{"report_id":"22e9c901-879e-4f21-a2a9-3b62639ff49f","version":6,"status":"done","tags":[],"date":"2026-04-06T12:42:18Z","url":{"schema":"http","addr":"shape3.xyz","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.176","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"title":"Venture Analyst - Crypto","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"shape3.xyz","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"104.21.69.176","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-11T12:42:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"shape3.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-29","domain_rank":0,"first_seen":"2026-04-06T12:42:24.672374Z","last_seen":"2026-04-06T12:42:24.672374Z","alert_count":9,"request_count":9,"received_data":5689664,"sent_data":4001,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"59a13eef9e5e0ec7844e58e8b47d54a0","sha1":"0fb2b2059a878b87f8524284d448dd46a4351953","sha256":"c890c150b008d069bfddb86ee2c2e3fe979515939053b4c53fd6853b68e4fe35","sha512":"7fcdb614d30b1141e9a1e134a98e2888007f786f866c24e6383106d3e003f094e72901aa295e7d3450fccf5a249b25b436401a5b9439205da6b0eec8d72cfc80","ssdeep":"","tlshash":"33f0beaf336126ca23ae6ad20796c01d1e72e4ab3002163c575a36ca0cb6f52521b07e","size":494,"data":"","first_seen":"2025-08-01T04:17:54.874483Z","last_seen":"2026-04-23T22:43:46.29451Z","times_seen":2652,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3433c9d3e9b7e8e5b34ed72e309db572","sha1":"d53d7df082088749c1df6b08330ee9b9e4076932","sha256":"1d96fa9904e3743570bccd5be90e83fd91975299f374093cc6f723673d582dd1","sha512":"ffd0e047331871f21738643968b7eb7fa045ee0e45346a9ea986c4b8a3e745dd310542c6b2734f6d244408bba6548ec66f5cd7662c69485b5e59e3b9432cdff2","ssdeep":"","tlshash":"06f04245bd825a24d35670ddc41f978cc53690dd91491c4cbb64ece1de94c2cdfc6534","size":585,"data":"","first_seen":"2025-08-01T04:16:24.219641Z","last_seen":"2026-04-23T22:43:46.297415Z","times_seen":2846,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f278e1582a6b32d6a9a05328bba73b0f","sha1":"02780b645a044990e49787663d3dba06626b1e3d","sha256":"07317dc90130ec69ed8e07a8362168074f9067473354101f361449cff37110aa","sha512":"08463b63ba1654bf203117d8f0c0a2ce4b5d92914ffba7c8ac3d942ff1a812c86cc61d9e840e5f3422c2b22d1b71b1a06b9a6d40d4e4259b32fd8cd40cc8357f","ssdeep":"","tlshash":"55319948a43216904242e8f1c676abeeabe774080574446d349cbec7eff8447e521678","size":1529,"data":"","first_seen":"2025-08-01T04:16:24.221852Z","last_seen":"2026-04-23T22:43:46.300722Z","times_seen":2809,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1e21743cd2ee2004cd56bfc5c29e3609","sha1":"bf516634ffbcfd3186b71dafc0ecdcc47894c439","sha256":"0e428980439e794b176e0ee3cd84e4878510b1d52c1efc1c00f4af9729a17029","sha512":"4264e5ce5b4f3acb24046582388132a5915398c9266c18c6349d75fb94bd74bac990dc6ebd12e1e118a3a24752a3e4badae2faabd69b9827d1f223a0750da4c2","ssdeep":"48:atoyTqSsM+c69M+c69M+c69M+c60778KK7NaaM//M+A:atlDNDNDNDl778KKw//M+A","tlshash":"25913f32165427da63ce8fd45a85751d01d2c89a383e60bdff3279eded3a683c031612","size":4506,"data":"","first_seen":"2025-08-01T04:16:24.215618Z","last_seen":"2026-04-23T22:43:46.299889Z","times_seen":2782,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/js.js","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2afe035621d9b9bd287ab1b802006348","sha1":"6de09c91560fbfa7dcf1c160cc0df291a75338a8","sha256":"17dd286fe76314a63bc861850efbf97af94c5dfdb32da2d23ba7023c811d1f35","sha512":"36e27f5c4ea5a1078b63ea63f7aacffeb95235ca005a58b8bf6f78b22ee96fc06678ac42863a95833c1e8023535419b15451d270d56d492ebf2cc521eedcda3e","ssdeep":"3072:/GyCku0WwDiw0JhdqzNwhqs4vRSn3AkW/rFvDaxacsOmhSjX364EgQ1No62:DuhAfC3ALrFG8csOmsjX364EgiP2","tlshash":"402429ddb79a706643a3b5b8503f014bb23a79a2f84cc894f052d8c42e7466a5273f7d","size":229196,"data":"","first_seen":"2026-04-06T12:42:29.293307Z","last_seen":"2026-04-06T13:00:55.288553Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/97f08c36-5cb3-4064-9cf2-93688b84a2cc","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"2ce8c2c04dbbe84f61595ca92d1a1f7d","sha1":"7d8013653c946ec62be1e2baa0fa23f408b63668","sha256":"43bac024ec5782fabdf0f1d17a4163f1faa54916181ac6e5a0a0b496237742c7","sha512":"3da5762410949e950f03ca9bc2f0517056c019a10a24678ef54dd07f5583cb8ccf13db043eaa35d2a8b1169d7789510ad0afc75c564916d1531b1e6617c423e6","ssdeep":"49152:T7OwPEZJshrCwW2QUSvhjG+EyY4bfO3xrQanJfCpszVtc3Z:C","tlshash":"21f523816c47f9b68f44425470b76d0b18890d1398adf0dbf7acf9c134aeba181dba6d","size":3405279,"data":"","first_seen":"2026-04-06T12:42:29.299784Z","last_seen":"2026-04-06T13:00:55.314022Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"da1949f91e8a5f032d7058d6263f52af","sha1":"d0564dc17bce7fcb0805d872ac72fdf482241000","sha256":"3c4e39ad1ca7f32101047fb3f51666fd8519f1f0fb618b11a0405ef78782118e","sha512":"cadcf464675cd8b3aec3c6a35252949aa675420e0eb516f0782efb3abb23766d9da5083bc42b092c76cbcc710a54d96b31b7417ca88c666b225360b252734d02","ssdeep":"","tlshash":"b0600000f30c0cc00330fc3033c00003c000c000000000003cfc000c00c0c3cc0c0000","size":16,"data":"","first_seen":"2024-08-19T16:40:14.907209Z","last_seen":"2026-04-06T13:00:55.304478Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/bug-snag.js","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ced52a1c767a79d394cae80be1168ee4","sha1":"0c8c381f91ef1ec4e41ab6c6b5fd964a8221abda","sha256":"3e47d453a76471b98de34953cfe884cc1875aaa61adc0f65959714ac417ecf4f","sha512":"69776986933f490ce6df4eb46aff30b14dcb0305a9b3809a1693b9a27a9bbc21e91bde11680924d941ef64c99809025ebc5436126f699d595cebbe70f1771f88","ssdeep":"768:9GY47qwCfJXQNUdMlgNMuYAs1iQzmoSSh:YqHhkUalgN6","tlshash":"6123b20d28e671715c6370b98bafb108b23a81132518e9227cdec7542f9983d87f6bdd","size":45796,"data":"","first_seen":"2023-11-30T13:42:16Z","last_seen":"2026-04-06T13:00:55.298917Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"0e1ee9f442371606d9a13b41a0dbeaff","sha1":"a05c25c8ad9127fe7d45319ce13e8b4a485d2e01","sha256":"713285cbc0cb910dfd2e7a86c604d191a27789ae50964ab1c674507ff4a20c45","sha512":"1dbac9fa1e0b338e780a3600f1a3da140a6c83a961a1d0c6c80fe3dc5a9041c346c471d264a07ccc87457cdccc2a28b768d02283512ba9cee0fc2e2b7124e42d","ssdeep":"","tlshash":"0221fedeb2826488526794d742cd8dceb8e617a919008c20452ef299225c3e8fb6ad54","size":1177,"data":"","first_seen":"2025-08-01T04:16:24.218288Z","last_seen":"2026-04-23T22:43:46.295531Z","times_seen":2736,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"de48aecab677092e273074e38b69b45a","sha1":"3a28d2bc76c257d55dc616fef3821cfb678aa680","sha256":"f4c5391d575402c8dbe6a74e671d2ee05db284005ad3bb506578089facd76629","sha512":"8a59f4d1b0421f5511ad52bac80211f45c2f207d791da78b3fb80dddaa06cf14458bb6386322efd1124edd4f5a1cd6cbf5275fd5887a780476b74be8535326ed","ssdeep":"49152:Y7OwPEZJshrCwW2QUSvhjG+EyY4bfO3xrQanJfCpszVtif2:K","tlshash":"93f523416c57b9b2cf84536470a76d0b54980d13989de0cbf7acfac134aef9181eba2d","size":3402940,"data":"","first_seen":"2026-04-06T12:42:29.311141Z","last_seen":"2026-04-06T13:00:55.331939Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"128af8fed3184a6fa951ae9005a00bb7","sha1":"c6144ad0d71f90ac327e37ed2ad63bd7ca69570b","sha256":"cd256614eed70ee95a262114b2e78cba410227ea6529c09554bc10441dd05c0f","sha512":"5ae9d2831cbc44881660c26de938c0415bd67fa928c55e2a6b1d999ad703517bd7f6b7660bcb1b53ed35122f700c95a7a0e78687dba4264deb35aae4e492d4e0","ssdeep":"","tlshash":"408000ca02003cea000000020a830232cb20283080ba8000b28a28002280008e08ca08","size":26,"data":"","first_seen":"2023-11-30T13:42:16Z","last_seen":"2026-04-06T13:00:55.311999Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"4b359850172ffc88d3b6e86633eee85b","sha1":"de080d4196d283cdf50ce553099c56aa57db5815","sha256":"c90bd38c0f82a105da4e37c98b898bf2313e10abc41dc051da729ecd751bdec0","sha512":"e86fb99306ffb016d53559c8a8f3c0237c23d11c2b1ce51f32962c8633687ee906b41ccabe17dfcf44ecf3bb6fb0b8298fdee1fcf7dc9849c101bd63ad0dee71","ssdeep":"768:ppmMjcA14Am5rlnVo+ap65H/DzH0flyZgmJcLFH7qo1XCcy/hOiuF:x4NlO+apcXMef0","tlshash":"3f53b8d6591be0d1ae4220ced873ed06e4288d13cd6cf167a6acddc1762df2284971bb","size":64272,"data":"","first_seen":"2026-04-06T12:42:29.315113Z","last_seen":"2026-04-06T13:00:55.307448Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/app-tgr3wqqblsj.min.js","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7af1fdc3d48d4ea150019f773f2a5617","sha1":"4dc05e79bfdca7a8e9602e3d5bce0b54ecc01453","sha256":"c6b2f9c0c6ad89c332afe6dd5d998ed83618097be6653b4492538b364c9bce16","sha512":"69722201754d310d30b60b355e74e9184af723cb73ff3f4dbabae5dc38667fbfa50168776e96956a48662f06cffe73397082d7f69327c5fc7bc05feb7c6d3374","ssdeep":"768:+t2MTcuJ4gS5f+t8ZcQZg7JRJWmA0STcdNH7qm/X0cGHrOoiF:+4tf/dC7JWMc5U","tlshash":"236383d7141ae0d5ae1210ced473ec09e4688953cdadf057eaacdcc6b62df2684472bb","size":67185,"data":"","first_seen":"2026-04-06T12:42:29.277047Z","last_seen":"2026-04-06T13:00:55.295503Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2380d391cf784bce2f77e0e16fa2268b","sha1":"2b88cb08e3d7f56772d46fe1a10d84774e8728d5","sha256":"e65fcff70fe965f3d1878fe515a7ebcd265dfe61b15461521450c882e8d081d7","sha512":"0f3264af3a045928be20d2ee1ef3af905571d07e3fc25eaeda22199baca89b8c9bff94d90d81124ff45b16c5e40df291c2f49d9464ba901d2d961f6fd1196f1f","ssdeep":"","tlshash":"e6411b1e00aa0aa31ba3054333ce846d0956c2cedcc73534d3b27f8134c67832a93bea","size":2254,"data":"","first_seen":"2025-08-01T04:17:54.882582Z","last_seen":"2026-04-23T22:43:46.305197Z","times_seen":2682,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a0cc2ce15a4387c48b4367e2814f598e","sha1":"c741dce27a3294c9b685762b4fa9f0c8602e4b47","sha256":"68cffd01d5c906d61339ef295dd9b7f77361db10917ca73b343aaaf99f5df262","sha512":"e5050fd06ae6abdd9c017c68e291eb46f990aa7f37da78e79d212d82c4993c622f4639332cdfeff31b370ce3c2948ed1fcb1a68ed1131d961d73ae84438bbb1a","ssdeep":"","tlshash":"3901c08c30587cf345a7fba1177b5719ba722310a4609432b7dd9688a610c57c4de8cc","size":731,"data":"","first_seen":"2024-12-16T04:05:06.536471Z","last_seen":"2026-04-06T13:00:55.315665Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"dd15dcd71e979a816631b58511f39e75","sha1":"287c3cb1e14e675087e842ff1d2a83e0a25e2528","sha256":"645984daf527fe1557e4f9d4e0d8af99b6dd0a65aeda2e8dff9f13f330b70a65","sha512":"6b1b8c9bc420a1d80d2ce2393297d7edc299003028a998b2de01675c5dfc2792af445d3ab8887731aa2e54830105d00cde0816074e042714649bfc4cc4479370","ssdeep":"","tlshash":"f4e0c0b5224827b78641c703bd1d06c5c70470282282b97a5842613800202e302d77c0","size":340,"data":"","first_seen":"2023-11-30T13:42:16Z","last_seen":"2026-04-06T13:00:55.318492Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"8de04e3dc63af7585af0e827672eb149","sha1":"02ee5e4b4e73e430d629744c4b7a3e38c36ed06d","sha256":"123e2a4c9c65ad62ea2b0992b1f80073e18a341a810f9ba40d1c4cdc31f1e759","sha512":"a42fcbfd4fc45305b75c0093524abafcf73f7d10f3bbe8cf573f3ea87803f672ae7fd293a116e7c24aeb0ef9fb24b9ea32e48200a56243187d5b550407631184","ssdeep":"","tlshash":"a911cce0aa6c599781c2095034894b02b13cb020203d9fd0bf75f0ce7c7c7ec96d262a","size":1000,"data":"","first_seen":"2025-12-20T20:03:49.143914Z","last_seen":"2026-04-23T22:43:46.298857Z","times_seen":1502,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"shape3.xyz/app-tgr3wqqblsj.min.js","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://shape3.xyz/","date":"2026-04-06T12:41:53.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shape3.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 21:02:18 GMT","end":"Sat, 27 Jun 2026 21:02:17 GMT"},"fingerprint":{"sha1":"B5:1C:D5:52:A5:1B:9B:C6:2B:84:9D:4B:CD:67:3F:ED:9B:2E:D7:19","sha256":"2C:D1:93:12:E2:ED:0D:F9:31:B2:C5:48:E8:F9:46:70:45:28:2D:BE:2C:D3:A5:CD:8B:A3:15:61:8F:B6:71:2A"}}},"request":{"raw":"GET /app-tgr3wqqblsj.min.js HTTP/1.1\r\nHost: shape3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shape3.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sun, 29 Mar 2026 22:06:12 GMT\r\netag: W/\"69c9a254-10671\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7HHhrm7%2FGB9Kl1W2%2BJJeDdCNQjmHuWgJvoJg9bmtz6Yy%2FlvQX%2Be046wC3VVpUc8EfE%2BwvyBKHfxJXGced1afqtlUx1i9qS%2Fzr8c%2B47sdFRaYh6b14Uv4H4%2BNjC%2Fl\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e80de8bac0d0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":67185,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7af1fdc3d48d4ea150019f773f2a5617","sha1":"4dc05e79bfdca7a8e9602e3d5bce0b54ecc01453","sha256":"c6b2f9c0c6ad89c332afe6dd5d998ed83618097be6653b4492538b364c9bce16","sha512":"69722201754d310d30b60b355e74e9184af723cb73ff3f4dbabae5dc38667fbfa50168776e96956a48662f06cffe73397082d7f69327c5fc7bc05feb7c6d3374","ssdeep":"768:+t2MTcuJ4gS5f+t8ZcQZg7JRJWmA0STcdNH7qm/X0cGHrOoiF:+4tf/dC7JWMc5U","tlshash":"236383d7141ae0d5ae1210ced473ec09e4688953cdadf057eaacdcc6b62df2684472bb","first_seen":"2026-04-06T12:42:29.277047Z","last_seen":"2026-04-06T13:00:55.295503Z","times_seen":4,"resource_available":true,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/lever-logo-refresh.svg","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://shape3.xyz/","date":"2026-04-06T12:41:53.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shape3.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 21:02:18 GMT","end":"Sat, 27 Jun 2026 21:02:17 GMT"},"fingerprint":{"sha1":"B5:1C:D5:52:A5:1B:9B:C6:2B:84:9D:4B:CD:67:3F:ED:9B:2E:D7:19","sha256":"2C:D1:93:12:E2:ED:0D:F9:31:B2:C5:48:E8:F9:46:70:45:28:2D:BE:2C:D3:A5:CD:8B:A3:15:61:8F:B6:71:2A"}}},"request":{"raw":"GET /lever-logo-refresh.svg HTTP/1.1\r\nHost: shape3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shape3.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:53 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sun, 29 Mar 2026 22:06:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KwT%2Bm%2F%2BajMfzrKhDUnlcF8uIkNxAMKfVJ9%2Fi0lZoploPROVSGXdAYvNWayJLvmrxo29FsZ599Ewc9EUxTcDbsxfDKCOM1Gim4LhGZSqBWFUa7r3NODpdWuwz63l7\"}]}\r\netag: W/\"69c9a254-871\"\r\ncontent-encoding: br\r\ncf-ray: 9e80de8bac0e0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2161,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0b9761dbdc12150643b2dfac6fbf5eb7","sha1":"0e0686faa14544147f1f8dcfef52fc328a55612a","sha256":"d756249c5f79d212ef4d999aa019770be674a6205b0d014d64169ab3016536ae","sha512":"d06d104133be83689c3c78a19b5702eb557e4cbc79bf4be303b6b5269e4d8e1b085072d2c15df6201e5ac41d8af8d1d8dc92f9d12b45ab09c264350d801f12bb","ssdeep":"","tlshash":"714142c0d2ea50fcf1466bf4517b84293ee328f6f215ed8282a50d82ea2544d445bdc7","first_seen":"2026-04-06T12:42:29.278567Z","last_seen":"2026-04-06T13:00:55.297062Z","times_seen":4,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/Lato-Regular.ttf","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://shape3.xyz/","date":"2026-04-06T12:41:53.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shape3.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 21:02:18 GMT","end":"Sat, 27 Jun 2026 21:02:17 GMT"},"fingerprint":{"sha1":"B5:1C:D5:52:A5:1B:9B:C6:2B:84:9D:4B:CD:67:3F:ED:9B:2E:D7:19","sha256":"2C:D1:93:12:E2:ED:0D:F9:31:B2:C5:48:E8:F9:46:70:45:28:2D:BE:2C:D3:A5:CD:8B:A3:15:61:8F:B6:71:2A"}}},"request":{"raw":"GET /Lato-Regular.ttf HTTP/1.1\r\nHost: shape3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shape3.xyz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 607720\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sun, 29 Mar 2026 22:06:12 GMT\r\netag: \"69c9a254-945e8\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ElSE0sW8of6%2BeJBJAeY%2FsziMuOcWUFu%2BYy8NZ%2BmD%2B9qmMgSeoPiOjeMNqg2%2BDEHC81E%2B47HLx%2FdVfLYCnG5QKFpYev9gO31ZaUQj3CGVtF%2BnJHQ3tQN8W5loJ93I\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e80de8e6ddf0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":607720,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GPOS\", 30 names, Macintosh, Copyright (c) 2011-2015 by tyPoland Lukasz Dziedzic (http://www.typoland.com/) with Reserved Fon","md5":"6d4e78225df0cfd5fe1bf3e8547fefe4","sha1":"5f996143c684c93882400062b5564b99426d4a43","sha256":"089ab6d4a57e0e6c4dd3b681b6fd50a5184f1b902429d35e1227e52d6ccad1bd","sha512":"9d5f84d1267fe4333a37ae94a0deb6418643a3fced5d91d0c0a6eb37cbda917e57dd10f3627d99c44e60592254a7df6e63af3a1d5e692b16ac5514b27ecb7536","ssdeep":"12288:HoRD9RVZpUcc3YpoCW/IH345XcnjzlsLepJ:HoRxEcc3YpoCW/phcnj5f3","tlshash":"14d47c5feb86de4dc56a7878ce54d2b039219d785393ca6f607f2d30860e0a04db92f9","first_seen":"2023-04-08T08:12:42Z","last_seen":"2026-04-22T04:01:28.633591Z","times_seen":223,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":231,"receive":207,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/Lato-Bold.ttf","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://shape3.xyz/","date":"2026-04-06T12:41:53.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shape3.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 21:02:18 GMT","end":"Sat, 27 Jun 2026 21:02:17 GMT"},"fingerprint":{"sha1":"B5:1C:D5:52:A5:1B:9B:C6:2B:84:9D:4B:CD:67:3F:ED:9B:2E:D7:19","sha256":"2C:D1:93:12:E2:ED:0D:F9:31:B2:C5:48:E8:F9:46:70:45:28:2D:BE:2C:D3:A5:CD:8B:A3:15:61:8F:B6:71:2A"}}},"request":{"raw":"GET /Lato-Bold.ttf HTTP/1.1\r\nHost: shape3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shape3.xyz/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:53 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 600856\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sun, 29 Mar 2026 22:06:12 GMT\r\netag: \"69c9a254-92b18\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yieE7QBU8%2BcGMzFZ5b2gvY%2FFT1qjvj5l7gKuLv%2BaaDA1MOlW0b4FnnR4squVQXhYS17AsKeZ8QWhOmD7COKavqCdeGKN4X8LlZMph%2FsVw%2BlcC8EzJOIZ7CuXN%2ByP\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e80de8e7de20afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":600856,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 17 tables, 1st \"GPOS\", 30 names, Macintosh, Copyright (c) 2011-2015 by tyPoland Lukasz Dziedzic (http://www.typoland.com/) with Reserved Fon","md5":"5b1b8b856d7a8cb1cb0bae6d0573f2e9","sha1":"6d703bd84d8d9f5234b4c8d4c8391ad8155b30b3","sha256":"f71f833c099f450606f8107b83ef208ae918c0ea00779466d45e9be96b0bc7cc","sha512":"63afeaeddc14a9c26bbf303756f5e47182ab7fb2ad75accac9b85f514a700116bc0172644ac006bfb9a901f9293b584a65ab0e7650f6f0403fdf5de755f2b52d","ssdeep":"6144:SvwF0zyFuyME259EmZDEVLLSF09pZ74xAKs81SeVf0We7ptNGKg1Qe7YL3:Sa0WsyX2AqFKaDsZeysOe7Yz","tlshash":"3dd48d6ef782ee8cc42e78b8ce14d1b06912ae68d253c767607e3d35850b0e55db46ec","first_seen":"2023-04-08T08:12:42Z","last_seen":"2026-04-22T04:01:28.69077Z","times_seen":142,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":218,"receive":193,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/secureproxy?e=jscdn/getFile","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://shape3.xyz/","date":"2026-04-06T12:41:53.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shape3.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 21:02:18 GMT","end":"Sat, 27 Jun 2026 21:02:17 GMT"},"fingerprint":{"sha1":"B5:1C:D5:52:A5:1B:9B:C6:2B:84:9D:4B:CD:67:3F:ED:9B:2E:D7:19","sha256":"2C:D1:93:12:E2:ED:0D:F9:31:B2:C5:48:E8:F9:46:70:45:28:2D:BE:2C:D3:A5:CD:8B:A3:15:61:8F:B6:71:2A"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: shape3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://shape3.xyz/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://shape3.xyz\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"oemh611pjbwkjc8qh6hq\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:54 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rKmHSw4nLTaM9LZdida48pfKLaYpb%2FPctqsv%2FLjlWurJJn%2B1yVAySRtlR9TpmhsAnBFfCtMCxyed1dtvRJxKtNg%2BqO8H6Prlt0G1A9tf36GasgouHedOBffx3mDw5o3mQbRXqJ0%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9e80de8ebe170afe-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3405279,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"579e13420c887f39c7d5f3f415cb2377","sha1":"6d7d937ae934cc13525337838d06ef7c6aed2be2","sha256":"9276a918334fa8a8a810450a254104365cc0c2c8b7ab1fb0be433e81318f3192","sha512":"2acead19d48083b2586cbe5e164d53c73ece8ea7b4c564bb7fe910224754d3394a329fbc8194b6a6bf9c53a1c38612135bbd2979cf98394c6087fbe46e1da5cb","ssdeep":"24576:TV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbdadFEr+:T7OwPEZJshC","tlshash":"7f2533006fa7fe964f4cba6034bb7e436d419b82848ca4df9575edc401a837242d9b9f","first_seen":"2026-04-06T12:42:29.281447Z","last_seen":"2026-04-06T13:00:55.289892Z","times_seen":4,"resource_available":false,"data":null}},"time_used":733,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":394,"receive":339,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/favicon.ico","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://shape3.xyz/","date":"2026-04-06T12:41:54.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shape3.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 21:02:18 GMT","end":"Sat, 27 Jun 2026 21:02:17 GMT"},"fingerprint":{"sha1":"B5:1C:D5:52:A5:1B:9B:C6:2B:84:9D:4B:CD:67:3F:ED:9B:2E:D7:19","sha256":"2C:D1:93:12:E2:ED:0D:F9:31:B2:C5:48:E8:F9:46:70:45:28:2D:BE:2C:D3:A5:CD:8B:A3:15:61:8F:B6:71:2A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: shape3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shape3.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:54 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Sun, 29 Mar 2026 22:06:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NBIc3woe7hqhTNCVnKgQ8F12Rq74alpgdXkJoPgLgqDhUJk2RdNPgVN8whBfaytEntI14O6zKPEWwX%2BRVDvGNwbmfLOWX8lzYh9bjE9eigJ96VTGV4%2BjaGC%2B6P4W\"}]}\r\netag: W/\"69c9a254-1976\"\r\ncontent-encoding: br\r\ncf-ray: 9e80de909f480afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6518,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel","md5":"62409e32da9cd5448083bf7f841c3b53","sha1":"572dad6b41df91a98ba348b4afe586ee8591d746","sha256":"c48b3b70ddd3dabf96f84f100a708ccadce703211e6787f91fd330d0e15e1536","sha512":"8b10dc84b83d6ecf4e4c8def10ea922884e40fb135829055473905c18daecf8ea526b23e86c82b925759093f3c011df2468da28a2caa9826c9b9958daa371054","ssdeep":"24:GyAMMnap5uCvmqkaDmfLii7y2ut4XG5q3CByPKmEs4U4i3SE9LIySOGjhaP:GLznapDXNELiR5KCByymEsNSEvSO+aP","tlshash":"9ad165cdbea642f9c24f023acfaf0905919dacf9331444556715fb8b293217f51b5701","first_seen":"2023-11-30T13:42:16Z","last_seen":"2026-04-06T13:00:55.300231Z","times_seen":12,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/bug-snag.js","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://shape3.xyz/","date":"2026-04-06T12:41:53.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shape3.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 21:02:18 GMT","end":"Sat, 27 Jun 2026 21:02:17 GMT"},"fingerprint":{"sha1":"B5:1C:D5:52:A5:1B:9B:C6:2B:84:9D:4B:CD:67:3F:ED:9B:2E:D7:19","sha256":"2C:D1:93:12:E2:ED:0D:F9:31:B2:C5:48:E8:F9:46:70:45:28:2D:BE:2C:D3:A5:CD:8B:A3:15:61:8F:B6:71:2A"}}},"request":{"raw":"GET /bug-snag.js HTTP/1.1\r\nHost: shape3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shape3.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sun, 29 Mar 2026 22:06:12 GMT\r\netag: W/\"69c9a254-b2e4\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=N3FoeOIfzyaPyowGhlaQ9ZH8eoEyyEqrksXj9EomDbGMd0L4C1VFAFJU0zUd6Rr3dAvavdnky2kp8ngjW21gNRWFoSn1nSAb4YBW7PNMm465A%2BqwyL2RjXFkcpE%2B\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e80de8bac0f0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45796,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (435)","md5":"ced52a1c767a79d394cae80be1168ee4","sha1":"0c8c381f91ef1ec4e41ab6c6b5fd964a8221abda","sha256":"3e47d453a76471b98de34953cfe884cc1875aaa61adc0f65959714ac417ecf4f","sha512":"69776986933f490ce6df4eb46aff30b14dcb0305a9b3809a1693b9a27a9bbc21e91bde11680924d941ef64c99809025ebc5436126f699d595cebbe70f1771f88","ssdeep":"768:9GY47qwCfJXQNUdMlgNMuYAs1iQzmoSSh:YqHhkUalgN6","tlshash":"6123b20d28e671715c6370b98bafb108b23a81132518e9227cdec7542f9983d87f6bdd","first_seen":"2023-11-30T13:42:16Z","last_seen":"2026-04-06T13:00:55.298917Z","times_seen":9,"resource_available":true,"data":null}},"time_used":293,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":293,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/js.js","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://shape3.xyz/","date":"2026-04-06T12:41:53.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shape3.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 21:02:18 GMT","end":"Sat, 27 Jun 2026 21:02:17 GMT"},"fingerprint":{"sha1":"B5:1C:D5:52:A5:1B:9B:C6:2B:84:9D:4B:CD:67:3F:ED:9B:2E:D7:19","sha256":"2C:D1:93:12:E2:ED:0D:F9:31:B2:C5:48:E8:F9:46:70:45:28:2D:BE:2C:D3:A5:CD:8B:A3:15:61:8F:B6:71:2A"}}},"request":{"raw":"GET /js.js HTTP/1.1\r\nHost: shape3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://shape3.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:53 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sun, 29 Mar 2026 22:06:12 GMT\r\netag: W/\"69c9a254-37f4c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GHk%2BtM9uX0XsK6gZle7uMIBezm6%2BwK23XfnXvGa6KkVx%2F618wl%2BlROsgSrpgzFceelNL8lwo6x94X7kAGU3htX%2BkGZilLR9ORi%2F06FdaLRA6LwKY371Zcv1N%2BvMf\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9e80de8bac130afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":229196,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4145)","md5":"2afe035621d9b9bd287ab1b802006348","sha1":"6de09c91560fbfa7dcf1c160cc0df291a75338a8","sha256":"17dd286fe76314a63bc861850efbf97af94c5dfdb32da2d23ba7023c811d1f35","sha512":"36e27f5c4ea5a1078b63ea63f7aacffeb95235ca005a58b8bf6f78b22ee96fc06678ac42863a95833c1e8023535419b15451d270d56d492ebf2cc521eedcda3e","ssdeep":"3072:/GyCku0WwDiw0JhdqzNwhqs4vRSn3AkW/rFvDaxacsOmhSjX364EgQ1No62:DuhAfC3ALrFG8csOmsjX364EgiP2","tlshash":"402429ddb79a706643a3b5b8503f014bb23a79a2f84cc894f052d8c42e7466a5273f7d","first_seen":"2026-04-06T12:42:29.293307Z","last_seen":"2026-04-06T13:00:55.288553Z","times_seen":4,"resource_available":true,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":247,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shape3.xyz/","fqdn":"shape3.xyz","domain":"shape3.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-06T12:41:52.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shape3.xyz","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 29 Mar 2026 21:02:18 GMT","end":"Sat, 27 Jun 2026 21:02:17 GMT"},"fingerprint":{"sha1":"B5:1C:D5:52:A5:1B:9B:C6:2B:84:9D:4B:CD:67:3F:ED:9B:2E:D7:19","sha256":"2C:D1:93:12:E2:ED:0D:F9:31:B2:C5:48:E8:F9:46:70:45:28:2D:BE:2C:D3:A5:CD:8B:A3:15:61:8F:B6:71:2A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: shape3.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 06 Apr 2026 12:41:53 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sun, 29 Mar 2026 22:06:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xGNu0Agh%2BShD90HcgRS%2BTR0ARMJYfBRcSaWGxXNHycD6tlDAZ5sXxOaUdtR1iqy4y2%2FymW7NPqZucOmcCz3MKUpWFVNAD%2F5zsjYH2FSPa0G1gkwkMfRphBHFzy21\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9e80de892869b517-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":716321,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"d6e67f55add9d3d75ed09b83cfc12291","sha1":"32f7ac8b3f317d6c09799312859b585b96b16591","sha256":"5d54cfa9136a1f07a33ffdeae6c671895fe958e0ef344d3f3f3482ed70992025","sha512":"d1f36f21f19fb999c8ea69415970f98bcdc11782a34f973e22861658710bf1c0a828b1bb1ab8dfaab8936b429f0bd4a107d11b5c60d34db2eb4a7b2eb5f3ac8c","ssdeep":"3072:L3/EpXpGzsvgvJv6vfvzKtQWPSAwQw1Xpm9RvgvJv6vfvaK4QexnBWy1uOzW:L3/EeBQWPSAwQwM0QexnBWeuEW","tlshash":"a8e4b8d156401254b763cdbb72c2c6d6573a8692db002ff9b8a610d4878e9883f3fb97","first_seen":"2026-04-06T12:42:29.294533Z","last_seen":"2026-04-06T13:00:53.549212Z","times_seen":2,"resource_available":true,"data":null}},"time_used":325,"timings":{"blocked":71,"dns":49,"connect":3,"send":0,"wait":183,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-06","alert":"Sinkholed","trigger":"shape3.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}