae06
2a02c213cffc42cad39fb6f75fc1eea10c28605c
d39b765a83700d723062c2030cad7c7358d7e6305c11b64b81fd4381a75da5ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/hueman/assets/front/css/main.min.css?ver=3.7.27 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/css
Content-Length: 18018
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2024 17:06:05 GMT
ETag: "17060-62929d8ad29c7-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FeD2%2FI%2FjLcLIW9y1gINWjrfUljDQBx8wHrE%2FicEs%2BIa3dFC%2F9TuEqlRwjR8PZrvaNpfNOD4tIbxYsZWeZGpvdXzIFXrBitpTg3iVgF4zqOGAIIqY82Ae67OzAZhsfg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fb9e4656a9-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=453&min_rtt=453&rtt_var=226&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=894&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.73

104.21.112.1

200 OK

5.9 kB

URL GET
haxnode.net/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.73
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
ASCII text, with very long lines (5892), with no line terminators
Size
5.9 kB (5892 bytes)
Hash
a5041cf01d238b78b60d276f0c02127a
02e5c83e7cd98881ca3223563069c8591d6e8c28
2fdf5f9a856940c379e8cc777e289f5b58d179a3edb5ef3e1e0cff46f7dd670c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.73 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/css
Content-Length: 1603
Connection: keep-alive
Last-Modified: Sun, 16 Mar 2025 15:08:12 GMT
ETag: "1704-630770a49bd39-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ha1bQHw8jKG2aMgQvrTNEOdQykTalxvQh7Z0lcy9DkNHS1GpsvmfjxrAqGVTRVgzLkVFmRGRSgtg4vYE5c5oUBDpxuYPcESWcMe9PQyDMEt2Y192Xt4j2KqRkdW%2BmA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fb9f6eb529-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=482&min_rtt=482&rtt_var=241&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=907&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

104.21.112.1

200 OK

14 kB

URL GET
haxnode.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with very long lines (13479)
Size
14 kB (13577 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 4872
Connection: keep-alive
Last-Modified: Wed, 07 Aug 2024 14:34:37 GMT
ETag: "3509-61f18cf3fb940-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7oa6z6BPoRUZq1R9zlx%2FJIQG52XVi3VDTYdZt%2FV7%2FG%2BwMGI7wa5%2Fgrqg2gHoROPReYrLz6%2F2IK1pEp14dOKJcQys7C8dL89cmR7fZANx7TTQJH6lcNzC6GmBJOkeug%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fcae9556ab-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=663&min_rtt=503&rtt_var=92&sent=17&recv=19&lost=0&retrans=0&sent_bytes=17094&recv_bytes=2131&delivery_rate=23737704&cwnd=256&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

www.google.com/recaptcha/api.js?ver=1.30

142.250.74.132

200 OK

911 B

URL GET
www.google.com/recaptcha/api.js?ver=1.30
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint40:5C:81:99:DA:01:36:FE:E4:60:2B:67:51:3D:C2:62:8D:9A:38:47
ValidityThu, 20 Mar 2025 11:20:31 GMT - Thu, 12 Jun 2025 11:20:30 GMT

File type
JavaScript source, ASCII text, with very long lines (911), with no line terminators
Size
911 B (911 bytes)
Hash
135f37843e2c07df0c7a27c7d3e73042
7cd76532ce4a294c87be1d89a03c62deaa305316
89021fb494eebf4825f0072a390cf555191b27a45f7ef77f07b598e1e4876915

HTTP Headers

GET /recaptcha/api.js?ver=1.30 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Tue, 15 Apr 2025 19:58:04 GMT
date: Tue, 15 Apr 2025 19:58:04 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

haxnode.net/wp-includes/js/underscore.min.js?ver=1.13.7

104.21.112.1

200 OK

19 kB

URL GET
haxnode.net/wp-includes/js/underscore.min.js?ver=1.13.7
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
JavaScript source, ASCII text, with very long lines (18843)
Size
19 kB (18878 bytes)
Hash
16699a7f2aebe8d676042962c3bb5537
9697e3fe2d92c79debd82478603d4b59fc249714
5152316fade8c592fbfd38bc491e059464d967d3d31a582b0c885c0961deed30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.7 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/javascript
Content-Length: 7336
Connection: keep-alive
Last-Modified: Wed, 18 Dec 2024 05:12:48 GMT
ETag: "49be-6298476f8bc85-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aiALWJmbAeUo6pWwLmHHwdqQdROnN10pETsxVE8MJqXPUkcOa4dOjgJOgzqFTJ5Z%2FvY0M%2FKw%2FZ9H8vgaNaKTXSO%2BdOrcbcjU1uf3c0MzB5Pjni6%2FJIk1ME3SL4P6gg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fdacd50b3d-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=871&min_rtt=394&rtt_var=1016&sent=28&recv=8&lost=0&retrans=1&sent_bytes=33743&recv_bytes=2616&delivery_rate=7553640&cwnd=251&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/uploads/2019/03/hn-logo-150x150.png

104.21.32.1

403 Forbidden

0 B

URL GET
haxnode.net/wp-content/uploads/2019/03/hn-logo-150x150.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjecthaxnode.net
Fingerprint7A:0A:20:8C:B0:91:B8:62:69:CE:50:85:D8:29:A6:DA:68:95:8E:C0
ValidityMon, 24 Mar 2025 22:51:23 GMT - Sun, 22 Jun 2025 23:49:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/03/hn-logo-150x150.png HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Tue, 15 Apr 2025 19:57:46 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJeWwOYkLNhxIjp9OttxH5D9Lg5eS%2Bk0NOoI079VQH0tJycR5ALJn0cSL9%2F%2BErnkAKIDA2i9vmgTIDpnQ7TX3El7nFUKSTOMLqUvjIOwWi2ESZOoxCfAMuzO%2B4MScw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server-timing: chlray;desc="930e038d1cd00b31", cfL4;desc="?proto=QUIC&rtt=9477&min_rtt=4327&rtt_var=3979&sent=15&recv=11&lost=0&retrans=0&sent_bytes=3911&recv_bytes=1352&delivery_rate=1860&cwnd=12000&unsent_bytes=0&cid=c725e2f1b35a5294&ts=340&x=16"
x-content-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-ray: 930e038d1cd00b31-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=930e038cbc1d5688&lang=auto

104.18.94.41

200 OK

114 kB

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=930e038cbc1d5688&lang=auto
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
114 kB (113984 bytes)
Hash
5e482c6a4f1af883d88c400daa8936d0
9e630cd4992d82bbee180e2f4a74f324ddd4e2f1
10d9ef09990b31e3d5fd56d727476cfefb79061ae22d0e38659635b4d08ca6aa

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=930e038cbc1d5688&lang=auto HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:57:46 GMT
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
priority: u=3,i=?0
server: cloudflare
cf-ray: 930e038eff135688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

haxnode.net/faronics-deep-freeze-standard/

104.21.112.1

200 OK

141 kB

URL User Request POST
haxnode.net/faronics-deep-freeze-standard/
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (11716), with CRLF, LF line terminators
Size
141 kB (140613 bytes)
Hash
015574a2b18477044ca866a735980595
4105d062bc61ba39d3a0b17d9878c6c99355165c
6f2aed980c7e84ee294c1d51a1b61c12c4c17d4aa1d7af49b1da5aa9e3e1f9fd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /faronics-deep-freeze-standard/ HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://haxnode.net/faronics-deep-freeze-standard/?__cf_chl_tk=8QGPB98eo.D_.PKqA5qcRknh0rMA9c8jBnpnm.N.7yY-1744747065-1.0.1.1-SRRS2DtA00SIGl4BzrhSlgck9SpHD1kcq3BJggxLEI0
Content-Type: application/x-www-form-urlencoded
Content-Length: 2435
Origin: http://haxnode.net
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://haxnode.net/wp-json/>; rel="https://api.w.org/", <https://haxnode.net/wp-json/wp/v2/posts/23533>; rel="alternate"; title="JSON"; type="application/json", <https://haxnode.net/?p=23533>; rel=shortlink
cf-cache-status: DYNAMIC
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlH7gCKoRQFZS2ALAQbDv%2FaiossUp5pe6%2B%2F73v5KfdshgzhSkPxl5bPSKuWbJpxcCfxktpjdTZFzQvmaRev7XMv2kDqRirRvC5lO1fwPKlvcFvhSPZvNqouf1MUvKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03f80f4e56a5-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=3230&min_rtt=447&rtt_var=5048&sent=53&recv=45&lost=0&retrans=0&sent_bytes=56828&recv_bytes=12512&delivery_rate=17079947&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/favicon.ico

104.21.112.1

302 Found

0 B

URL GET
haxnode.net/favicon.ico
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://haxnode.net/faronics-deep-freeze-standard/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 15 Apr 2025 19:57:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://haxnode.net/wp-json/>; rel="https://api.w.org/"
X-Redirect-By: WordPress
Location: https://haxnode.net/wp-content/uploads/2019/03/hn-logo-150x150.png
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JltSxvbcGbp56oW6NgzRroZykdWJ3RN24AN9j4NVCKPhhPLPiZ4sQl6krHvBEKJ0zTx%2Bgp%2BAZyDLHVfas0uDSFrtvMb4W1TarIZeULg%2BxHvrUQToD7EnZmvobDWFQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930e03887c2b56ab-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=503&min_rtt=503&rtt_var=251&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=377&delivery_rate=0&cwnd=248&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1

104.18.94.41

200 OK

61 B

URL GET
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/cmg/1
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/cmg/1 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:57:46 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
priority: u=4,i=?0
server: cloudflare
cf-ray: 930e038e8e5b5688-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

haxnode.net/wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2?v=5.15.2

104.21.112.1

200 OK

78 kB

URL GET
haxnode.net/wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2?v=5.15.2
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
Web Open Font Format (Version 2), TrueType, length 78472, version 331.-31327
Size
78 kB (78472 bytes)
Hash
0c9f225e8f69c622f681cf1ed973cc3d
9e355abda14ee62a7987b2ba7e2e887d33337e25
529d0a7b3944929222155bca3272ba1a87acc2faa09b2ed26a713872b7ff8794

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/hueman/assets/front/webfonts/fa-brands-400.woff2?v=5.15.2 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://haxnode.net/faronics-deep-freeze-standard/
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: font/woff2
Content-Length: 78472
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2024 17:06:05 GMT
ETag: "13288-62929d8ad77e7"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3EXsW4xiSQ14dx7MtGzyKkfHTNug2EtftJYOkSQBDAQHOIsT969N6TW2BpvKg69T%2F1XpqK8cRUTIQ6gDwBoYlz8QtEqhCM%2F8ApE2n8ZOMGKmiUJexv8qVpU89SBNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930e03fc5de256a5-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=856&min_rtt=447&rtt_var=213&sent=79&recv=70&lost=0&retrans=0&sent_bytes=88565&recv_bytes=14351&delivery_rate=20368286&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-content/uploads/2023/12/deep-freeze-standard.png

104.21.32.1

200 OK

13 kB

URL GET
haxnode.net/wp-content/uploads/2023/12/deep-freeze-standard.png
IP
104.21.32.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/
Certificate
IssuerGoogle Trust Services
Subjecthaxnode.net
Fingerprint7A:0A:20:8C:B0:91:B8:62:69:CE:50:85:D8:29:A6:DA:68:95:8E:C0
ValidityMon, 24 Mar 2025 22:51:23 GMT - Sun, 22 Jun 2025 23:49:55 GMT

File type
PNG image data, 579 x 395, 8-bit/color RGBA, non-interlaced
Size
13 kB (12837 bytes)
Hash
37a78ef5c7f70ad5fbf149515c61d206
9d81d4efc3be514b4e6bec24671a0fc430d6c692
00b00a9d4ea04ae9ff89d955f0fab9d2d9bb2b4794ff74664d658b2310ca3476

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/12/deep-freeze-standard.png HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:58:04 GMT
content-type: image/png
content-length: 12837
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BJjjNzLUvg7cGexfSDXPBMXBShalbsLgMdWm2LkIXkdvBBJX1U%2BLuN37zJOlhmkLhHuzCeqk5H%2BgVevrABN1%2BNvR7%2B%2FeCxYS5xalVW7NkyHwGuqlo5bl6GaLaxiYnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 31 Dec 2023 16:57:26 GMT
etag: "3225-60dd128f6cda3"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
cf-ray: 930e03fbf8c30b31-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9477&min_rtt=4327&rtt_var=3979&sent=15&recv=11&lost=0&retrans=0&sent_bytes=3911&recv_bytes=1352&delivery_rate=1860&cwnd=12000&unsent_bytes=0&cid=c725e2f1b35a5294&ts=18268&x=16"

haxnode.net/faronics-deep-freeze-standard/

104.21.32.1

403 Forbidden

5.6 kB

URL User Request GET
haxnode.net/faronics-deep-freeze-standard/
IP
104.21.32.1:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (5553), with no line terminators
Size
5.6 kB (5553 bytes)
Hash
f6a421df23918658ad2b4f770ddba3a3
eaabfc6cfa776014201098a2a44f1ff4a90eaa20
edd522551345d48c5ec7943fffa6bb0dd5eab1ac2b874b39a68b4b9118eff9e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /faronics-deep-freeze-standard/ HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Tue, 15 Apr 2025 19:57:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-options: nosniff
x-frame-options: SAMEORIGIN
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HD7RoJF%2FoeT4OjhyD3inhT%2Byh20d7D%2FAiz3sTMlw337F%2BGWE2%2BHwm0hIfA89g7yxJig0kaSkosKWa7sjNB1OZ%2F0QDSSncaQcskoYrqwrVYTcdByzI7yTvILp7UZCeg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 930e0385cec456b4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: chlray;desc="930e0385cec456b4", cfL4;desc="?proto=TCP&rtt=469&min_rtt=469&rtt_var=234&sent=1&recv=3&lost=0&retrans=0&sent_bytes=0&recv_bytes=426&delivery_rate=0&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

104.18.94.41

200 OK

28 kB

URL POST
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1459382755:1744745152:Z5AiYg5gRDuO2TTmHtKmlzSrk4uNKcESg-OLATKce30/930e038cbc1d5688/6KD67YM3Iks38mf.AZ.4rqVr6JtP__T4w3fKoXYzk3E-1744747066-1.1.1.1-Y2UliRW9IDvLC8OgUQpB4FRDsptXKJm0vyKjSUVcDh_zkaweyYVwACc8S8_WsIQJ
IP
104.18.94.41:443
ASN
#13335 CLOUDFLARENET

Requested by
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
Certificate
IssuerGoogle Trust Services
Subjectchallenges.cloudflare.com
Fingerprint48:58:3E:CE:54:27:56:6B:A6:33:D4:C8:4B:BF:00:0E:BE:61:60:28
ValiditySat, 01 Mar 2025 17:19:38 GMT - Fri, 30 May 2025 18:19:35 GMT

File type
ASCII text, with very long lines (28280), with no line terminators
Size
28 kB (28280 bytes)
Hash
928701be65bfdd3be9160c11afc1c7f6
1f2f61fca9df345e4472ef1f2648c0c313718c8b
ccd50f444e2d016538a9f8b4c82d25fc69a80c5e1c73e0dda8216cb1a30775db

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/flow/ov1/1459382755:1744745152:Z5AiYg5gRDuO2TTmHtKmlzSrk4uNKcESg-OLATKce30/930e038cbc1d5688/6KD67YM3Iks38mf.AZ.4rqVr6JtP__T4w3fKoXYzk3E-1744747066-1.1.1.1-Y2UliRW9IDvLC8OgUQpB4FRDsptXKJm0vyKjSUVcDh_zkaweyYVwACc8S8_WsIQJ HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/hal0c/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/new/normal/auto/
cf-chl: 6KD67YM3Iks38mf.AZ.4rqVr6JtP__T4w3fKoXYzk3E-1744747066-1.1.1.1-Y2UliRW9IDvLC8OgUQpB4FRDsptXKJm0vyKjSUVcDh_zkaweyYVwACc8S8_WsIQJ
cf-chl-ra: 0
Content-Type: text/plain;charset=UTF-8
Content-Length: 33392
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 15 Apr 2025 19:57:54 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: j+FEWeSBS5uSzYQOEK88tqZaBFZbkT9SPLQtwAZQdtE2KKfgxhXgEixP7Fburln2$FdKAcHUjzkuTHEixF8s1iQ==
priority: u=3,i=?0
server: cloudflare
cf-ray: 930e03be6cc25688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

haxnode.net/faronics-deep-freeze-standard/%3C?php%20echo%20$plain_url;%20?%3E?h=63ab01231419d7b8b9fcdf8e5caab556&user=7536

104.21.112.1

404 Not Found

76 kB

URL GET
haxnode.net/faronics-deep-freeze-standard/%3C?php%20echo%20$plain_url;%20?%3E?h=63ab01231419d7b8b9fcdf8e5caab556&user=7536
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
HTML document, Unicode text, UTF-8 text, with very long lines (20834), with CRLF, LF line terminators
Size
76 kB (76372 bytes)
Hash
9e1a2f3b232c20a2925584cb2289bde4
238f678827c7f99469d455132c55523ae53d859b
7efe65e905beceead7da0e9fcfce37cb68ed31f9ca569ffaebb7f8c6f88e2f58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

NIDS	Severity	Alert
suricata	low	ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M2

HTTP Headers

GET /faronics-deep-freeze-standard/%3C?php%20echo%20$plain_url;%20?%3E?h=63ab01231419d7b8b9fcdf8e5caab556&user=7536 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://haxnode.net/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=twSVN6ZgMdaYz%2BlLpOiJdrpRqlncqfGYXdUIX1Ta4QBPAb20SvcrNnU6LjguWnET86ANc%2FLQTfVgDfWu41H98skL37b3ZHaiM4wNx%2BreRmrzDJxccgoJvFNXOy6Btw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fcbffc56a9-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=755&min_rtt=453&rtt_var=155&sent=16&recv=18&lost=0&retrans=0&sent_bytes=18956&recv_bytes=1818&delivery_rate=23247706&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

haxnode.net/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2

104.21.112.1

200 OK

115 kB

URL GET
haxnode.net/wp-includes/css/dist/block-library/style.min.css?ver=6.7.2
IP
104.21.112.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://haxnode.net/faronics-deep-freeze-standard/

File type
ASCII text, with very long lines (59458)
Size
115 kB (114706 bytes)
Hash
8c9f31823282e4e056eb0aa7fac262a9
dc3b1a37381e079fda8db59c1a9469852cd18b80
3bb38d0f302677ff4104564454f60f495133579d6e6dfb722b3de850df596502

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.7.2 HTTP/1.1
Host: haxnode.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://haxnode.net/faronics-deep-freeze-standard/
Cookie: cf_clearance=lAzYu9iKZOxE3JvU2MD5_RIwGkKkK1QdQF.WQziXgaQ-1744747083-1.2.1.1-86_uPgWTMu4I5eoDEtprOxMTYAe1yBq_JWwXbjJbSYMppnthQmQo71busSnHbgpe.g4qGMEhd81JXx1tTAjP3QF.7Y.oVSAVSz0WtUL99ccXAn65AlStcr7oc9Mz45xd0nLs4DoarfV7RFlyQ6wm8XvPVx7rcAFRvfkOAAvVjNALHHKH9y3CSsqP.2XV141awgqXg9rMS9OffFLVC0Q32sQX.0Jnh0caimr0RsnWnnqJKMQu4BamI_9ycUQMhTA1fBINdzPruLHOsK8D9Z3dpsPkcBR8Q_Vv34R9kJ22ClKiq2_8YnDXxV22d_j1dNmPuooXqLMKC_.RzGVMnh3Y3MdUFxzBI.2pS7zTT6iYePx7Qgxqz7OoWux_2F_NQMj9
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 15 Apr 2025 19:58:04 GMT
Content-Type: text/css
Content-Length: 15177
Connection: keep-alive
Last-Modified: Wed, 18 Dec 2024 05:12:48 GMT
ETag: "1c012-6298476f74586-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F1X9D7h%2BuLvuUQtEae18LR0vzyk25w5A228u2n8CZw9DGASXQuKrT2HBdnFpT74i%2FrN0%2BPZNSvHDI9LxXR%2BgyPY1n5R2TTknIIW58AM5KhqZinUaBOVYUYIfN2fJ2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 930e03fb9ccf56ab-OSL
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=545&min_rtt=503&rtt_var=273&sent=4&recv=6&lost=0&retrans=0&sent_bytes=972&recv_bytes=1264&delivery_rate=1717674&cwnd=249&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (108)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML