{"report_id":"28f7c8c0-6929-481b-9547-1bfe00b20cec","version":6,"status":"done","tags":[],"date":"2026-01-06T21:50:24Z","url":{"schema":"http","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"104.21.28.109","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"title":"Filecrypt","dom":{"size":16965,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1572)","md5":"3e986447e276ed4a25bc68b9d3512d1d","sha1":"37834a926e8183092c9ab93cdcbf5b804a7ea166","sha256":"2387621cfc9f8681a2506ac68b2dd92e2b608f1877762f97197af700b0673aaa","sha512":"20f9d7c6d1d6407c82a0ba660b3cabaa55865b5d28094e2f615ee9acb880bea6a2e371b6cea148c13f2cbb0be614661ed580c6c662d88077f3c0eff20902fc25","ssdeep":"384:YjfZjYjnjbjyEj/qY4WjgjAjzjfCjPjwjkjy7j/qY49jXj3j/jfmjDjUjAjyXj/U:YFkD/OE/hkc3+bsIO7/KbzbK3YcOX/+v","tlshash":"2b720f50041744009b835ce223ce7f30fe4e92517242d0b1abfd9b6beedbda6926939d","dom_hash":"domhash08ae0081c1574fe7e013785c60b9d7d5","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"104.21.28.109","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-10T21:50:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":34}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"data.filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"trusteddisguises.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2026-01-05T09:14:03.22878Z","alert_count":0,"request_count":1,"received_data":53921,"sent_data":462,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.show-creative1.com","ip":{"addr":"172.67.208.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":392451,"first_seen":"2024-08-27T12:23:01Z","last_seen":"2026-01-05T11:59:30.493603Z","alert_count":0,"request_count":1,"received_data":2363,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"protrafficinspector.com","ip":{"addr":"35.156.32.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2025-12-30T21:57:49.11287Z","alert_count":0,"request_count":3,"received_data":1015,"sent_data":1436,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adexchangeclear.com","ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2026-01-06T12:47:42.696449Z","alert_count":2,"request_count":2,"received_data":4056,"sent_data":1547,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-04T22:14:09.841371Z","alert_count":0,"request_count":3,"received_data":122885,"sent_data":1637,"comment":"","tags":null,"fingerprints":null},{"fqdn":"usrpubtrk.com","ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2026-01-01T07:24:01.334994Z","alert_count":5,"request_count":1,"received_data":526,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2026-01-04T22:24:22.284555Z","alert_count":0,"request_count":7,"received_data":3573116,"sent_data":3340,"comment":"","tags":null,"fingerprints":null},{"fqdn":"data.filecrypt.cc","ip":{"addr":"193.56.135.156","port":443,"asn":0,"as":"","country":"Iraq","country_code":"IQ"},"domain_registered":"2014-04-07","domain_rank":0,"first_seen":"2025-10-12T20:32:35.400249Z","last_seen":"2025-12-29T14:09:45.345583Z","alert_count":2,"request_count":2,"received_data":298,"sent_data":876,"comment":"","tags":null,"fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}]},{"fqdn":"trusteddisguises.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":47177,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-12-31T21:55:03.360474Z","alert_count":6,"request_count":2,"received_data":171912,"sent_data":820,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-01-04T22:17:15.216142Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"kettledroopingcontinuation.com","ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":196057,"first_seen":"2025-07-30T15:18:19.355595Z","last_seen":"2026-01-05T13:53:37.280905Z","alert_count":20,"request_count":4,"received_data":2116,"sent_data":2270,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sourshaped.com","ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-06T14:35:38.581947Z","last_seen":"2026-01-03T09:56:38.479224Z","alert_count":27,"request_count":9,"received_data":216174,"sent_data":16369,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"filecrypt.cc","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-04-07","domain_rank":187485,"first_seen":"2014-10-07T03:19:19Z","last_seen":"2025-12-29T14:09:45.270737Z","alert_count":45,"request_count":45,"received_data":3451887,"sent_data":24844,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"script.aculo.us","description":"","website":"https://script.aculo.us","common_platform_enumeration":"","icon":"script.aculo.us.png","categories":["JavaScript libraries"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Prototype","description":"Prototype is a JavaScript Framework that aims to ease development of web applications.","website":"https://www.prototypejs.org","common_platform_enumeration":"cpe:2.3:a:prototypejs:prototype:*:*:*:*:*:*:*:*","icon":"Prototype.png","categories":["JavaScript frameworks"]}]},{"fqdn":"creative-sb1.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2026-01-06T09:41:49.648428Z","alert_count":20,"request_count":7,"received_data":338991,"sent_data":3147,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.google.com","ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-01-04T22:24:34.159986Z","alert_count":0,"request_count":4,"received_data":114530,"sent_data":2509,"comment":"","tags":null,"fingerprints":null},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-12-31T21:11:25.087578Z","alert_count":6,"request_count":2,"received_data":1060,"sent_data":1528,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2026-01-06T16:17:01.418286Z","alert_count":5,"request_count":1,"received_data":520,"sent_data":500,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2026-01-01T07:47:27.133157Z","alert_count":3,"request_count":1,"received_data":377,"sent_data":415,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cdce18a80f3f05180b98e3c025f28879","sha1":"96beb6cf137884fc565ffece9cf949a02b28e63a","sha256":"3c7e0a76a41da83a0a9ff01a342a3d2a9e08e5d2f102ce142c8bf51095b349d5","sha512":"2a3301660c9ebcbe16578d52d9d655e566966e735a5569092446c3a42226b7e0f56f6bca5c9d1857758439fdad5363d29e503b4b298f790f7a8f2adbe66da87c","ssdeep":"","tlshash":"ff9004734f11140703000c475434d1cc7511445d4d41c545d531410f10d57d405cf11c","size":45,"data":"","first_seen":"2025-07-31T19:42:58.276674Z","last_seen":"2026-05-26T09:02:56.897636Z","times_seen":91,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"22cec8743c0caf526719fb32c1d6f2ee","sha1":"109d9a66256d9b1a4adfe424be2f6a16a8c83f72","sha256":"eda3c555ebc406373f662ef5ad40c664813dcc93f2840f3123e7ecf16a6f4d03","sha512":"75615da3a1c91f1eff21926e6b64ac13d78449031a6e96732ec2c5f7e2777a196d20f8acca4fd2673c0a21c7a3d37ed552df634b82d622fc4154efb231fcdf10","ssdeep":"","tlshash":"aae0c2898f45a1bb37ca6008ce66249400f758971c8cb802fb0198207776b2ee996fe4","size":299,"data":"","first_seen":"2025-08-02T19:59:03.303018Z","last_seen":"2026-05-26T09:02:56.901481Z","times_seen":149,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e0e60f35af7ffceda7f367a3d15e3b66","sha1":"15ea41cc97f24aaa88da182edef1d94a6695c2ac","sha256":"4aca9da1641188297c0bf3cf79518a9d8299976b837a4a93bc494ebea6199d09","sha512":"893c5f9222c75ab9f4d8915b3afe29c8e309d485975cce922566ae5778d06b0a74d8cd5a27108993a12d22c403bb0068d73d70900dfb5ef89e51f565f66abfa9","ssdeep":"","tlshash":"c3b09bf5c4897000435914258427655de472557b5585410987b21cd7557cb3a614175c","size":119,"data":"","first_seen":"2025-03-05T17:35:57.058895Z","last_seen":"2026-05-24T04:31:08.996617Z","times_seen":143,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","size":849529,"data":"","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-05-17T14:57:40.198546Z","times_seen":49448,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","size":849529,"data":"","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-05-17T14:57:40.198546Z","times_seen":49448,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/aclib.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ecdf7558b1e3635c6c548fc10da8584","sha1":"e7c7c1884d9c285b850992cda29ecdd97a8fb113","sha256":"2e28db747c7f19fefe9e1147840ca17d00df66ca117d6e91dae42abd7a9cf8f5","sha512":"df24c92efc3125e552f2518ac1f427e55c2a8cd2d4673404e852d0ec5941e9153381279a67a48b6c0b38eff019e3405fe563c03911cdbdbdaff0bea958bcf8de","ssdeep":"12288:sdqeHntKnhYZiahM40lN0R5Jr9OnaYuqFFObnpe9AUTpKWZVfmuenM5xkr:sHtbhM40/0RRIZDFObnpe9AUTpKWZVar","tlshash":"b0d4501837844586371b4ebb773fa5d1e40b38da7609488ff6087c65a1965a3fbe8332","size":612044,"data":"","first_seen":"2026-01-06T21:50:39.836797Z","last_seen":"2026-01-06T21:50:39.836797Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f07ce6c12b8b5ae872220bdb0413ff05","sha1":"fce056d2bebdde8dde78173b543a051056a885eb","sha256":"84d6f45958fa16791faf8066bdb9668fd2a8320a9b11db5febb2fb3e4ab4a1c2","sha512":"d70a2e34b1b2c75d1e9dc4258a546897e75f8b13ad01dc1792b06dc88693b9396a5552b792f7741e6abc0d1a836b3f9e7174548a726436c93ee79f2c90207f12","ssdeep":"","tlshash":"46c09bcd5f403712fb217c6d6b551381ded002f7743525851975e5d376b70bb0d48954","size":145,"data":"","first_seen":"2025-08-14T01:22:34.623661Z","last_seen":"2026-05-26T09:02:56.904742Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"45ecf7458f42da80ac248ad42d610372","sha1":"a5b3edf8328769bc754e6e616a957ceed4fdadd7","sha256":"75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf","sha512":"e269e258cee29ed9ac04510c30517ebd77aa78e9c79b5736e5761bcbd372e38ab00a8092e2d391baf681eb4602dfb9a4ae1650628967735d94695b3d28aa4502","ssdeep":"","tlshash":"fba002f31935c4218ea2c5509953fb88e593611dfd45c1d470254edea3e19d3c100990","size":69,"data":"","first_seen":"2023-03-07T01:02:05Z","last_seen":"2026-05-26T18:17:42.012396Z","times_seen":453605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-05-26T17:41:46.200863Z","times_seen":11689,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026bft=0dAFcWeA5avpm1ZGxWZiYHhvxSvbQbDsNZs5s_EbSLThSD8o-BWTp5yv2CI9_06QcJEauo5dVhOQyEHMp0WbKCsp2xZG35YSB78g","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"45ecf7458f42da80ac248ad42d610372","sha1":"a5b3edf8328769bc754e6e616a957ceed4fdadd7","sha256":"75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf","sha512":"e269e258cee29ed9ac04510c30517ebd77aa78e9c79b5736e5761bcbd372e38ab00a8092e2d391baf681eb4602dfb9a4ae1650628967735d94695b3d28aa4502","ssdeep":"","tlshash":"fba002f31935c4218ea2c5509953fb88e593611dfd45c1d470254edea3e19d3c100990","size":69,"data":"","first_seen":"2023-03-07T01:02:05Z","last_seen":"2026-05-26T18:17:42.012396Z","times_seen":453605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f7acafe40dc69373fcc6c52e52e87cb8","sha1":"d69faeef14540881b58bae7caf9ae92e52b0d5ee","sha256":"5a6e52f7ed2227712e1b6b3a9a49f929eef26435ac1b0653eeef85f681046acd","sha512":"c771a9ac700064a187fb6d9124f4c5958e6125572e5144b8459ccf9ca5fc9c8e2f7c410d541d316d18c7f949212e903bdbaa725ea54e7bb33a49cda30e662750","ssdeep":"","tlshash":"ebd08c8ec000af68008268198164110051b38f633c0824a937ec6b1c0f1c43e0cf6b1d","size":239,"data":"","first_seen":"2025-08-14T01:22:34.627708Z","last_seen":"2026-05-26T09:02:56.912926Z","times_seen":66,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trusteddisguises.com/ae48f0b770d2035559142c08aecd80d3/invoke.js","fqdn":"trusteddisguises.com","domain":"trusteddisguises.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c63a8220df25042f0ffd60dc45d3d6b","sha1":"651e38735de25223eb08a08547a627dd1fbbdfa7","sha256":"24c8189161f7f1bde66e710873abf4eab352180065a43a56b6a2cdbf93950565","sha512":"03844b1fee1bddee7d3e398f506ae4ff409e210e2594da6b441002f9ffe69c44b8c64a39bbeeafee48776d25b725b5bbb1038aa46a306e1bc66ef686982b8c00","ssdeep":"768:dB2EL/5+sNKlKMHLQTwkf0RysYeLvLoK12G6FYc0Cas0f:dB2EV+aMHLQTwkf0rLDLoK12tFYNLB","tlshash":"8f23fa5dbf92f006165f70b7372fa106b11a8c19680cd89cfa07fda46d68f45e837aa4","size":46331,"data":"","first_seen":"2025-12-20T16:48:18.719495Z","last_seen":"2026-01-06T21:50:39.864321Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"85437373b5e6227ba080ee004d0efe95","sha1":"186134ed28691001dfeecc604d51727b56992fcb","sha256":"008ee1e98028eb792be76c14d7751f4d8fda27776b8d6c52669f6a603314dc38","sha512":"f34e271372b6bf36cf05be8a66cdd0340daeb547f86651437e3017e1dfa39963b48030ff06d3952856bf2603283fafe7c639e691aec4d807ccdc4cd627d2f238","ssdeep":"","tlshash":"78d0a7a569758c3965d9014650f5d7a8266061507b16664481d8cc2b6a21f9348b1598","size":217,"data":"","first_seen":"2026-01-06T21:50:39.885158Z","last_seen":"2026-01-06T21:50:39.885158Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/63/92/1d/63921d76617cd6f9a05f4abb537a9c2f.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"62c22c27f0675936e2c7038522978799","sha1":"ed1ccf944d3a0d9b746fcaf62bb0534047b51cac","sha256":"9e3fb08e3a56a91c889020364f5d035bf1fc6a1c6456cef652ffd17be53d93b4","sha512":"d2744881141cfcc165a0717ec8d9ce266cd0c221150117c4ce9bf81714e5788b61cfd47d054d27a608408357add0b6ab2b3a992e4ea21d9af302ff9c15eaf829","ssdeep":"1536:Td3V/gVqfRjblFEvzOc+NxPXLZC8kvRQGntv7p4WKM4OLAZVCAFhuEQYX:8qJjblF2zOnC1JQGntTpU5oYX","tlshash":"7db3d9987f01b05c07de703b252fb71bf55a1e59298cd6d4e107f8ab1a9c70be83a612","size":111912,"data":"","first_seen":"2026-01-06T21:50:39.873427Z","last_seen":"2026-01-06T21:50:39.873427Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"e6b94d4f5d90410c81209ffbed38cd85","sha1":"34dcafe1e1e6e4b83543137b3c6e8a612f6f2ffd","sha256":"798edd37188d02124ce71f4e18bddb8ddb8c1a327bcd0701aa84b3eb7ae76097","sha512":"0d701e14c959de2a066c36cf9b1850616329e0e48cff7812401209036ae6bc9351e8ff35c9658457178f0a35ffad4b44f85c91d44231a048752ec53ea5183d15","ssdeep":"","tlshash":"3731c7385e3444cc754b32e24b056d0eaeea2d2aa566014da2d951bac73672367cf1f1","size":1506,"data":"","first_seen":"2026-01-06T21:50:39.886015Z","last_seen":"2026-01-06T21:50:39.886015Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/prototype.js?v=1c272ea9","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"543d229c2bcdef172115436fad5f90fc","sha1":"ba049ed40a1de289ebeff02ecdd06d672698529d","sha256":"03c8a691599b64d9271b7bd04de14b473745b9e115fa78bce6d5965577a6cded","sha512":"13cf02e295f0cc8e06d985a84737de486c8cc6525020fecfa303a62b0fb043383ecc644e83d259c4f48807a6bcd627271600a1d53b459c95a1aedf3a777e0587","ssdeep":"3072:uTGkmCjk9P/hWRg54hz7kvakB05JldluWX5IWlY2:zkG9P/hWdkB0vp","tlshash":"1a14209c7de36035961bf03e5a9f840cf27984171509ee50b89c86a46fb0d3856fafe8","size":196930,"data":"","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-01-29T23:03:00.310327Z","times_seen":576,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"794e344b049e8863a7926effdbfbf272","sha1":"84566707a716a3bde652f3f5c100b971691d4039","sha256":"8504df1d1e0c01a27471b145251f57c6c924b3e64bd15c322a33777181732a7f","sha512":"68b900428c564aee7155bdbdddc57959c955aecb7308de3ebeb2cefc33c190e40280cfd787bacb8833d2b8f112b4a45af42c5de6fb4712fac71ae1d9b0413469","ssdeep":"96:9HWoz03H9YAZXlbXqtP7AkpmlB6knLNk/zDy1N/t1kU41jD46UCfMEDaH:ljzQ5VXqtPtp66MkLOnXkfv46UCkCaH","tlshash":"67914bbe5cd050fc684b30fa1a3978086c64500b65098ac2bd9cf3768f316b56e9edc4","size":4514,"data":"","first_seen":"2026-01-06T21:50:39.886762Z","last_seen":"2026-01-06T21:50:39.886762Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"368447d079bd6786c29a8324096f87ab","sha1":"60168ee76733f23d3df4c112d289e6663367f973","sha256":"9ef636a7d5350f3bfc49cf81767b152b0502a743e49a215f43971983ff28788f","sha512":"8b91ad341ac02b8ecfea56109f1bfbbab6451c5002c2b94a6c3683758700b878484a7e7a10031fbfee6298afc0edbe50e7a771e764059b468b885642405288be","ssdeep":"","tlshash":"767000082c08a820202ab03800cb000a202a02a200020202a00022882c3c02e000288c","size":22,"data":"","first_seen":"2025-12-10T10:56:06.868347Z","last_seen":"2026-01-20T21:14:28.953887Z","times_seen":19435,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-26T17:41:46.196343Z","times_seen":17007,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-26T17:41:46.196343Z","times_seen":17007,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/controls.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"03b502fd8ae202eb164b348749392720","sha1":"8a7d159d60afcfa936eb28f6dd84d8ab874133cf","sha256":"e202a06e4447b310dc039ed968aab2f0595ca77eb52ec246d24b0a80a536ac67","sha512":"c913bb469109b326a5aee7d5f9b51f8c5b5169acea815165055aade6d407d466c5f61dda2751b8fac2f622231045293889ab1186f1df03a34367f4f215cf232e","ssdeep":"768:UJ6cryUsoAvpvXGGH5JXDedDaICVrF+Ae197GHOISf8H1f/RtWGql60kp:06crZsocf3+/ISf8H1nRtWl60kp","tlshash":"89f2504e73ab172581eb20aa6f5f414a7238811b2c06d81c7cacd7c45f5993492fbfb9","size":34787,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-05-26T09:02:56.893638Z","times_seen":886,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b57455c9a0032c8d67868882258a4a19","sha1":"017f1d5e957af25bc7ee498e8e6104da00835773","sha256":"1aa296f8312ecf0d0959f759affc2850e1ed52b321033a51355cc1f37fd5dc89","sha512":"24db4575be8e92cfb7b408e04e6bee7cc5257a22b46488a3f4e9a8dbc05f75c3f4a465fea59e4ea866c1a9f3afb145f50b60fb5969a61ef7c466d572a7197e57","ssdeep":"","tlshash":"581165731a04f0350b3209d1e1ffc7b5e482b01cf12845dca511ea842f79ccbce04589","size":1017,"data":"","first_seen":"2025-12-15T23:56:17.122996Z","last_seen":"2026-01-20T22:35:06.74886Z","times_seen":7485,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3e0bfdd881d2ef79680181a8adc286a6","sha1":"3ef9818a4d059677557f3cda0a75f781e555d0c9","sha256":"225237254ba955364a896f0eb2181a64f71a0b6a291b966d3c9ee40e6b2b84e6","sha512":"cf7760987b52a22c6863720878b2efee435f097a4601b963749b51b89b8321535810a1fdb855b68318fdcfa4ccf217a766908cbff66146ac78c82c0dd0620678","ssdeep":"","tlshash":"219002568c5480dc90592814a04d42009a786c1139619d75190e6555a5045249632a58","size":51,"data":"","first_seen":"2025-08-21T12:45:17.03976Z","last_seen":"2026-05-24T04:31:08.997497Z","times_seen":88,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"7e644e575cda7defe478aff894c81042","sha1":"9018749903a5b9fec1bfaef443ad4fcb4dfb4abe","sha256":"2ff4dfa536b10b6d61979093f62eedc0bb68f7d28498483d4a188dd5f265a5e2","sha512":"07f6a5c84799b19ed14d477a3a724fb9e4a9676b085ee6a9545cfd0aac4e9441f995a95079bb925813af8b920691f8a23572678f22c578be02f10347b311a02d","ssdeep":"","tlshash":"813109ff284422fc8ecdaaa6342d76046c79a586d68e0bd31e75e72150794d6323ed09","size":1776,"data":"","first_seen":"2026-01-06T21:50:39.888789Z","last_seen":"2026-01-06T21:50:39.888789Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fe80c0f67a90618248c2279ab4691431","sha1":"f9603a456265fdc050d327005076de9408ce9501","sha256":"64992f2191bcfa1df4d5432170c021bab7a5e411e58ae069ad324f49a6c08af2","sha512":"bf1bd4e8be6c12b319c694ed0b175803ca56c84f6cc7ac36c7dd81ef187ed8a22159cec9da0fbacb7647d9777170dc4de543cac2bcd3abd332c02ae91b77882a","ssdeep":"1536:bSRUnYQ9PJhopNMpRMg2wZBMs16JluqZ+DrhODWv8t:jhJS82oGa0luMIUWv8t","tlshash":"aa73bf2fb70278dfdfbddb000bd5dbd92238a54a6116448d07eb05c25a3aed9a6740dc","size":74384,"data":"","first_seen":"2026-01-06T21:50:39.889632Z","last_seen":"2026-01-06T21:50:39.889632Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"d19c4e187e006dd8398db1538ce4ee0d","sha1":"4b7581f9d0688845f5c72801a58ef8a932489012","sha256":"416a352bac95bc32bc656dbb9ce4c1baa1f938faedac92068784bc53e5d07673","sha512":"bbc8c227aaac04c5723433d571ab57c5eecee805f820815f347e431bb74bf5ea48ac9d61ffdd85bf83df23f513c86461412bf578eba37726a1f1fafc277fa2ac","ssdeep":"384:XDbSlvjgR6DcHiixu034cEo6naeLk6NuD1xNuVP/Q7:nK7gwwe034czQaeoB5xNuJk","tlshash":"4dc2c68cf6e1f16d92b6a4b4006f111df6b67811da08281cf151c6d86e70e9d90abffe","size":26068,"data":"","first_seen":"2025-12-24T12:29:34.599825Z","last_seen":"2026-01-07T03:31:48.474615Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/builder.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c6321f204481f259724bd6455c0fdded","sha1":"af9964a44d31fe9773b46d6cd62612ec2137ea79","sha256":"828884af31cfdef92040ee522a81d8f82c7998b72c3e7d35e1c442946b5d2b0a","sha512":"b4541012d505ecc1fb45f4caf49f0d3468fe36c06fe4dd765ed3a6f1947f2607139b87ee30d8798a9c29c2062350985e8a448d0e54975c26fe71564b4327a644","ssdeep":"96:/ztIEijFEJLqATz9rbTg7ClLDT7+9uaDySvihTMK6gVoGPLochgQr:7eEffdT7i8MwTGMLJr","tlshash":"17a164a5b1a113f2199b552f16bfc10db2a6001f6804aa60b8dcc3ad0f38e5531f6fdd","size":4744,"data":"","first_seen":"2023-03-07T01:03:08Z","last_seen":"2026-05-26T09:02:56.891769Z","times_seen":1005,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/dragdrop.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f96dcb27ba6d7f4b95230edcb7fcb56","sha1":"157cf4f6566d41518f35656db74c8711b300e5ad","sha256":"7a73cad846dc23360722dcbee514af620c6fa628780bd7db889196e2e284f655","sha512":"a87a0248534206f45014899274d43f67993d5d0198d9e64c904dfb393570e563ef2e4ba3ad6d7148d24b7133c99b709439e82f88e67b88ac7262434d13c2a3e3","ssdeep":"768:kaXA2pg2lw+7Tm6WNh3vTqhUOf+Ec5o4i26UlaBJb:lX1jOfTqhUOf+Ec5o4vlaBJb","tlshash":"a5e262493966362950dff1ad6baf450eb27881972444c8747c6c4bc89fa0e34a4ebff4","size":31241,"data":"","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-05-26T09:02:56.892291Z","times_seen":613,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/pdc.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3ecdf7558b1e3635c6c548fc10da8584","sha1":"e7c7c1884d9c285b850992cda29ecdd97a8fb113","sha256":"2e28db747c7f19fefe9e1147840ca17d00df66ca117d6e91dae42abd7a9cf8f5","sha512":"df24c92efc3125e552f2518ac1f427e55c2a8cd2d4673404e852d0ec5941e9153381279a67a48b6c0b38eff019e3405fe563c03911cdbdbdaff0bea958bcf8de","ssdeep":"12288:sdqeHntKnhYZiahM40lN0R5Jr9OnaYuqFFObnpe9AUTpKWZVfmuenM5xkr:sHtbhM40/0RRIZDFObnpe9AUTpKWZVar","tlshash":"b0d4501837844586371b4ebb773fa5d1e40b38da7609488ff6087c65a1965a3fbe8332","size":612044,"data":"","first_seen":"2026-01-06T21:50:39.836797Z","last_seen":"2026-01-06T21:50:39.836797Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3ecdf7558b1e3635c6c548fc10da8584","sha1":"e7c7c1884d9c285b850992cda29ecdd97a8fb113","sha256":"2e28db747c7f19fefe9e1147840ca17d00df66ca117d6e91dae42abd7a9cf8f5","sha512":"df24c92efc3125e552f2518ac1f427e55c2a8cd2d4673404e852d0ec5941e9153381279a67a48b6c0b38eff019e3405fe563c03911cdbdbdaff0bea958bcf8de","ssdeep":"12288:sdqeHntKnhYZiahM40lN0R5Jr9OnaYuqFFObnpe9AUTpKWZVfmuenM5xkr:sHtbhM40/0RRIZDFObnpe9AUTpKWZVar","tlshash":"b0d4501837844586371b4ebb773fa5d1e40b38da7609488ff6087c65a1965a3fbe8332","size":612044,"data":"","first_seen":"2026-01-06T21:50:39.836797Z","last_seen":"2026-01-06T21:50:39.836797Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","size":849529,"data":"","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-05-17T14:57:40.198546Z","times_seen":49448,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6f58a02153e4062125f27bea6261d21b","sha1":"ecafcf0f934ed176adea21ba44a5307fe8e6cab4","sha256":"10c5a4a7ef5ecdf4b9cf338c8d8a343a11baf6fc55880df9a8457cfd7a4497c9","sha512":"964d335f476e160481f059f5c063fe76829a0486d0751e427d6114f8978ebb91a347dee996a59f41b29cdbeafcccc28f15829af3bc34c6d3f7131c400a6eec84","ssdeep":"","tlshash":"de800475173540f75cc0140cc50c4d5350dd1301c40431f317c014c0c0340f1005d400","size":35,"data":"","first_seen":"2025-08-02T19:59:03.314687Z","last_seen":"2026-01-29T23:03:00.427817Z","times_seen":87,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c9482ef6ec165b0d18bf413c316459e4","sha1":"47c8106c48869823491fe022e7750394ba5ebfed","sha256":"6e444da6ab7715dace14fd111353fbc5c1e3fa5366e3bde3ad94557a84a335df","sha512":"fc3a07c2657a88f2991b5a58aa41eb3a578a2b0d0062c2a99a2caf294e0512d630a1b4a63c95e1644730c86a94249375684d720d09064305097b140002dfd2c9","ssdeep":"","tlshash":"9f017b7d46f304706163b0b94b6b5510b137997b5988d5343e0cc7153f5436c87a27e9","size":756,"data":"","first_seen":"2026-01-06T21:50:39.891263Z","last_seen":"2026-01-06T21:50:39.891263Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7862229697f6d2b4c20be95f44beb37","sha1":"f05b4208678efac86d8e9073d5b43d6e981244c4","sha256":"4eaa4fc2af7463f437c2a9ae8c5d3de4171b47fda3d17a8ce99314124410c0fe","sha512":"f010a7d090e7545c70c252c7bbf7884ca9fb8569b1064f202e7695cf03f63bec0f64774c4e412293cdd078407c01ddc0afcbb829fc8384208229acfbece895c1","ssdeep":"192:SQbXAO1AwHQFiwabK2hehuazGcJYIWhiP5qB64QMlmGSbxUr8zf:fbwO1xwabFhehuGGT7ixu3QFqwzf","tlshash":"3c22e78f3f707d864550adc214b7b8cf348d8d2958c265068d03ace43f6ba55a7a7fa4","size":10529,"data":"","first_seen":"2026-01-06T21:44:27.102156Z","last_seen":"2026-01-06T21:51:57.81213Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"a31c3faa7f070bea0dfcd135efc91335","sha1":"2c0a419826c5438ac8e96f10b597224c4d8601f9","sha256":"e07765ac0698cb214ef4df8056a9f69df72a0f904321d110a37222a4a7532f9a","sha512":"92c78fcd89ec97d1ec6b73a825c4e22fd53411ade7216fa3421c5ea77b5652348be64c295e7ff6e743da11c18e64c8e659e32ac6b93bfe5cf9d31f5906e0a9a0","ssdeep":"384:nDBSlvjgR6DcHiixu034cEo6naeLk6NuD1xNuV7/QD:NK7gwwe034czQaeoB5xNuVo","tlshash":"f892c6cc3ae1f16d82b7a4b4046f111df6ba39115a08280cf151c6d86e74e9d90abffe","size":19698,"data":"","first_seen":"2025-12-10T10:56:06.863546Z","last_seen":"2026-01-20T21:14:28.959026Z","times_seen":19421,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9aad8553bdba87ad747b6d3848536971","sha1":"8b8f648d660b82fef90fb0e4af19232161429bb0","sha256":"404868609033682684044c2ed8d601764fbcc2a96871efb7755459b7a4e1781d","sha512":"f8ffec53aa0fbafb869c24f5182abd699110e1967444058d43e6fdfa7829760394923fc8fdfb9f01d7c67a31488418d962399b587aeb4284ec4a686f5cba910d","ssdeep":"192:gtZiKipififiFcrcYmeokUkq1VpTgjism5KFAQkOwl+21AleJkzepeQToJ:gtZiKipififiSokUkq1VFgRkOwl+jKm","tlshash":"1952554409b9da30c419602f213e2362fb6809279d66b6c9fb885405afcfd6f79b453f","size":14432,"data":"","first_seen":"2026-01-06T21:50:39.892565Z","last_seen":"2026-01-06T21:50:39.892565Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/scriptaculous.js?v=4daccb0e\u0026load=effects,builder,dragdrop,controls","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"945aadb4d8b5f2f7a58a4c7ac244925b","sha1":"3e177b34daccb0e40b841fb9331474d687917ac2","sha256":"78cbc6b573f99b4c9c92077e62e0550abde74981f021023425e5f957b95f0f9f","sha512":"a099e32c6a2e0155bf124f2247654c5cf2b45247830de58f2063e108b01d57dbc7913212e6d8e5011f11d9d8e81b464ba16f1412ec623289442b36a013483591","ssdeep":"","tlshash":"bf51d91e7da5c27014a72275023fc00a332b71a73544db48b4eee5819f985ac6db7fe8","size":2975,"data":"","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-05-26T09:02:56.879846Z","times_seen":614,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/container.js?v=832a4247\u00269823982","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a17bab6786adc39007740e0af2df881","sha1":"300ebf7832a4247bcb35e71c81b6af9637306c0e","sha256":"818ce9cd6d2a19fdd46620f7a74973743e0d3f80f044e7ff0fa370d62c1900f9","sha512":"738850b90575c80e42873013ffb29337b0b85e46122f5a41040eac606708330a763475876329ea663193af253769356c13879c1d7a88b046368161e95ae0b154","ssdeep":"192:5z4NhhgTc1iBPQE25BOyBQNVe7AaqTl81FcyxoDxAklF:l4kAnkeQl8HM","tlshash":"3ee152aab8eb0111512bb4396faf31143b12e627100ade107f6d47915fe0a3665a97fc","size":7004,"data":"","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-05-26T09:02:56.849445Z","times_seen":506,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"61b73a51ea416ab143bd8aa02be8503e","sha1":"2504c1351ed7f0503bbcc160f983a72b3ff47242","sha256":"77e320de53c79c68f20beec1db2c5a041976ff9909a99b98a7bce0e180e95e5a","sha512":"89f333205290895538c8bbc993cb72e487dfeb41949a8fe1afbe29478c90e1b8e98b6807830d6f0db8f1d5fcb807fba80a47914040a49b0a2ab55c9c24fcee88","ssdeep":"","tlshash":"ec1104753b155538c5c5408731bde7a93d3250217f029144c2accc285d18e8314efcbe","size":902,"data":"","first_seen":"2026-01-06T21:50:39.893362Z","last_seen":"2026-01-06T21:50:39.893362Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"4bdbb487475b3e6bb2edeb30f3c16e92","sha1":"76f4f1ecfe92e127cc0dd93ce60279b99bf2bace","sha256":"9a66353e221e9d6a76dd9c8000dd2f822c6bdf6b8cc7dea367aed6fda6e29fb1","sha512":"770d30aaf19f48b48cd679c33d17e69d0c2d3ca92eec5bf38fc397c4530a8f489d0dc2086d8e5bac383ab1ea8c840ec307f872612cdabf27cfae3844aa6fa8e3","ssdeep":"","tlshash":"23a0220c0e30ca30002a2082a00a00a80e20200000e00f002ab080830b28cbc00330ef","size":62,"data":"","first_seen":"2025-12-10T10:56:06.864317Z","last_seen":"2026-01-20T21:14:28.954464Z","times_seen":19435,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"1648ffb33ce66c1dce6b100fb73c7c63","sha1":"61574351b5733c57872898265a6dd39558ab3a68","sha256":"75cc6262bd210f440be1ca9365604501866618ad4078ba5ece982c9c616138c3","sha512":"9bd1293710fd96eb2b379a0ff158870216879fc8fc5e774f20c7d86f4b71cccff51807f621d6076cfe928b1526e92fb563584005fdbe71ee1411fc13c2f562f7","ssdeep":"","tlshash":"8d7000082c08a820202a3038008bc00a202a020200020c02a00822880cb802e0802a8e","size":22,"data":"","first_seen":"2025-12-10T10:56:06.867552Z","last_seen":"2026-01-20T21:14:28.949715Z","times_seen":19439,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026bft=0dAFcWeA5avpm1ZGxWZiYHhvxSvbQbDsNZs5s_EbSLThSD8o-BWTp5yv2CI9_06QcJEauo5dVhOQyEHMp0WbKCsp2xZG35YSB78g","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ebd7a81d8cdc9d4b5a41d7f94cc49dc8","sha1":"47d5a767c3dbea4174522cae8d2f10dbd331141a","sha256":"f31fe1caf5b7233adae7190f225ef716bdd8c19d98a84461eb770c6f2c6c8c9f","sha512":"85388244e2994adec4fb743530f324466cd3094103b7f8f7b4ea794cf273c4b279429809050c4b237e54b296de981b86e7aaa4819247fe399d7cebe6b57ecf3a","ssdeep":"","tlshash":"5dd0226312131ef70c25ec310c23019eac890e27e112d7f8bacd7d82afa0e103900af9","size":219,"data":"","first_seen":"2025-08-31T20:47:51.734151Z","last_seen":"2026-01-29T23:03:00.410416Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/ad/32/73/ad3273b60a74d71d04b6f2a53e630fe3.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8a7c55f84292dc407f3831992808c4ae","sha1":"f87984c98222caff96151bd8a80c02c5c462750d","sha256":"989c9d2586e718808cd10cdd0a64e7a38d89d17d4e175945154f3f9ff7a07c16","sha512":"ff0d418326364ab784b521754953dae7d37bfab3cf70c9d0edc2153fefc691407be223e2181bf6637793831eda3f73f8ef6d95f48ca4e465b6bbca8627920020","ssdeep":"1536:x9yUBg8XFOUGDAVTesz3WArOwlNyBv77NzxpQ2jFFwBdjINf:x3B91cupUhxpJwTI5","tlshash":"5c7309487f82b16b5352a073626fd047f0256f1261dcd498d123e6e86f6c33af636b98","size":78888,"data":"","first_seen":"2026-01-06T21:50:39.879951Z","last_seen":"2026-01-06T21:50:39.879951Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/container/link.js?v=eadcad74\u00269823982","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d913ea989677461815382d6d7aeb099","sha1":"d36489deadcad74e91d4d1e54901ac47d6a3232b","sha256":"d4a31c31c4d3a1f465e3ba595239a79203ade8966ef9bf1a4ba179b7382a8b02","sha512":"3df651599569659dd9ff65e159694cd456ae0907b3e102036506a90a08b9b897f254d0a87cb0e358e6ab973b6c684e9bf4da7f623f0fba7bf428370103ec5d8d","ssdeep":"","tlshash":"d2312f2b7c50116201535a215f5eb92ebf26d82641a8ce40b7f001d6dfe2f761d2edcd","size":1734,"data":"","first_seen":"2025-07-03T09:52:25.318204Z","last_seen":"2026-05-26T09:02:56.859273Z","times_seen":181,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/effects.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0dea24894889a4c537e1a451a35f03ca","sha1":"f72e2ee2019cbaceff0b7fda89ebac9faa7c5b6d","sha256":"055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0","sha512":"c532fb6dc13525a9ece1b5be74cdd3cd03335865778bcafc012e4e7d7b6332384a75c99245dc8e17d48f3cb9461faed6a9188bb0c673b35e69fb4202ba0c6c22","ssdeep":"768:xm8eUKDmvw8ulXZwb4Clh2Z4yrABSKQ4l89eqIG3V6e:xm/UKDmylJRqhSNr4Sp4C9CG3V1","tlshash":"a903540d3ae7242580dbf06e595b490cb2394107150add64b89e82e58ffee3825f7fe9","size":38471,"data":"","first_seen":"2023-03-07T01:03:08Z","last_seen":"2026-05-26T09:02:56.894185Z","times_seen":1201,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"154f54d01507ecaf9362f82518c6f05f","sha1":"01b4f1be89829e1bff81ead5c174eaac021e12c7","sha256":"18a100f08f8cda327df77747e8ac90b350d041b2fe852f5ed487d18f5d5e1c81","sha512":"4fe391f1be20df5eef7ee230d020334fb103dcef394ace607a2f362687eb524f05ba52188764fb6e2914fe2dec5318b77064739542baf4161d28d4757af8c574","ssdeep":"","tlshash":"2fb0121b4c01c011514404c9c030e80c901450599200cc0e50d640a732ccec80c2086c","size":95,"data":"","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-01-17T20:43:07.892908Z","times_seen":276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"53a06f73e066406666e4eea51d44a01c","sha1":"49240081c799455bd853856a812ccdee1c74f3d0","sha256":"9f173cadef84685857de19e59ebcd08ab8c18a83b60d459d957321b22397a7a9","sha512":"1b6bd64a013d7d004197bab39e7bf0f541c15d88ffd7c565e889e67cc6836917c4007cfc50757b68724b81b047673b7cbcde0ba4d45f3f675e072ef4dfd77d1d","ssdeep":"","tlshash":"7bb012278c41c010510104cdc070e81cc01150758340c80650d5004a32c8ac80c2186c","size":95,"data":"","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-01-17T20:43:07.89354Z","times_seen":276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"68b3cacbbd6e39c58cae28b60676b051","sha1":"08dc72e662d2dc8330dcfa14c71250d8e2bdad2e","sha256":"9e208990c672d3d4d66b3dff6e7fbb4f8042ae88b0b6ad7d05dc106cfe653138","sha512":"5539af326f8023b9e5269a78decdc787d9024226150f27a2342dc2479e0229c6c20f9c5de2db1d63d9cc989bd323769e6b7a3b11226a9e99c647549baee48b4f","ssdeep":"","tlshash":"2eb012174c02c018510005c9c070e81d800451a68200cc0650d9008632c8ec81c10c68","size":96,"data":"","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-01-17T20:43:07.894125Z","times_seen":276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c2852b9054705cb5d79bced9ba58f49c","sha1":"6d08ceafe6ee4b148c6568398f3259ae68c8da5f","sha256":"7a69ba3f8fea63aa34a1766462c466807876390b10795952b5003d94786e2026","sha512":"a73ce4cd0d94d7abba23cfa7221321c250079af2f0a6994619cab8017530bc8bac208dfb1417f9de1c2fca0cd2d08eaa5cd76b16245c0222d3831fb9c7c84185","ssdeep":"","tlshash":"0eb012178d05c020510008cdc170e40cd0049065d200c80750d600c633c8ac80c1286c","size":96,"data":"","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-01-17T20:43:07.892256Z","times_seen":276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026bft=0dAFcWeA5avpm1ZGxWZiYHhvxSvbQbDsNZs5s_EbSLThSD8o-BWTp5yv2CI9_06QcJEauo5dVhOQyEHMp0WbKCsp2xZG35YSB78g","date":"2026-01-06T21:50:03.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42555\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 06 Jan 2026 09:30:09 GMT\r\nexpires: Wed, 06 Jan 2027 09:30:09 GMT\r\ncache-control: public, max-age=31536000\r\nage: 44394\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83364,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1e1e7ef5663f5b92b4516b94446dde2c","sha1":"e986dbaced4170ab6fd5852aa806ba6ed1e8cc14","sha256":"f71a14f41c5875c258dcece1dddf55d50a26b8e5bfb626ea07b948551f40fcad","sha512":"5ef4991a1755e9cdc4d2497050219de08745fb473b7d945f52abf572ae921472a64cba48a5bcd590a0ed63f3f4ae9c456d77db584b8637b65b03a5b45fe5c7f8","ssdeep":"1536:1fGNbFoZJSUYOOaLnAW8+IcTOImIdthXwW5l1Dx7:1GRFauOxLA/+IcTOuLX1","tlshash":"dc838e7338513b39fc2b9b616186b9edf21cc423e5514bfab5497a20c3db19a8253b07","first_seen":"2025-12-11T19:34:34.541785Z","last_seen":"2026-05-20T08:12:38.508345Z","times_seen":44151,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/RU.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/RU.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MbpQ4NZNW3JWPTSf7FmzeH4z%2BGXJzPLV%2F4XOlYwOj2Vo5%2Fvannm1ZIIwYIzQypfD0ZKYBmK4eIE19U1w5paMlYjOHXXARqcSVyTiLA%3D%3D\"}]}\r\netag: W/\"6836f090-387\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cd01ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":903,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"cc063c0d834b76f47d5c2982832ace70","sha1":"8640689f3aa8ec821444cdec4f7b1f458bdb5445","sha256":"8f4b4960fe610842de43ef78009ba1d93b1bac51e5d2719181cffe94a0266cca","sha512":"f2751d73c0b2ea0609703f1964da30859a77b0e690cb521152d2b665e84793c039ae3c7fdff188a8c095211802e3a593fe6680ecd8a579fdfd2014f347671a44","ssdeep":"","tlshash":"29118ca495435c2b6830ebf0db74e76e133243b05fd5e598a36b356f301a54305c5ad8","first_seen":"2025-07-29T23:13:50.381324Z","last_seen":"2026-05-26T09:02:56.895421Z","times_seen":153,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","date":"2026-01-06T21:50:02.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 05 Jan 2026 08:03:23 GMT\r\nexpires: Mon, 12 Jan 2026 08:03:23 GMT\r\ncache-control: public, max-age=604800\r\nage: 135999\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-05-26T18:17:41.813922Z","times_seen":632632,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/c6/03/e8/c603e83fb40b46b58dbb360dc1747e11/1756656826.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 06 Jan 2026 02:32:52 GMT","end":"Mon, 06 Apr 2026 02:32:51 GMT"},"fingerprint":{"sha1":"8A:68:C7:51:16:AB:C0:0E:F3:A6:17:12:E1:07:66:95:36:27:86:2F","sha256":"79:02:9B:96:2C:55:77:35:46:DB:5C:3A:D0:CB:0C:13:BA:42:DE:12:27:8F:10:39:52:51:F4:1C:0A:CA:0E:E5"}}},"request":{"raw":"GET /cti/c6/03/e8/c603e83fb40b46b58dbb360dc1747e11/1756656826.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:02 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53571\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:13:46 GMT\r\netag: \"68b474ba-d143\"\r\nexpires: Thu, 08 Jan 2026 21:50:02 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53571,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:43:28], progressive, precision 8, 728x90, components 3","md5":"e2a3f96684fe29f60b2f3641ac5133b5","sha1":"19067bc7d9210709212cd32db05b55aefc422bea","sha256":"68a37280ff695ace386f3aabbbd8b75b36edce98355533b33bdf0788a7e8e8ce","sha512":"2811fce581695ab109a3788a4b0537b399804d0614cb04c0bd5f6e054f2ce6fa7dbff1385d3b222bbe7725a4489b3efbc3c1781d9f1d37688c160e2cd9dde8e2","ssdeep":"1536:GlRHx8xHqHTbzDnzmr0vCqxt3O82BAhjE:yHmKzfDzfvp2Gh4","tlshash":"f233f1078fe18d92fae48475f8f2d791d22259d5e7b316603e5cf91837b1892dd4d202","first_seen":"2025-09-02T22:57:47.7902Z","last_seen":"2026-05-18T15:28:38.148595Z","times_seen":737,"resource_available":false,"data":null}},"time_used":333,"timings":{"blocked":135,"dns":76,"connect":19,"send":0,"wait":21,"receive":39,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/2/img/banner2.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.882Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/2/img/banner2.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 88141\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Sep 2025 08:17:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68ba9c9c-1584d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 4218943\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gIFmdF0iXCaBi757SCfV98dAjnj6bSojl8XTEAzUgnKCYP6WwIsl3%2BoNRyx%2Br3pi00F217SFArP7cIfxbEVGenfKvITOMKri7%2Fds3HKYXXg%3D\"}]}\r\ncf-ray: 9b9e6dc3ff670daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":88141,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGB, non-interlaced","md5":"b683a97b9ddd7080f5d85e7040b9f3b6","sha1":"1f9d89d52382acb25dbd7d80dc76ed64e2863b46","sha256":"c857f9ca05d4c163171fdf75208856a8c58393bcceae770b189c9bb247de63dd","sha512":"1603b42495f9c3f5ec96a77cb3a7c3a55e9e08e0936576251e4c05b5039bac57482bb53713c67fe0fcb9469b2c9da524cd1a1f192a34f763c7fe4fda76edea23","ssdeep":"1536:YR3u/N0KPB1U/KTyuEG79Fbqy0MQNlFEE6JjbFaf+/+OtJTp6l9T5dGTTXmBc:u3hKPB1OKeuEG77qymNzaFs+LoT5dRc","tlshash":"a5830249145197390e9fc604cbc336494c698eee3e6d19cf32afca53d309ed6ba17628","first_seen":"2025-11-13T07:06:38.804664Z","last_seen":"2026-03-16T00:02:33.329667Z","times_seen":366,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F2%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=517","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F2%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=517 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:03 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/DE.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/DE.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rYv3qoQR7dpcOtR%2FWDnpBUN6C8T1QVzzXePae3lT82RbeaNslrEwey8dVebrMk6tp8Mb1cQ%2BHN1L4Di2giY%2FY0YXVUjoLPbuJsdJ7A%3D%3D\"}]}\r\netag: W/\"6836f090-387\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32ccb1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":903,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7384654421480ca37128052e4311e1a1","sha1":"810f56d4adcf26b58b8b08448011148fd0ca041d","sha256":"549467715e963cd510a1221487f8973180c9663b4fab907a5bee6b452a5caeaf","sha512":"235c2b7b99d5da295ac635a431d5fb0fd8c13969dbe97d2e0311587ee9c17a229f315899976f6e8b7d31c70aea5d0af64cd45a04e6ff8da1b8626b7375098e79","ssdeep":"","tlshash":"e7118ca495474c2f6830ebb0db38e76f133243b05fd1e594a32b356f301a14315c5ad8","first_seen":"2025-07-29T23:13:50.455695Z","last_seen":"2026-05-26T09:02:56.896518Z","times_seen":154,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/TR.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/TR.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GbmzR%2BG%2BYzb7lVYZT3xqpj79UcK9gwi3YBbdwaGlB9gbHRgJ%2BYutnAG1%2BGeZui0i0m25anQYn7E2EZP6BErEp89zvGXs%2FSDwUm914g%3D%3D\"}]}\r\netag: W/\"6836f090-658\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cd71ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1624,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d4c65e9795a4f069f5c2f099f8e6dbed","sha1":"5251852d61cd180c126c45e480f9519519ac91f6","sha256":"aaa8f1421ca044baeb7f917c579eb293d5efa61e93770fb031b195f6a2eeeffb","sha512":"efd0ea941b3ca57d3d1ae53893d8eb43e38e3f2643b4e8a1c09fae08b2818922e1b42553ecb283cace1965ec3e57a2b7b3d22723d1a4ef7309fb96af1b1508e2","ssdeep":"","tlshash":"323133d4e3079c6e5ca0a6b0cb342f6e373503a46ea0e5d8e31b366f704288251c46d4","first_seen":"2025-07-29T23:13:50.443193Z","last_seen":"2026-05-26T09:02:56.860876Z","times_seen":153,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","date":"2026-01-06T21:50:02.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42555\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 06 Jan 2026 09:30:09 GMT\r\nexpires: Wed, 06 Jan 2027 09:30:09 GMT\r\ncache-control: public, max-age=31536000\r\nage: 44393\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83364,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1e1e7ef5663f5b92b4516b94446dde2c","sha1":"e986dbaced4170ab6fd5852aa806ba6ed1e8cc14","sha256":"f71a14f41c5875c258dcece1dddf55d50a26b8e5bfb626ea07b948551f40fcad","sha512":"5ef4991a1755e9cdc4d2497050219de08745fb473b7d945f52abf572ae921472a64cba48a5bcd590a0ed63f3f4ae9c456d77db584b8637b65b03a5b45fe5c7f8","ssdeep":"1536:1fGNbFoZJSUYOOaLnAW8+IcTOImIdthXwW5l1Dx7:1GRFauOxLA/+IcTOuLX1","tlshash":"dc838e7338513b39fc2b9b616186b9edf21cc423e5514bfab5497a20c3db19a8253b07","first_seen":"2025-12-11T19:34:34.541785Z","last_seen":"2026-05-20T08:12:38.508345Z","times_seen":44151,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026bft=0dAFcWeA5avpm1ZGxWZiYHhvxSvbQbDsNZs5s_EbSLThSD8o-BWTp5yv2CI9_06QcJEauo5dVhOQyEHMp0WbKCsp2xZG35YSB78g","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026bft=0dAFcWeA5avpm1ZGxWZiYHhvxSvbQbDsNZs5s_EbSLThSD8o-BWTp5yv2CI9_06QcJEauo5dVhOQyEHMp0WbKCsp2xZG35YSB78g HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 06 Jan 2026 21:50:03 GMT\r\ncontent-security-policy: script-src 'nonce-3ky-yrNJM3WiSLCcOqdKXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17035,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (1572)","md5":"a7239329d14f64f219191297785d7ab8","sha1":"fa34a31011f04948a0557c5ba86d1ed6415b0d57","sha256":"32e9ab2d42a2f970719edd4ae7d1ee69553017aafd97313ba41903eff9864930","sha512":"a0c75e04a2715a35a3e10fac74329e678e85b3013d573ebf75f4037c488df6ffe7439179b195fb92cd82c3aac7234cf89afa190791a530eca20c334ea040af0f","ssdeep":"384:EjfZjYjnjbjyEj/qY4WjgjAjzjfCjPjwjkjy7j/qY49jXj3j/jfmjDjUjAjyXj/p:EFkD/OE/hkc3+bsIO7/KbzbK3YcOX/+o","tlshash":"da720f50041744009b835ce223ce7f30fe0e92517142d0b1abfdab6beedbda6926939d","first_seen":"2026-01-06T21:50:39.835951Z","last_seen":"2026-01-06T21:50:39.835951Z","times_seen":1,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":30,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/aclib.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /js/aclib.js HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Tue, 06 Jan 2026 21:25:01 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NIfANUcpM3a8h8ae4dB46QGt4J05AfQpVga00WQFFI6jLC0nTCuw%2BbhBoDzd8Oo1a6TQlVyWLJAB8jzk0YMJpNlWmAHhJDbrTwdEeQ%3D%3D\"}]}\r\netag: W/\"695d7dad-956cc\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db33cf01ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":612044,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3ecdf7558b1e3635c6c548fc10da8584","sha1":"e7c7c1884d9c285b850992cda29ecdd97a8fb113","sha256":"2e28db747c7f19fefe9e1147840ca17d00df66ca117d6e91dae42abd7a9cf8f5","sha512":"df24c92efc3125e552f2518ac1f427e55c2a8cd2d4673404e852d0ec5941e9153381279a67a48b6c0b38eff019e3405fe563c03911cdbdbdaff0bea958bcf8de","ssdeep":"12288:sdqeHntKnhYZiahM40lN0R5Jr9OnaYuqFFObnpe9AUTpKWZVfmuenM5xkr:sHtbhM40/0RRIZDFObnpe9AUTpKWZVar","tlshash":"b0d4501837844586371b4ebb773fa5d1e40b38da7609488ff6087c65a1965a3fbe8332","first_seen":"2026-01-06T21:50:39.836797Z","last_seen":"2026-01-06T21:50:39.836797Z","times_seen":1,"resource_available":true,"data":null}},"time_used":304,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\ncontent-security-policy: script-src 'nonce-zX0VNPO7YcnOqcuyAljqzw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92709,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (47233)","md5":"b635676f6ad361bee941de266ba88fae","sha1":"24064eb709aa0f221fa18931efb532d26afc1d3b","sha256":"40a2b6088359027d30a1085091b697e85e077a891122fd3b65df196644006c09","sha512":"62c6c76a06e17e3dd3a2c3000b82d36aab23d7393ba7732212ad3be84bad5717361f8dc314cba20f094dcb54ef3e2d210ed6490c24ff8dfa86b11cfefa6c865e","ssdeep":"1536:y+krvaRySRUnYQ9PJhopNMpRMg2wZBMs16JluqZ+DrhODWv8U:y+krSAhJS82oGa0luMIUWv8U","tlshash":"ba93bf2645037486dfabcd9017c9afb4f63d9205710280a917ff07c3aeabdd6927829c","first_seen":"2026-01-06T21:50:39.837668Z","last_seen":"2026-01-06T21:50:39.837668Z","times_seen":1,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/2/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:02 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Sep 2025 08:17:34 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9jElrYj89fCsymd6TVGyW%2FrHeQswD7oU7gOSVOLk%2FdThUmepfk6MSz7DLZcdGg6T0uYHGYU8phmFN4qD7lhu7hxGlCQtRb1RxTW4%2Beh2hEQ%3D\"}]}\r\nage: 4071071\r\ncf-cache-status: HIT\r\netag: W/\"68ba9c9e-149a0\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6dc3ff6b0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-05-26T17:41:46.200863Z","times_seen":11689,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/fonts/Montserrat-italic-100_900-latin.woff2?v=f50575a4","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /fonts/Montserrat-italic-100_900-latin.woff2?v=f50575a4 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 39608\r\naccept-ranges: bytes\r\netag: \"687cf10a-9ab8\"\r\nlast-modified: Sun, 20 Jul 2025 13:37:14 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tfPegrapzuGjDGhMZpS2E%2BUMp2G8MHDbUZuoPBK%2FVD5rnv%2BUAFXbC577Ap%2FhqcChfFRfo795bskSijPabBGV2RcsSvpl8J0I3W8wqg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e6db31caf1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":39608,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 39608, version 1.0","md5":"7edcfc856660cb38268d12020c19f321","sha1":"2681c51f50575a41e511d9466905216b29ed6c60","sha256":"96a874a36a161a53381e9c5b16dcc188a04da68d463130aaf505c0f08de38782","sha512":"ca7f075f61865b369cb7391113f48038648725b36c7c3b3578d910c0c154b5996788fb0fe56a2b4cb990e1ea54fd715d84d5ceedd539e3b98cb3ab3ab59487e9","ssdeep":"768:XytJ5hkIjw+b89qwAs46QVT6v1G9iXW75Vt/y4biUT/60sZt020:At8f9qt16IwOnJf/60sL70","tlshash":"2003f103ad345b43a628cf7aa59d1b3a22fdc19e95ac18cc4f90181b30d2f780ed6b4d","first_seen":"2024-11-07T04:28:19.915413Z","last_seen":"2026-05-26T16:32:49.588392Z","times_seen":7700,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/css/font.css?v=0a8b5d7e","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /css/font.css?v=0a8b5d7e HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: text/css\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Fri, 01 Aug 2025 13:09:29 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rx9RthPdlN%2BSC%2BBlzwiBglB%2BDPY4M9HVp3GB0tTv%2Fkm6gq1MU3%2FmQ0uDA2CwJToUkbT%2Bdy6s5Q3QoF3CSAIoZK%2BMfh2%2F2RX21Tc%2Flg%3D%3D\"}]}\r\netag: W/\"688cbc89-1278\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db31cb51ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4728,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"96a1639b96bc5476cc810206d284e6bf","sha1":"5a89ae60a8b5d7e192910b9198a8e5090d6b396a","sha256":"b57df46ca0c0b565db06c45fae6aaba922935fbf547e5bc87bba40401a1d4942","sha512":"9ff17d39bc6df801677abbb6d0df0ad05a0b6747204eac960ae7549c5f48c942cfb324f2a2f78bc0aa62fc0dfc7db99b67d6fe9f102bd5cbfa354d8040a3da20","ssdeep":"96:aOWGNqOLLNqOxTdNqOC+NIOYg4aSwOYg4a4FZPOYg4aEJc+uNOYg4apNDOO4a1w2:y2butySwyAyAgyF1klrU3","tlshash":"6fa1cc402ceba118ea430cd627ce3f22ee0c9569301dd6663bfd2890bdd6d69537175d","first_seen":"2025-08-02T19:59:03.289404Z","last_seen":"2026-01-29T23:03:00.342749Z","times_seen":122,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Logo/ad1b3.png","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /Logo/ad1b3.png HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/png\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\naccess-control-allow-headers: Content-Type, X-Requested-With, Origin, Referer, User-Agent\r\naccess-control-allow-methods: HEAD, GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate\r\ncritical-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npermissions-policy: ch-ua=(self),ch-ua-platform=(self),ch-ua-platform-version=(self),ch-ua-full-version=(self),ch-ua-full-version-list=(self),ch-ua-mobile=(self),ch-ua-model=(self)\r\npragma: no-cache\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OilCdxO%2FXcqKAtRbe5LvG4l88uuc3APgxpVZyVBkBtw%2BGQ0Kj6es0J3QcXb4IV8V8%2B23qCLCpIphva4EyBmUNPssMq%2FnJ%2BUXTmhJ4A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e6db32cc81ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9356,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 104 x 120, 8-bit/color RGB, non-interlaced","md5":"f4cd4c3862d6ae2b96ddc59cfe079a6b","sha1":"1b21ec0bc6563d8538be5988b0896a1b22ff5fa4","sha256":"ab0a2ebd4e9a2fc34f209a28cb3a93ceec29979993330ec41ec46edaf3fd997d","sha512":"ce9f51c98e29949b3d1eb8f4ff43c8eef8545ae874a127963b9e472b3db1fc83ebf8db3570065da22bdddcd1e4997e652e95e0a327d796313414434c4cc09202","ssdeep":"192:LSpKyeeOT+uhl0iSTVebxRKCuCcHE3cBNo5:+pKHhAebDKCok344","tlshash":"c812a0ec85e55efb8036f6d42605e39575b9f92b861311c60301ab0f63d08dbada1ace","first_seen":"2026-01-06T21:50:39.840036Z","last_seen":"2026-05-24T04:31:08.970439Z","times_seen":2,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/US.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/US.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xX9IUksh613xeNhum9rTIn9esb8GCLGcanI65qfN6ecXZ8Y5nF9MHbC4IIZizouucEyxQY%2BtAHJmwvq0ZCGwG%2Biu06XR43tO7sBSug%3D%3D\"}]}\r\netag: W/\"6836f090-4214\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cca1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16916,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bd7a269c1f2d303379effd5148b7a1f1","sha1":"d97c25ac8f4192186c05a8f16076060d46f39584","sha256":"0da5df39a3671e17743b71be3d2ee7cca3fc5cfa0e101e419c5a15ad03c03017","sha512":"7d4d6b1181d4d4dbfced6afc570ec4935e9f4d5e1b5438381324e30f937bb2f1a6052241386c9d7ad63a856d6c5305d7732c1db4320f5e451a86bf107586dcf0","ssdeep":"384:uPGKabK1eVK6TK3gKGrIKO3pKEIKrIK/IKoIK3XIKN6IK5IK4rIKOrpKIIK7IK0t:nKiKcKaKQKtK+KLK8KgK/K3YKNZKyKra","tlshash":"f572e2c9576840c478f239e8f8a062817a71d7f58fe9e9c4e15d641bf0cb8a31a1dee4","first_seen":"2023-10-26T06:29:18Z","last_seen":"2026-05-26T09:02:56.855158Z","times_seen":158,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/pdc.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /pdc.html HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\naccess-control-allow-headers: Content-Type, X-Requested-With, Origin, Referer, User-Agent\r\naccess-control-allow-methods: HEAD, GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate\r\ncritical-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npermissions-policy: ch-ua=(self),ch-ua-platform=(self),ch-ua-platform-version=(self),ch-ua-full-version=(self),ch-ua-full-version-list=(self),ch-ua-mobile=(self),ch-ua-model=(self)\r\npragma: no-cache\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kq0wvQH9ZV5mxHJJ4OurX05Iuh%2FboULGzKpjbrEDcvj36sqcxL8pOMgGcvtxPMs4zxcwA8%2FddBw9lYGRQg3sq3koykUdir6su4EbIQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db33cf51ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":612044,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"3ecdf7558b1e3635c6c548fc10da8584","sha1":"e7c7c1884d9c285b850992cda29ecdd97a8fb113","sha256":"2e28db747c7f19fefe9e1147840ca17d00df66ca117d6e91dae42abd7a9cf8f5","sha512":"df24c92efc3125e552f2518ac1f427e55c2a8cd2d4673404e852d0ec5941e9153381279a67a48b6c0b38eff019e3405fe563c03911cdbdbdaff0bea958bcf8de","ssdeep":"12288:sdqeHntKnhYZiahM40lN0R5Jr9OnaYuqFFObnpe9AUTpKWZVfmuenM5xkr:sHtbhM40/0RRIZDFObnpe9AUTpKWZVar","tlshash":"b0d4501837844586371b4ebb773fa5d1e40b38da7609488ff6087c65a1965a3fbe8332","first_seen":"2026-01-06T21:50:39.836797Z","last_seen":"2026-01-06T21:50:39.836797Z","times_seen":1,"resource_available":true,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":232,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-creative1.com/sb/interstitial/utility/robot/2/index.html","fqdn":"cdn.show-creative1.com","domain":"show-creative1.com","tld":"com"},"ip":{"addr":"172.67.208.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-creative1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 05 Dec 2025 21:44:28 GMT","end":"Thu, 05 Mar 2026 22:42:58 GMT"},"fingerprint":{"sha1":"32:E8:D3:D8:57:3D:77:06:14:B5:AE:66:6B:E6:23:35:25:11:2C:25","sha256":"65:65:A6:2D:1D:7A:E9:EF:3F:02:AB:E8:2B:83:22:39:7B:1B:99:BB:3D:AE:E4:D2:5F:AB:C5:32:3B:21:23:C3"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/2/index.html HTTP/1.1\r\nHost: cdn.show-creative1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:02 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Sep 2025 08:17:29 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WzuqpAQTYPeLaQIacv52rVp2bBuV4IHCVz6dwF%2F75847KaE0wc0OQryeCsal87Fm0BR6RKqUgAMCzLNollk0PsGMsPZbbmKlcnevXiAu4L%2Flbia5aFI%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b9e6dbf9bf3dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":1611,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"d0f67672aba4445e15a632c310237d94","sha1":"f9b9e155f019ad61e491bf2b637fc16a6ca70836","sha256":"263f5514cafd6e199b7c686cb9359654c02295cf7870ccef3e2b688cd4be8391","sha512":"994828e8c43628bc08e99603a05c8b7cdf3e8963eb219313934a808ccff9e792083e10f75e5999c043bcdd381890df038f81624afe539dc618a2b4fc53a5a183","ssdeep":"","tlshash":"c131295919ecdf36108351a43bb02f7aa9849583c95a8441b27c4d508be7fc5cd5724b","first_seen":"2025-11-16T08:40:49.596967Z","last_seen":"2026-04-22T04:42:57.996173Z","times_seen":288,"resource_available":false,"data":null}},"time_used":524,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":488,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/CustomCSS/15270f2e1569eebc17aacde69f90aadb.css?v=1c272ea9","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /CustomCSS/15270f2e1569eebc17aacde69f90aadb.css?v=1c272ea9 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: text/css;charset=UTF-8\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\naccess-control-allow-headers: Content-Type, X-Requested-With, Origin, Referer, User-Agent\r\naccess-control-allow-methods: HEAD, GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store, must-revalidate\r\ncritical-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\nexpires: 0\r\npermissions-policy: ch-ua=(self),ch-ua-platform=(self),ch-ua-platform-version=(self),ch-ua-full-version=(self),ch-ua-full-version-list=(self),ch-ua-mobile=(self),ch-ua-model=(self)\r\npragma: no-cache\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QczJvMa1wb%2F2ymBLt1nczg1ClndTFnOrv3d7jcGCeSH5oA%2FoOgCp%2FY13pg6AdUpPCBtpeLUUoxoFhnNgOCnkeCaUrEJ1sZ1iTboVKA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db31cbe1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"724443990d37a24443ba5b6a32b8dc9a","sha1":"acffa4a7e070dda9c4dc161abb5bf2d89bba0a5e","sha256":"ce9210e77b3d1d54add1dff7b4d5a385caadddbd6c700662e9cad16e8387be9f","sha512":"6ae05233ab25471df0de05168fd0535dfd008c5e76d1325a7d348d97f8cd8a26cec3315b6157d6cca41fabfa6b96842014a559f566e6d76fdfe4c87a2a24b8b5","ssdeep":"","tlshash":"a58004040f54007dd0340c0d140d4531c505c0137455575d301f55f0f1d01374005410","first_seen":"2025-11-24T22:55:04.351072Z","last_seen":"2026-05-26T09:02:56.861934Z","times_seen":74,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/prototype.js?v=1c272ea9","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /js/prototype.js?v=1c272ea9 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=x0aTHnYtXpJAcqLI%2FjTXoeQK4OYZj3hkKr9RSLXpJTCofq%2F4DTy8axNDmHXyxAddq0Xgd3GUb6wIhz%2B5RdhrfdVt0igT0spIWCgYyQ%3D%3D\"}]}\r\netag: W/\"6836f090-30142\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db31cc01ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196930,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"543d229c2bcdef172115436fad5f90fc","sha1":"ba049ed40a1de289ebeff02ecdd06d672698529d","sha256":"03c8a691599b64d9271b7bd04de14b473745b9e115fa78bce6d5965577a6cded","sha512":"13cf02e295f0cc8e06d985a84737de486c8cc6525020fecfa303a62b0fb043383ecc644e83d259c4f48807a6bcd627271600a1d53b459c95a1aedf3a777e0587","ssdeep":"3072:uTGkmCjk9P/hWRg54hz7kvakB05JldluWX5IWlY2:zkG9P/hWdkB0vp","tlshash":"1a14209c7de36035961bf03e5a9f840cf27984171509ee50b89c86a46fb0d3856fafe8","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-01-29T23:03:00.310327Z","times_seen":576,"resource_available":true,"data":null}},"time_used":319,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":136,"receive":183,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/ES.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.222Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/ES.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kuxUPm5tVV%2Fe6tNMdwRRFYWPMt5BE6qnDH182ZbJQNutL18%2Fabr5alvrtosK9TeznriRGB8exd06BLLi225uvt3TulcoSIKB58T%2BQg%3D%3D\"}]}\r\netag: W/\"6836f090-17e6\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cd21ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6118,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3267fe8612b09a9a3811c5d8f37ebe47","sha1":"6db3801842b0fc999b55b61c04eee94743c24171","sha256":"566c28e58a523b8e85cbd40daa2d682456caee1eb1420bc47e383ad09e9e99d4","sha512":"0acd9b01a72b06ce2d8160767aa298a116bbb3ce0f9e8b832146e589d272497bdb3cc735a51b5c5680d423be8d0d972a83e5cb8b6f6ce05ca88f5c9a66974cfc","ssdeep":"96:kI+fKe2LDONqAAGPY58w1Vom9UBJxgmCsGdq+:u12SPYmhOVsGd","tlshash":"c2c11816e355ac99d7515f69c7b89be7123292c45bb18394831f722f3c07420b8ac7ed","first_seen":"2025-07-29T23:13:50.38681Z","last_seen":"2026-05-26T09:02:56.866389Z","times_seen":154,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"data.filecrypt.cc/api/script.js","fqdn":"data.filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"193.56.135.156","port":443,"asn":0,"as":"","country":"Iraq","country_code":"IQ"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"data.filecrypt.cc","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 17:10:40 GMT","end":"Wed, 11 Mar 2026 17:10:39 GMT"},"fingerprint":{"sha1":"13:2D:E2:2B:58:B9:B9:6F:16:F9:6A:02:37:2D:61:C6:37:C0:44:E0","sha256":"22:60:19:34:7F:B4:E3:AC:FE:06:BC:2F:D2:E2:5E:B0:9C:BF:AE:53:02:52:61:8F:7A:82:82:54:8B:25:BA:A0"}}},"request":{"raw":"GET /api/script.js HTTP/1.1\r\nHost: data.filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nCookie: lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 502 Bad Gateway\r\nalt-svc: h3=\":443\"; ma=2592000\r\nserver: Caddy\r\ncontent-length: 0\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/x-javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":364,"timings":{"blocked":143,"dns":49,"connect":62,"send":0,"wait":64,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"data.filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/PL.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/PL.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nAmr2iJBeR9fwOTFCUFqWQsPWiXVZg8HElCy%2BB5CabcG0f%2Bqte1%2BzfT7iQ6iI9HpFocjVYi5i0HdqxF1XyGa0nx%2FbBwV2N2wPBmx8w%3D%3D\"}]}\r\netag: W/\"6836f090-317\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cd41ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":791,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d630af012a96c51b6949897fe58f2b55","sha1":"2bfa6f74f6b35bb2652e4e119a9a828214179d60","sha256":"5a3e02cb7790abe6283077daf7672270b36682e5b71e6c440da153bb49b0c728","sha512":"9eb73b29904eb5023d93e0b21cf2dc1bd85fff09708f4efaf9a7ba43a45d0adff6cc6612f846e0f5fd7c506c310eb636064b02017304f2897ed448d36f188ed1","ssdeep":"","tlshash":"c601228495434c6a3870eab1eb78a6ae532203b45ed4e498732b356f341240215c55e8","first_seen":"2025-07-29T23:13:50.402623Z","last_seen":"2026-05-26T09:02:56.870024Z","times_seen":153,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/SK.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/SK.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K7qsOQy9yi%2BzDP78qYfbhmVTeH3sfWZvTXag1nnBdyX0TpcdCWuxJ9HKGF%2FotkgUGV4COBVtHLJBtSVuPEosvUg8W%2BvdNpFNP3%2Fhng%3D%3D\"}]}\r\netag: W/\"6836f090-994\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db33ce31ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2452,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"801bf80cd0996ae2f2256f5e68d4276d","sha1":"b05202cb73b77205b75af5d0229a5bed0f9b13bd","sha256":"4c6cc82ba58ce49c2607dbd5771015f559879fff3c49727afd6fa52261697bc4","sha512":"50a7184f8a904f6929c1e9eae6a5571e50f782b653b6030944e4dd2b8030fd1fc121b2e72f140b34c3e6c23d1385a19c8243c68b2f7c97dc36d0c6ea9417929d","ssdeep":"","tlshash":"725171e5d70b4c65ac81e6b0cfb437ee332542ae5fe0c698a36bb41b380708118e4ad1","first_seen":"2025-07-29T23:13:50.447922Z","last_seen":"2026-05-26T09:02:56.862743Z","times_seen":153,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/effects.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.552Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /js/scriptaculous/effects.js HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j8qsSeI8cWPyQggceCE9FdAgcgt8cVhH9UpDbo0q5LBN0%2FJOgl7Yt%2ByL%2F6yG5RTg8bInrCYPqzeTa%2B6708YjFtaV8h%2FNbNnp%2BgAQbA%3D%3D\"}]}\r\netag: W/\"6836f090-9647\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db57f461ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38471,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"0dea24894889a4c537e1a451a35f03ca","sha1":"f72e2ee2019cbaceff0b7fda89ebac9faa7c5b6d","sha256":"055be203cf7225e94dec4a5f72ba1f469a499ac78c24d9366705c1099de812d0","sha512":"c532fb6dc13525a9ece1b5be74cdd3cd03335865778bcafc012e4e7d7b6332384a75c99245dc8e17d48f3cb9461faed6a9188bb0c673b35e69fb4202ba0c6c22","ssdeep":"768:xm8eUKDmvw8ulXZwb4Clh2Z4yrABSKQ4l89eqIG3V6e:xm/UKDmylJRqhSNr4Sp4C9CG3V1","tlshash":"a903540d3ae7242580dbf06e595b490cb2394107150add64b89e82e58ffee3825f7fe9","first_seen":"2023-03-07T01:03:08Z","last_seen":"2026-05-26T09:02:56.894185Z","times_seen":1201,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/container.js?v=832a4247\u00269823982","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /js/container.js?v=832a4247\u00269823982 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WZxv9%2BsVGwtnn7GytEUPXtAYmkLnD%2BEElDDtNT7hBClTV9B99Du9N6hLiTSgEeKSi6BSgCrqBQHjhUkWX1y%2F2t8HGwLkygAi9s716w%3D%3D\"}]}\r\netag: W/\"6836f090-1b5c\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cc51ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7004,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"6a17bab6786adc39007740e0af2df881","sha1":"300ebf7832a4247bcb35e71c81b6af9637306c0e","sha256":"818ce9cd6d2a19fdd46620f7a74973743e0d3f80f044e7ff0fa370d62c1900f9","sha512":"738850b90575c80e42873013ffb29337b0b85e46122f5a41040eac606708330a763475876329ea663193af253769356c13879c1d7a88b046368161e95ae0b154","ssdeep":"192:5z4NhhgTc1iBPQE25BOyBQNVe7AaqTl81FcyxoDxAklF:l4kAnkeQl8HM","tlshash":"3ee152aab8eb0111512bb4396faf31143b12e627100ade107f6d47915fe0a3665a97fc","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-05-26T09:02:56.849445Z","times_seen":506,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"data.filecrypt.cc/api/script.js","fqdn":"data.filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"193.56.135.156","port":443,"asn":0,"as":"","country":"Iraq","country_code":"IQ"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"data.filecrypt.cc","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 11 Dec 2025 17:10:40 GMT","end":"Wed, 11 Mar 2026 17:10:39 GMT"},"fingerprint":{"sha1":"13:2D:E2:2B:58:B9:B9:6F:16:F9:6A:02:37:2D:61:C6:37:C0:44:E0","sha256":"22:60:19:34:7F:B4:E3:AC:FE:06:BC:2F:D2:E2:5E:B0:9C:BF:AE:53:02:52:61:8F:7A:82:82:54:8B:25:BA:A0"}}},"request":{"raw":"GET /api/script.js HTTP/1.1\r\nHost: data.filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nCookie: lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 502 Bad Gateway\r\nalt-svc: h3=\":443\"; ma=2592000\r\nserver: Caddy\r\ncontent-length: 0\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":[{"name":"Caddy","description":"","website":"https://caddyserver.com","common_platform_enumeration":"cpe:2.3:a:caddyserver:caddy:*:*:*:*:*:*:*:*","icon":"caddy.svg","categories":["Web servers"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/x-javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":76,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"data.filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho","date":"2026-01-06T21:50:02.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 362552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 06 Jan 2026 09:14:45 GMT\r\nexpires: Wed, 06 Jan 2027 09:14:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 45317\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849529,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-05-17T14:57:40.198546Z","times_seen":49448,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=63921d76617cd6f9a05f4abb537a9c2f\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=21","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 22:13:33 GMT","end":"Sat, 28 Mar 2026 22:13:32 GMT"},"fingerprint":{"sha1":"A3:08:82:4A:9A:ED:6E:4C:29:FC:10:0D:1D:8F:8B:68:0E:D0:49:72","sha256":"B4:01:36:5D:F9:70:75:BF:F6:56:67:76:BB:CC:A2:D3:BA:69:61:33:56:FC:C7:21:69:6E:04:BE:95:D7:B2:F5"}}},"request":{"raw":"GET /pxf.gif?uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=63921d76617cd6f9a05f4abb537a9c2f\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=21 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:03 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aad12aa7fcfe066e94fc80914725dc7d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":667,"timings":{"blocked":283,"dns":1,"connect":91,"send":0,"wait":101,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/css/darkmatter.css?v=3f5d9f0e","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /css/darkmatter.css?v=3f5d9f0e HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: text/css\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Sun, 27 Jul 2025 16:51:00 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1t7rO9FKh4P0qB37oV34kJGcwSSWGOjvA5BU%2FsRPfMyTsvWH2T8x0ipILEGrS%2BNVQ0efbvrGm%2B5aEWUtlH7SWjD%2BOBESjI7A1AdsOw%3D%3D\"}]}\r\netag: W/\"688658f4-c6756\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db31cb71ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":812886,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (62959), with CRLF line terminators","md5":"1e16b3b733c6dba2a3cf2d5f77f0665f","sha1":"e63b7473f5d9f0eb5c8f74b2248dd211f2ef0c08","sha256":"d3456bf43571af1c2873d408e4c0a640691b56beb51e38f40ce67051e1ffefcb","sha512":"51d28fc77844febba3c3a477f82072d40c464a35f836d6fe7645b5c8ea768d50b40566bee5534f6e82ca425f0835d5eab8824d2ef6448a27ce40754d58d1d839","ssdeep":"24576:BFqab14ywtcaE9uplw63tzXWYFckPT8imVgiE:vDbo2U3q/BVrE","tlshash":"8c0523a5891779ce5e10312c227a270a2a787ff9c0d999a673435cc6abdb237401fc7d","first_seen":"2025-08-02T20:14:12.182217Z","last_seen":"2026-01-29T21:10:54.69726Z","times_seen":25,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":236,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/NL.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/NL.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4nJAQ40pmzo11LellTJFrC558ekwZGWZDOykI9h8VWLsCwE5P5vh%2BDwkVj5YtEGL2fP%2BXxP07OFx%2BtlFXfHmJvusH9P4W0RRVKyAzA%3D%3D\"}]}\r\netag: W/\"6836f090-387\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cd51ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":903,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2bf98396a7c46cccc7db802d5f36994f","sha1":"dd5739ade2342421367a3211acf31f2194d891c5","sha256":"9d73ec1c9963fc5a91812964732a38a1411d2945063715a22193a73b3d5647d7","sha512":"31b8f9d8f2753bc150c1dccc2e27230834ff530a11b2ba46afebeb90dd568eb5b70795002ca17ed6c2bd0f4e95131dfb9131ae452e593c70b396df4d9e44b38c","ssdeep":"","tlshash":"6a118ca495435c2b6830ebf0db74e76e133243b05fd5e598a36b356f301a54305c5ad8","first_seen":"2025-07-29T23:13:50.418498Z","last_seen":"2026-05-26T09:02:56.865554Z","times_seen":153,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/SV.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.230Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/SV.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CFqCv1dG1DUkhZUOPDUR8iFJGkRk67yyIcpL8RxkB97ty8dUjreFESC0s%2FZijHgESllHFvaC9N2DQOfKGUuaiA%2FAIYmeG2r1tDojsw%3D%3D\"}]}\r\netag: W/\"6836f090-3e18\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db33ce11ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15896,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2763a1b7913ba13aba0890b9ffc823f5","sha1":"19e1d5783215a9833a12c1ca8736955d24daaa1f","sha256":"b3a17b8c4b01f4f59a59aa3d7bdd23a639e9dea99f1e325082716c5faea98398","sha512":"d60fec73447d31128e9761075b062b7cb2fcace13a02a9bf73312ad984c70566e3093a348feffc96b98725907d71395273f3a59f93d0ce5e8bff888aa152f6c6","ssdeep":"384:uIfnPvU3Uw+WDPABWLZyA7K35JhZdw1v0e/aQpFK:HWDQyZycK35JhbKsL","tlshash":"d8625207873aead461d42764cf792be3323055eecb768a94832b742b7407d66684cfe4","first_seen":"2025-07-29T23:13:50.426864Z","last_seen":"2026-05-26T09:02:56.8572Z","times_seen":153,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":121,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:20 GMT","end":"Wed, 25 Feb 2026 15:57:19 GMT"},"fingerprint":{"sha1":"13:5B:80:5A:23:15:61:AE:98:37:1B:0A:3C:F6:E2:BD:63:8E:3B:D6","sha256":"22:03:24:94:F7:E3:5F:66:1B:39:CE:18:75:20:3D:01:AC:FE:93:AA:1A:73:8C:D5:34:98:AB:2B:E5:19:37:12"}}},"request":{"raw":"GET /recaptcha/api.js HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Tue, 06 Jan 2026 21:50:00 GMT\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1017,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1017), with no line terminators","md5":"b57455c9a0032c8d67868882258a4a19","sha1":"017f1d5e957af25bc7ee498e8e6104da00835773","sha256":"1aa296f8312ecf0d0959f759affc2850e1ed52b321033a51355cc1f37fd5dc89","sha512":"24db4575be8e92cfb7b408e04e6bee7cc5257a22b46488a3f4e9a8dbc05f75c3f4a465fea59e4ea866c1a9f3afb145f50b60fb5969a61ef7c466d572a7197e57","ssdeep":"","tlshash":"581165731a04f0350b3209d1e1ffc7b5e482b01cf12845dca511ea842f79ccbce04589","first_seen":"2025-12-15T23:56:17.122996Z","last_seen":"2026-01-20T22:35:06.74886Z","times_seen":7485,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":68,"dns":0,"connect":8,"send":0,"wait":20,"receive":0,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/fonts/Montserrat-normal-100_900-latin.woff2","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /fonts/Montserrat-normal-100_900-latin.woff2 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/css/font.css?v=0a8b5d7e\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 37828\r\naccept-ranges: bytes\r\netag: \"687cf109-93c4\"\r\nlast-modified: Sun, 20 Jul 2025 13:37:13 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lD9q3CkPXcAF4rMzVU1vYrFsVEjTEgFKz3yHchE54EEYo9jm2U2ddQKiGwkL1Jo1M6QlEg1ICozJFmlNyOTFAJ%2FWCJjdZ5BiYLc%2BXA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e6db688821ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37828,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 37828, version 1.0","md5":"50b140b1e97d859d6d0603414f4298ee","sha1":"500e4872ee1ba9cf89f1ba626d64987b0f9ab5c9","sha256":"fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1","sha512":"55ef84e956a7943e3fc61a8a349e64e9f35b7dfc63402ab52b995f43a7cd4b1d2acd300126dcdd610d0b106af426848f998ccf154f712034422d242d6ad9130d","ssdeep":"768:TLreREud92B1C5buEpioxWe6O1ESHFnLQkbknuF1dcjI5djeBX:Tu68248oxWe6O19H1zwnubdk","tlshash":"a103e0d50dd6198aa53b3f7f467f0a3e1b12c429a57180f44a135fd32e169a7e910f84","first_seen":"2024-11-07T01:11:00.992427Z","last_seen":"2026-05-26T16:48:52.546062Z","times_seen":37968,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/cdn-cgi/challenge-platform/h/b/jsd/oneshot/88d68f5d5ea3/0.7813551886975957:1767733761:jtCqhmPXIEOCbIiAP-TkwAOZLAIcsJiOPXT2eeiYVsU/9b9e6db0dd945684","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/jsd/oneshot/88d68f5d5ea3/0.7813551886975957:1767733761:jtCqhmPXIEOCbIiAP-TkwAOZLAIcsJiOPXT2eeiYVsU/9b9e6db0dd945684 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12186\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US; dom3ic8zudi28v8lr6fgphwffqoz0j6c=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12186,"data":"prE2KfwbNkegwg3onMLs7Umes2eotgtzJQtslNkwLtWUQzp0EegwFQZ+2wlQgmtU+F2e4t+ucXCtB0cWCtQcf2tejteAiQ+leVo64uebVBQose$P4d98ZhatwEhHyqwwuNtum+$-bteOSCyfJvtI7R6JJHEw-iI2NAtA1wbyQ1ETQuEGmtkf7RnM-MBtt$T7U5VMFvdmyANB2t3GstO2NC1fotcFWk0Cwpd18QPo1jDXniPF2tg$stZzSu+LpUrSltXtPUGXBHvttJTEM2sfttHhhsAfwcE2wHP4rfvDuUEF2tC$12P7B5bHgD3ubZEtJJrQspB12teNpNo+swm4cm4VmEtbg+tIFmxEtQWwqPyi7NkEt$VhkWhDfj4$0f$SsHfgOhyGSo+USANobWsOhUh2tQUOtQtsyJusvFstsVBiBhRoCbtNCiBJXfAOCn+U$1DHOUyHft4ENxeEQOFOVvdnr2VV2tgjGaiIjm$uzy-8HM3$Wp87GEGnE03IGh4MteQs3TgfjBEAB1bstwyN0wvTuKj5R429OmVn2aW8uIlW4oD4jlV78tyqo6+V2UGSr0ol8XCWxzTafHV2tbBGNSPWPiWqFWsiGEADyE-VpjFXp5t3BQm38JxxrEf7$geW7DGH2Jx25aWtAZuBfvlKiRBSNH1LD85Zrovm$psv9T8jDrwH4Jr$LZr2pt7d6$44LwT$OoUzvaGRTfSm7EVcw6giojeG$mo5$SSULNf5Fqh$zCOhNFBa$SkE4z8DrdI2GNQZEteHXQfZNBeHpsaNhnuxhLxm2$49ipw2Noea4Nrv5Nh8aL$Q77hV7oif7Hf0UHeEm2WntMB5ZlTegAb4tkwuvaT7mvfNNo+BH7sBwRplatptQO2p7l+CbEsulw7ssa2pkEaNQECCdh2LabntZQfJNXUs9GENhwNGNf7jSO5QQoNX4REhHeR0xGixbK4dsEac7SoeCQjqB6Zg9TcplGe5QS+yTIWTw1XJIQrJkshbkSEap106zXCEd+W7kI2hdQHwD1kQPeB2$WrzxGe+K2gJ+tWlzjAWQKhWkdOMEo6xLBrdOLEjkWXB0GCgb7NK5pszwcpRKjFWgBwcej3T96R0e41+5s6tpUs+p3q+tEL+Z-oN3ZEQElmEHexJsLagkjUwIK2S4lqefIEqmmU2-emGkplyUM+lrAQJs+K5NjdZ9QB7I6KR-4+DBqyb7saw2JNznbqm-NAOWZNAis602k+7kfQ7pIuosQ3s3KdhG4SlVQZb22ccEXQ$co5HrImwksDkhuintN+mcta1IASyuwpJPw2jg-1HntaNLnjmuceNkhnpG51LnMba2TjNKLX-V2VZhxE31jEX2nZp81R$PwNwEowLQT3SrpJTeijFBe5ZfBP54fIPxQzEtTi-8h5teyf2zkUg2eUOhQe24HQQl223PU4NfTmyfhjmBSD8PUX55I36kQQxRrte6tV7mBcU-Ox2E9kJDFaHJDxTJJvfGu+hC3srsWcFIoZ-BL+2nCulOr60R$RwTDCIm3REgqeq5NFcQ9D6LD2jqTqZtroMe6NtW66smeMw2Z2IAIvdRLLicGaH4sNeg-4wWztDwEwLMAttX2rwHekjMutIgKlbuF5VN0flyoBXSG1NKVdttA3lQsejDNXQxtSJ2vgbe+pENlwavacjF1BHWbkaaweXCM3M4HJXOM+7m6IAlsaSCxn+h2j4xhfdN+CEs+sSe9h5pQNF6s6xsmdhHgoelOwc$PNgFbOiF1Ujg1ONEMuqukFH4b6TeVuaCjKuRWJIu0TmB5egk+Ao8sLN40l4NCQrCbN14fOfw4NCmCx4$FWjiJBgfXtxQle7CCsw-4cAsoGGe4hkJp7SwfegkrsxcWQI7us1wUett6KyTCmfGjltX++0tA$+eR1NkVVbmfvnfdQgtzttoQ8RaQ$78sR18+cGGs2x2iz5nJ7B72s2XK8CFTFwc4wD2VtANzK$0xomTBJGS6ty1rrJJyAxL2Xu3z74yinBVe1Ix2waE84Q0tQ1XN8fEerc0cFTEtpEfQxejI7SmQm1CAC+PlG0XtpUbz-A-wbUxVQ4AD7rE1cNfeWaOI7X2D1m3EXsR21GghOOAXU44v2nAx8Makqsk7IdsT$gEA5GteGh8$d+DEqUyarVTJC2tWHgx$zpcGBIcCotW2Su5tgd4Na-BUA-vORiGK-SBB$gPvd9WWXQDfV$GhjQx4Q5KxG-Bbg8N742SQEQRXQLh4Q0E-+DBA0b3Nv3$ALsly2Q597ysJc2DXAW1ejseKJqU-osHzmXIHsU6hi3HNnS7tBuMLE4CobkEJgGb9hicgtFg1ZNm1IkfnfcbwnfGfENsbahLWGch21WTk22ag4kbCpu$WzGnjbE6-DKnyfzKWjXm4T8WMgmJoBVKtux-9JT$z-N7BGh4QgllshdE+2utwRomUmleNj8blW4zkQS0kzCEwT81VQyOAOq4W5cs0nfTTN11qcUSlz4CoWfuacPXgF3stygppxHBvnbgm7+1-gGLO5rVGk1eBQm4kc34t3PyBt4nKyZg1tZ3lQi$jvaBNxNf2RHuatpSRHoVtsrO+coa$rBlLlqU38QA1HWkWdC4VgoXgUbpqUcxtQ+EAd4ZCtC1QEHZaUvsfBMPLJo0yaIRLmhc-wsFZm4SjawHymAppVtG8ZDF4n-FaqmK1tIGORgUwAk1HtHyMhgR8zszwXUrMOnG8M6JQNNwHq-J$RC51vf+T3+788g6JhvLlHTMjkwQvuztgKrWEdNxE4a7bAp4nvKPtjhMBGwnIiW4lNh4dO8VjJ0malHM1mG$8aaoOkOrtwxEMANAifbE8ojQUEwLyTwoexj-nyf$0OX1u7rWnz8kHI$6+WpBf2j4opGUJZQZACQ4ISDlxayZiwCSp978VS4kl8hzI4UwNre2dMeQpglatgnS8dZrL29hAQ$RgalRau48oJWxIoONQCIJ5mf-MzLx88ATXJnQZQaNbPkKmkhQkL9BNByttnR2sakjlp6b-DxFzk8cDsy-tyT+viaUMu7WCAToruD7vsPRoofty9E6G93BIMTNyu0jX4maxoge3LKVLAEXjlt+qG0ABNkdlcDQGoFgUC2anDCW3gw4FMM6RlMlUV+XkKV9JVhlawvk5xhahIFkPe73AbgaaK6TmuQ4TNTbgCdaGQ+-b1tp-O2AJCaSGcc8z4+ok7bLdr57hikLMgGVa$NIH6+7xhvaQgcwNVBpKOKiMhPJBS9O9lMHiGQIKxtVO7wJiQ2SnXBuqEfIE0msl4ecT7g-FboU4iagdFxlGTPNJ$vVZbVdw2EaiqZJGfnq0n0FPLJ7BPrQtVm4OpMC+L8dV$wSs+e2i0WXl0cA7SC-PG0hhcSDU2MI0LxoE-QZ7HnBw0MNtwVDpW82eX2QjIcQXE1PkPKaerXMZV8vxyUCyRQfNvTixER8U5SV720RFClkQJTteQQiQgT5tHUCv2eQB5Ktegj$IJhojybVkvdnOJ2iMCJrQV+8GtbkQ2-tlEmV6xR5Rn7yzsjyabDlhlVn8nGw7CXyFEmntw0xs8Oy2SGJ-J++ll2S7bLfFs$g1yoR2nFsBlXvp+hSifENrwqixEX2Utd4EAciUJNEx$S$BNjtJJEfhHDxUHglatjgEsZ2lEoizkGiy$bJx26tFk6xdwE5SV8n5w9wxgmwUiWwkwgVNfs8ovyaes$cmly+py4adS75AicyMkbEdi+flxx4SC9xMgQi8oGAdQ1mQirEqCztf+3VjvTkWv54E5zAVx1Cg4S$F5wfUkkEQHkR2i-CrvDHdaG8liNwqcGauwNRatgaxEbViC+or1giliW1F8ku7$XQCsTkztvt2uAcb1AVinhodaZaFAPaEtUNQmRfQno$ME-12HjaLxJrhl0n++zNZ$BlC8EuPRVHDghgOtBvLirAdv4cKJNShfoJmlQvGV+v1+mEBt+yTk5ysiSCSmpJTuE5zsk234nwny3tJyFiDQf53HCuesiym75ntAGbIN723vAxgbCHtymEpg283VglH2SCqcRwEv5+qHU7PcdNEEdy3V+58s2mOuKvy29ux8p+Gtda9xqx282i+vUkvlhtx24kF82iy$FQp+Mkwuy$XcQEwuiC1icR97N8vCARL2ablwSE$AO4-+672Gat-t7RKuI4mEw1L2mmqcFNPy22FNLNZkBymG3+41R2PlsgqVMV6EJbzthtBlUCXNqc9J5rVxvwdo1AmVQnAvztnvDQs8o$o7Z7SCmmI26vQEqHzNnrV+vtm4H2tSs2UN1lb8qGGtP1wiTtKVIlObMkGiiCFN3lTt8VhusSeGM7Q8mMlu9cCMgGQnLszt3t8Mj8zJsa97$5jb1nPlr+i8hla89loiUktk9Got4bb20RUMJ53aocxv17lxm-DxQif$ztfihJzsJNQEJ8oM$crs-4pvoxdMbAf7g78sKly+r+p-rJInVacVk15cpy44LiCMKiTnqNhcLls8cJm2UMEG6-$wQE2u-GNEKyy2A7MNPlvtZv+AusNwpw4n9-c1ni2w6-MEFtcreQe19-Xvevjjr+O1Fg7cGMl4jMARWMQ4g-1m1ky275o$vSu2XQ1mnVdN1aj1-g0SQSc-ojWiQjVuyc$V0RD$h48uzsSTptIt82HGcc37kR24mSHtOCjC2iSjNwd+lxP1fT+ljbEaI+oaHgjbQ-vJEtmmWtOkBTqvV$UtevSTq87Cxu3tS-$77CwvBHXkQcGvpbbRyghSF7OjE7Kw5f+E$bqnwuMy9+JMrcMwccgM3V2nkEjxPt3xni-+b4Ls3lblv2-ihViJU$DvP2QazM+4KxvTDSqckydAK4bR-5KWUVjfLxIvPTHcys0nHtSi+NJTxE9iQ7ffv2HuzamEGRy++AGa5C3VOTTGwSEA8oiEO2ztXnb2CwJAxgs8t0LAmmblJbyn++61SC8sjtCj24b-tA4gssoRD$pgxM2HJy6uaH4tyW1+n5w7pRZl8sQCN+vtd15As8$sTsBtFjN+BWHJ2+hy+szjl7esTvcGrWccQTRu9-iCUMtnJWNwP1NQEsR7JWjb2veg3p5WS1fSIyKp$g4c1A1JP1NSt2IytWU-u0lE$g2utrHv82Spo$EldVSWyCDyxGt+Z17CSmisC$DjoNlb7C1psTe7LxhWinCkhc9A2+mpIx5sLxL2k+e8BAeHatavXkLTdHJ0o1e3daVMH3GNOllcPil-67j0jbo$VJ$gUjwjo$mW$uGHQii8x2y2N-jpq1Ev6vQVptm2El+lF08sGQn0O01maVD51m77-boRiGEj3V8sJ13jT1CkKtQuccw-yc3Vtl2nlnatta7M8vlMlu72ouDHD$ebBlx0zN3Qzg7-R0GVe$yJD7WwP1s8ICZb9Vy18s$Atn-5GaCpxHypoGy7kjnyDyEsxW3tBnilyHoMQgyjaGU5mf2RnWgWWaXkfWlALbS$PvV2S$D3KC7WXQwkqaGNNSNGGi-iJR64$MtikWMsDS$HHxo8I3+sUmFmd7k7lJNEkw0trAWbBSy20Rx1cV9iN1iaBG6vzka3Fli1UGMAN7wj67Ky+EDGc8+AXDjHQVDypiHJ40lMqc0XckglOb60u0WedQSmbX1jQio7b2-N6xZTmm$b5cOl8+3b-5Zlgc5+UvoR1u-5p1Ubziz1n7MkF3Qav2nJrhig0tRaBWDy+-3tSp9J1+qJngC7n+k49-ciQ727oRFsFsZlNV$gGiXXHknNrkR26hbH0H6-mEG7oE3Vy$L0x2oJBSUCwu2niE+Cro5hwDEtsX3QLiShL2JbUkIcWa+svl+nv8daDh3lNEt$T3t7LfoRUMUuOsqMEe8pA3GNiCHX0psMAWwpDphpNcuXHs82H2bVGTL4lMshSNjwMWE0L8hvdAX5$iFALA8MMME4qjr4JbmRs8b4N4wfuyy$2pX5wu4Mj-1+EU42i2HT8GL4V+htS73jiCMEi09-7+fRTtGSslKarDCk$gGa+N9cGa4XShiM8s9nHHC5FMn1UkGidX-5CaKQHaj2ubeMpwjtDwIlnAHNk2mg6b6TA+IVBhmMdGwX-VnrLQhUWVK2t49-6whE7DIxOtva6p9chXSCPvTjwjhDuJVnygPymlchIEbusT2yzk$uCyHeQhjUb2WUoUl-nps2oX72PT3T6B7c23CSJSSjKT-5ZXOXMkCKs8O1HJ3jb4roqUpyv2ge-tfDbbvG0G1GDjWWLKpXQnOK3jD$-eu3ITC5NbQbhBC5mf3iO+82s8D$1XWnsvdpwpyFl3wnCT-X98JW-$Fss8J$kcbcE2sUNWXQ$+f5WMpBnizkOya$ow4GBpHiWwNSelBlBwshusZQDGAHwGcXSCuBestWMHUTPXmM11wXxhGXUp1GW-es1n1+CGZne5h12UhANAnU6jo40MMEgHicDMmMQTteippdZw3iWuU3O$wylRMkKDv$jSE21h72L3bwGpE2ss5H3VRG0thiPTcHmEKA-4O+Ut$HZQTeFQXlZWVnPl13nDkE$h8dBlLcEX071XpKf3GBUt32zMWd3cIsEsLxSEEpIAz2N3EdHJUaQBDTpvV20UneyeFg4e0R2VKJZybMQHu2kl7260GiKeHJ4XDe8Lv$9BfVLpRdJSE3kZ7XMbs-e3o$23s2bM-4Vx6cRARfPxyul89X6pzT3thcudRammgHPxV7w$pcjDRFpU6-1M2aPTuvDA4dRLbVKAa2GicJatmfBbSlwhIwXJ1G3GIuwnKJsh$c4zmbO-bMhoynUsQyLQcBRjMi0hBt+WLwXdTLVZ5R1W7CQULuBgT3ZheBP1CMs$E$JBJhgcuw+ZuhGVRXWGx3V45cbVPpgdPj-v-g-N9lsvx28DZB+sDJL$ck5s--T81+4TRVlK+Ul0Um5BGsu2KOT7GNyGDSi-hvQOPFEZFlSji4w4lFyDeZCjkGj-OJy0xcSc0A8dsUMExMg2yvuzlWN+QiQUqc9KUHpL+A1kilzkrKMj$XLlRCwX63t$mWVVbT9-9TNzqUO8qAIAHBCwZlHb+sIcixsTxhET75UMv29ejgN4PxAS7F215r3WS$uwqU3j-3ssqe2+Oh1Vm2qHWLcd815s0LpDkJegy$IFqyDcfjGBTa6K5fel7LiIpC2MAajCwXKVL2Te$pQ$-K$EUZOZLb7IGz-IXPENwnTFBleN0XR2sTkEXx$xQ9MinXQP+sX0R24aLVFG2jTh8vtr1XCPv41-9VNJrBHAnaQEbViidQgnnSoFPEASqfjGJzkiKjho2mhzTW4KG0Css8PM+gRG+2CGU4kH0RSmO2R2E+Px8DhZad5zZ8VzqxTWbfizvcV5K9Ttdat5z+ghRhy+fh9lwLbWBlOyqMMLqN$5M-eMBMC5hFGiUM4V1++Ju+FBQBn5oBsdlcUBoR6CtcC55jsI-+TwoGP11pL6I6X9Et$pIsCFZzFvOzZC7jE5phNZPRS$daQqEAPGcwNu8sWT+qS8Lp1pCM9nN9QJQO-C0z$UR2X1sauWSCR3KxTw+Gssc6LliAG1XZyUe6PrUN7XJRBQlKt812Zj6tzspi9aPRhjoUfHf+thjZ2jag3tLswBHLeurHkoCKGnQhBzk15uDtidoKj0PrCnwK$ZNbnaQ0N-1M4Vcc42s1sV1mkB2BWjT2CfXGWD7v2ieotRZEesTcmnlyWe12$1Xl1RGPeoJTe0L91Dtnl6nI4lMobk5R4teotkwq12wUf72bGZEIyNftPmn37nwwzxnyXEoUWJEgm7faCeS22cBC7nCxeFxegH2mitmakNf7pEWxOtQs0j$$e02MgorwNssJzbts$+ZGQEeAax+3tQpExJQIhBae7txsfnHfQ5tuN1i2HiEb2zRh1N1lgslOn0naaQ2ForiyUtNNJZd3xaasrQg7NoZs2RJwj+mW+p52gGCResrhkDtAe0etshs3tinxlnHugwQntQNBePE3e02R2kmntjnjTNagFsG5t6uZwTNpSouAQgWTVnOT12E2yATIBDwTNxn6rjwF1ByQft34oAiSHm18npNBaLxkrCOaCQ-NSaUCiEXxKDtV19JGsfxxCtoae-LQ5lKrsLZiw9e023QEsjeP7uQa8xV+6JJDnNZFtNoVcJQdm+NQCNfsbE-FfDjSK0+$iDxjQB7h1QXeXNoHZQdts1j9142SP4DQWN7ZlhS1dSpZeRKf2N3xyKxbJQCtntkEFH7slQKKQJnas2JbbnJtNtMQmm7xtmDo4S2XfTm6tApWxCSe9Umu71+HIFN4ZjQgoh21V7ZHNIQnRbViBcQQMUjtQLeVkyiAcwBeya1g1l$EDJkys81+fJRHtUVtyBRlaeS2WmSUxCnwZrDhaL2+pxCt+nsuI1T2RQ6nTpQpwU16meJER7ejahz1zCKdhbTCZLTJtblMzKEEyZys7NotjkCnJVZGfKEy4dk1Q0Jn-fHo1Xtgs9lwtrmplOSQbjlNFQlh12D2-s92nwwctHETs3mXf23cZNHads-EBO0lejXlu-hpjz5jCh2DgkmlrQyS1dQdG11a2bTIH+0GNgAuzt4gX47wNvf8S+Mjfk8EPQha12e+ZbC8J7eK2FNqCZ$E+7D2T-Nu5lj4EvCaNhNXVEBOteV4bhksAa45KcwtSJQQo5SmmVs7swoeP1Gn3xO02NttTtB4tQpZJxRQRsh2+rqZCoA8a2xqe-tNetpFoQPnZf7xnQfHtNw$2-WSrAupTEVevePa1tHtI2ImndnmDj4ixnBVQISeGr+gfkki7xf2uSst2727ZK-ToTZsQoh$eCJHCQwRCbtVxdlJ77twLjg$vfQGp7k0-Xl4i79C8ISVawkQCV3jjTJ$u7dChutFIMPImtiNiTbt1qIbhBZUrWwj8TMdMhjnoTCrwglItlkqhiwcwG+pk+8hflRN5MDk6S7UpMQDnojJwCw6reaCfekCoCX2TJZfSQejtA7v2ttjJXtVsLt$l7KS9B5mvt0m$3nET3GsQ-nm2ZaN30SmSldxib4sixjg1y76wnrozZ-I8C5eKx+EjtdmkhE93-ue+$2afUmEcr8QW2UoKHUf-DBN20BZrEENnVTj9AZ+56VA8kZFwSRKtI$d1E3mhalGPoro6nVl-vaK$oOKB7cJmNZTP1JWExEUNNNfhEs-bWkO5jAV93qua2wA+CN7CfhOkKx++dbNjmFshv1EpnI2Q-ffhAuoc75B$VMrkEzGjT4TGS7vws2FCOS8X7FlweisX1j+a5s1Tjjt2ssdoxbKMtksEX0ukEu2p-w5CrUNaHrHsK4EiT8sxv7kmxIhpaw+UQlrojCwCW45BwqEnZ7lEojAwErlRTEPlW2OEN3hm4oRtQZlnyhNtT16mtot$7nwjwP1j2AG$AnmeOwL27CQjnDE42JwQlhWsCjyEFhy1d2bO7meNB0TLgGoNOXLK1ypTuX4ogTb8XMtmwbUNmuxbsbguley1eEoRAceGeSa4cTmblWCERt3aHcTuh2AK$6WXTg1VtD25vpMjGa1UXtO2jDxMuhz3jcmkbqdEZKo26el-Wx+jwSzoT4cFEztA4yutaaLwSSwbg4Cte0xkwqMsBJHyDeL14Uyu2+Ag6O4dxIgiArbDH6jZH7XcvSkbe8sPJCt5bqCdbg5xPEr2Goc-P878MNZblRU5-V2yrJXSDVq7iiBgllejPeVntDoj278ypxxw+e9J0xtvBfa+Z0ce-DS78BFy9xzbfm5RR4BFCJaqm2cMgyv6EwZT1wFEBseRx6JXxqU1tSEOy+ltt+MsAk$bxwXFSIZqU3ifgiHAtmZxlJIcWRR4suQsGvMFEQ2b4QLExt6xbjNG6wWEeIU0cPEgANPQLkQZBUZ70xo9TqJoNXsGNrbGonpNo+y+T-BgSz33TJ2buDgx2wrkXfpV-R1tReeaWxwl77W5-jQFDQlG17+JEj4z6qN9I81KrZoZNRzZyJXVsc1tDSpsatgtLxomsbfG8+ujQlCKD40mUvAEH3ZklhjrbUCtIwICoJ01$gyV4hwlO4JBt6RR41Un4tVt+j7Nhu6MwhhHK6jNbHaBr$kcEK9j2CmwoIEfy$li-QNu4FkxNyyE+RhRFcNx3NWGJy1rb2oNKJTQDwdjRNTmt+FjxdedtFbZ8OnEhTSlkjObnGil9ezkwKgoV4smEGAOUTDxMg+ioVu9sspOj6q4uoWyMapK5-TZ6MwtUXhZUWkqCgV7o3sOojyAhC0HXMe-xrjO+FC5cIRJioso0TCcUMWSmyO0U0TegNMCsBNCFKJTuy486xwkwHsIErbRHEbhdBWl5jUcGWNNa9zaU21vtoGXMQoeAtKnss6-Ct9AosKg$$3KEezfXV+wl2SkR4sN$4FiKtmUoa6G2F42qB$wtCgmHD22yhtqbMkNOnUf+WKB$jx772kCmaN3f1taJf81CHvO0UargywI3MetldszMUJlAxZwB2-U8WNRqNdGnr+qNAjJW69QDnJ+t22-Kc-5b7eieg1Ua+$FHZbmkCrbOEQEaWBRIofb1msZq1Qnk7o+9NdEmg3nGJ9yNicBWIsQlj+GZw4KsTRSg0OA$kUUBFW$lR066xJdXCXgM$VVOb00sHhcw6mKlpazvsWhtTCI+pigeJWm0E0xgSyXKkSN1$LMaKExnLIEuNUPWOggQdA$Lh+tqM5b0p+ltvyhwp-TbGWdZEE+-$J0+2i4BsnbNjFZWVb24s8$UTn$b-b$u8IZ2dWTwFr-ASHCzEdWTFPWb2nHsyGUO3UN0LbgM+$$zWnM706A1764$Cw1JhWLbr-B49ZzhF7-Mk13OI4uolhKTcRl3+C26TnFC0v$LM66VxsZFytRJKu+A3IzxJb0TRGHQ$gMW9$L-sbsdxA$6TctO-G5hD1q75+OFEj9RGtmN4qzADoTaASwoHGUy2KmjRn8w+4g2S6xW0C$Sw6r$WWmJg2BmD0W2gWOrATm1$E0WZkKW1UfjC$SaoIQro-FJjt5HhBEutSkJKu4A-aOaGH1gKy-C$Ua+0ur+dTvj8-soi5gt+fJ8pofchC73lnj$atgfah+Am+O+$MpJfxeX0zxdbdPWyfz1C4JWO5JmghAxuXv1x8re00+V5ubzIKx-FLjmTQWXj0CO4r4pXVS76i$m8wJgpvnl7oa3E8wJrjFVS7iamR8aKmp4Av7Coe20nFxTmyU0Kc4OQqFkT+yz7djml8TKKWjCu36x3C0jwOWnAH8B+gny4d4TJyAXi5gJ0xlXTVSGWAWHMfVAvTxczXs-gKOzJEnuy8F1b9m+2Gn3EcT0Z1wt8zKeT1yhB6g9EtdJ$38cDGX8JnShAATpyG2Z0$A0xly30czK+u1kt6hDWQ2Kf7k79QddXG9-NgAkZrOx-9ketCBbot5BZAHbFDISkHjHwSffsZAllatQBejwF2MCapX-B9jdM125jeotDerwZDF8ymai1gNgftC8QCEGBdr4gadgZGVyup+eGaju$6tL8fZsJ39QDg42y+CxoVwbNUEatxtttIsQLdEuMjPmNjpJN1PEFL+S7lwBeP2QQCxe1pbZ+BJ1QlR5sle3VHegLXQIQ1kw7BU+ttN4oe8Z2wo2rQ0leoj-ZbeBTBslO1lzWnmaheWubEyrpQJ+2WBKQVr1OdyKWSrtxl5l7stKmtt+92yRttQm7XCHU2kSWA$7aUtBtMN7d9gj2tf+gHTmIKm7P5LeX1HvPWsJQtNLkstH2RtdmtebtHvPOthe0UwEDtH3yetnse82eXMH2OBvV1f+tNX2m7stiNU0M5wXxf+oeGeVtQLmtNi2PMdmqJQwvrrC1kJzGowxB0t98FlZGV8$7aptttyh7tGejX2JFskNgPN35VtZiUmj2jkhXLGr6iSrEVtmwN15t2J32JwelEha3GDtUsWJjpeEmFRZ9ouJwNga9f6EI$1kZJZew35$E$QkHW+WW2nhCarDCEkXpezblPQp+nHEVtL+Q5Otes6ye9$RrEasNGmQzMTe7PifKsT0KoEojpNzt9Do4q9B2NUSQ5TtRteIOuZ2tNLwsStCtQVN+NstgDjmnVWaa$f81gX4tQjwU3nzzhJ1mQoQmi+7nxBl2lw2AjmNowrZmeEtEcXlwZlyayeO$S$psMltyaua5$UAEhKon72ttuk9mlJ2sd37iW3JAju0TjNXu4a67rtBKx5NX4OyltB92NNaStIoyt4nnTNNa1smmEQOQ23NEu1tzfkrttjRFestt"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 0\r\ncf-ray: 9b9e6dbc7ea81ae6-OSL\r\ncf-chl-out-s: Gr3uxFNh7d8l3nh9wnn3Tg==$vLotixRe2hh04zf7cbNCRA==\r\nset-cookie: cf_clearance=_JbjsqTiLx7fmSeYzGp.jfX73Lv2AmKiOxoqFTvTipI-1767736201-1.2.1.1-r3f9628dNSpgal3DaGI7NxPqhvqbY86.zGunJnGT07ijxhR88yaoZutoxNxt8lb_N5ufxplrkNw.W2vDWOBthItJpabsieeCQCJPANwvkeNx5cVivT97r0vUt5qiS3gX.JX1YSRAV8hxAxqJHhhzBbsfGoBqrW41Il1wS9fTI.1TE_wu_p.Lh.mI2r6.AQj1C1W4VapCTrJY.CN7yHqK3Qfj5zmGnIpVEjHcw8.fuKU; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=filecrypt.cc; Expires=Wed, 06 Jan 2027 21:50:01 GMT\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=S0qLoL8v3LMu%2FLppcPXxjwXfsPK7L%2BKDdYKVRDPXTCjkepcAKpPJY6T%2B4E4rRcbkXwPEbxIjSx2610hBJzM164C2cN34l7i%2FbMhEWl27JhquQN5L63qsIsShzUpz1X8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1105\u0026min_rtt=638\u0026rtt_var=389\u0026sent=1246\u0026recv=159\u0026lost=0\u0026retrans=1\u0026sent_bytes=1377736\u0026recv_bytes=33213\u0026delivery_rate=66476557\u0026cwnd=254400\u0026unsent_bytes=0\u0026cid=c2f128981e99902c\u0026ts=1691\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F2%2Fcss%2Fstyle.css\u0026l=6408\u0026fd=546","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.264Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F2%2Fcss%2Fstyle.css\u0026l=6408\u0026fd=546 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:03 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":71,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/dragdrop.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /js/scriptaculous/dragdrop.js HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KTwwjb4%2F8ftPqbepnXsL0126I4AHenxUiC8BiIOF923u4QSYjQgunzYfaAZd1vRcZBL4BeIGI00tSbo9Ef4JcV%2BCGkaVhMpctMGhJQ%3D%3D\"}]}\r\netag: W/\"6836f090-7a09\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db57f511ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31241,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"2f96dcb27ba6d7f4b95230edcb7fcb56","sha1":"157cf4f6566d41518f35656db74c8711b300e5ad","sha256":"7a73cad846dc23360722dcbee514af620c6fa628780bd7db889196e2e284f655","sha512":"a87a0248534206f45014899274d43f67993d5d0198d9e64c904dfb393570e563ef2e4ba3ad6d7148d24b7133c99b709439e82f88e67b88ac7262434d13c2a3e3","ssdeep":"768:kaXA2pg2lw+7Tm6WNh3vTqhUOf+Ec5o4i26UlaBJb:lX1jOfTqhUOf+Ec5o4vlaBJb","tlshash":"a5e262493966362950dff1ad6baf450eb27881972444c8747c6c4bc89fa0e34a4ebff4","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-05-26T09:02:56.892291Z","times_seen":613,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 362552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 06 Jan 2026 09:14:45 GMT\r\nexpires: Wed, 06 Jan 2027 09:14:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 45316\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849529,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-05-17T14:57:40.198546Z","times_seen":49448,"resource_available":true,"data":null}},"time_used":409,"timings":{"blocked":155,"dns":2,"connect":16,"send":0,"wait":23,"receive":72,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"35.156.32.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nCookie: uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://filecrypt.cc\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"001b5c748138518a5a939511cd7025fa","sha1":"34c5bb287a9918b4716f2f4da8c7a3b9cf1f3126","sha256":"2cd3216ba5c29184e29536319f4c86a06d5bd39c18f5938b36121c29633673a5","sha512":"c850200ec7008dda195fd9c8de77ec609772a3bbc11cab02d9a860446cd2e6f0b12e9476703c7cd8addd8376c3671f7cb1186d54944d0c7845d14331a2429e52","ssdeep":"","tlshash":"b49004c1003114c1111c3c05454c1440c05c7f1c445dcd1104c150531c3d717cc340d0","first_seen":"2026-01-06T21:50:39.855295Z","last_seen":"2026-01-06T21:50:39.855295Z","times_seen":1,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/2/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/2/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:03 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Sep 2025 08:17:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68ba9c9a-1908\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FPQ0vRFAsc%2BGscojUYRJjrbSxE1zvPq7GQBGMpQo65S8b5tRMs1ZnMYs5%2FDkQlENaE5f6qwSkssBQUj9SMpSoSB7hw8FTpnn1Pd5AOvCCRo%3D\"}]}\r\ncf-ray: 9b9e6dc33cd10daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6408,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0c8e68e2dad092d853e88fe5258c9b00","sha1":"479e553d7c4708023f9952c058d758851151623c","sha256":"3f81476ce31880d55bd9c2d89f9033f679b1cc5dc40b92bef154191313ef8828","sha512":"622f7fb3ac1f1acbe28c3589366150094dfce34c7df6aa78db67f57750f68749913106c69e900fd94384023a8644e24b2db9e40e349eb8c2105bf17e2cbdaff2","ssdeep":"96:1zGCgzMUmWCfICX6zXXgCfUKOtAYiY5mnM0pfiUpQnK4OHBCHL+OCp0PkuCo1CCj:f2MZnincKOyXnMsWM0MrFq4ZMOjF6","tlshash":"cad131a617750204b81bd8963d116f17a7688013ee0fd9b86ed2240cceca6ce95f379f","first_seen":"2025-11-02T04:06:13.757853Z","last_seen":"2026-05-25T08:01:32.015281Z","times_seen":833,"resource_available":false,"data":null}},"time_used":572,"timings":{"blocked":34,"dns":2,"connect":5,"send":0,"wait":503,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/pixel/sbs?c=1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDIxMjQwNiwiayI6ImFlNDhmMGI3NzBkMjAzNTU1OTE0MmMwOGFlY2Q4MGQzIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo2ODk0NCwicGlkIjo1ODQ3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7IjI4IjoiNjM5MjFkNzY2MTdjZDZmOWEwNWY0YWJiNTM3YTljMmYiLCIyOSI6ImFkMzI3M2I2MGE3NGQ3MWQwNGI2ZjJhNTNlNjMwZmUzIiwiNDciOiIxMDI3Zjk3ZGVlNzI3YmQwMWY4NTdiYTIyYmRiMzFkOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyLzYyOTg3RkIyQUEuaHRtbCIsInR6IjoxLCJhciI6W119fQ.ZpUXF_94tW4Hat1JtoElJQMCgEvsIbYAl4KvhEohXq8; uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl14212406=1; pdhtkv29=true; uncs29=1; u_pl27353197=1; slecad3273b60a74d71d04b6f2a53e630fe3=[6291497]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:03 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/PT.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/PT.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IFfLDKFEsdHvxCiSo1%2BuhrVzF7OYxqYBOjX0xOriaWoWJNt9p9mSjprT%2F5dz1p%2BXD7UIxFrC%2FtXrVYD2HZ6tn%2B33v7SfvOET4SEq5Q%3D%3D\"}]}\r\netag: W/\"6836f090-a5f\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db33ce61ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2655,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1b22e075736d5724856e9e4438b09e92","sha1":"3cdd7e41edbd547e92d5b994e297b254e08a3231","sha256":"f01b03798f3859e4a7af303bfc724ee503e772f37291cab5952a3f09c77c351a","sha512":"3190228e104e426834d02ea227090c828a650abbba36fe61929c2c31c610b773b2b224eec553d23dcd48fa802d2f595e9f80ab9598de4febf9269a4855702271","ssdeep":"","tlshash":"3451b813ce6aad496655dffdc776b7ea223781f84b71c654032a643bb00306329c8ee4","first_seen":"2025-07-29T23:13:50.440427Z","last_seen":"2026-05-26T09:02:56.856211Z","times_seen":153,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=9545986\u0026cbur=0.35146762110947116\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=Filecrypt\u0026cbpage=https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=bklihaatruags.website\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1767736200955\u0026srs=f0b51ed31f00d144c668d22b56ef6989\u0026atv=74.0\u0026btp=0.01\u0026abtg=1\u0026adbv=3-cdn-js","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 23:08:46 GMT","end":"Sat, 07 Mar 2026 00:07:30 GMT"},"fingerprint":{"sha1":"D5:B9:71:11:A1:C5:BD:EA:60:68:49:87:01:4B:0B:CB:81:8B:FA:6C","sha256":"66:19:A7:E1:FD:B7:41:C7:AE:CB:33:20:81:70:04:52:48:C8:D0:0E:66:96:B3:F7:FE:B5:FC:10:FE:48:0A:44"}}},"request":{"raw":"GET /script/suurl5.php?r=9545986\u0026cbur=0.35146762110947116\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=Filecrypt\u0026cbpage=https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=bklihaatruags.website\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1767736200955\u0026srs=f0b51ed31f00d144c668d22b56ef6989\u0026atv=74.0\u0026btp=0.01\u0026abtg=1\u0026adbv=3-cdn-js HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://filecrypt.cc/\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r%2F4m1MxTP9fW9EOTIUcDF5qk1clghA0DhvbmZKCZw%2Beq%2F2bzM%2BlDMMKUhHHZ8ls8AU7ycOzi0LSz%2B%2BQOz3hx%2FRyuzaJ9C90sZizMx9AQcnDMfS4%3D\"}]}\r\ncf-ray: 9b9e6dbbb88f723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1223,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"bdd64610bdf733e1271e8b9fc2493b4b","sha1":"08841a8cf4a631ab1ea90719ea72ee80ab5960ec","sha256":"da24169ece4b3f5175f7848a128c69a4cdf2a258c897fa0dd0dc740f73bc94d8","sha512":"29d8ffd2bc8dfe842968c204c6fb46691634e5e556359714380541ec86b1c9083897b9fb3e468c06c6cb04b7b6adf8c1648425b479c1e34f525b860fb5b021e8","ssdeep":"","tlshash":"9d21b7233de7b1d16aff0688775e51b098386581cf44ba08da203ce8d7147c8851db23","first_seen":"2026-01-06T21:50:39.857424Z","last_seen":"2026-01-06T21:50:39.857424Z","times_seen":1,"resource_available":false,"data":null}},"time_used":311,"timings":{"blocked":48,"dns":33,"connect":1,"send":0,"wait":189,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.916229926093.js?key=ae48f0b770d2035559142c08aecd80d3\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /watch.916229926093.js?key=ae48f0b770d2035559142c08aecd80d3\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:01 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://filecrypt.cc\r\naccess-control-allow-credentials: true\r\nlocation: https://sourshaped.com/watch.916229926093.js?key=ae48f0b770d2035559142c08aecd80d3\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1\u0026shu=cb262d03b65f98e6ec1f9209da437263239e679f4947f9e8fb452ef8fe3ad1919a575ad1e2495991a9643bad40fd0481c8fae73ba839ef3786f84aae8177575598f316adc916a8b87da1aaeb97e4fd74dfa55829c84992896c28\u0026pst=1767736261\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDIxMjQwNiwiayI6ImFlNDhmMGI3NzBkMjAzNTU1OTE0MmMwOGFlY2Q4MGQzIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo2ODk0NCwicGlkIjo1ODQ3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7IjI4IjoiNjM5MjFkNzY2MTdjZDZmOWEwNWY0YWJiNTM3YTljMmYiLCIyOSI6ImFkMzI3M2I2MGE3NGQ3MWQwNGI2ZjJhNTNlNjMwZmUzIiwiNDciOiIxMDI3Zjk3ZGVlNzI3YmQwMWY4NTdiYTIyYmRiMzFkOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyLzYyOTg3RkIyQUEuaHRtbCIsInR6IjoxLCJhciI6W119fQ.ZpUXF_94tW4Hat1JtoElJQMCgEvsIbYAl4KvhEohXq8; expires=Tue, 06 Jan 2026 21:51:01 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1b5cf6662a2e264e905cd2d3c401e509\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4546,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/2/img/banner.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/2/img/banner.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 94140\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Sep 2025 08:17:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68ba9c9c-16fbc\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 1539580\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aZwk7kOCKca5ciHfzAqqaJVy%2BLfz70NNTsEXmaHsmqSe4M7GoXfGZKhVVHDOO835637Uankmgoa%2B%2BSsIxEMH%2FWNo61ZmF3s1FTbkRQ3upII%3D\"}]}\r\ncf-ray: 9b9e6dc3ff630daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":94140,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit/color RGBA, non-interlaced","md5":"b739e379c0f0844368a6e32799339d57","sha1":"12528f59e12877554b48e228d40cb359636f7ed5","sha256":"25c3c0f1bccb9ecf6401547cd49485f3d0e8b3247ec933abe0172249b3005748","sha512":"243e9612cca2a2634f117efcb86b28bf95dbc19798af74307df984bbe6ae9a2d0c42790820723e7d1aac6120041a880c0d8bb9584c7f5e12967da60a2531b586","ssdeep":"1536:6ET5z3YJqH92YQCWgfV6t+xlmnbjpX+dqUGpuMXUiuSQA/2O8rpV/mqh/7uldWE:zlUa92UBMt+EOk6kUihoOEpt5iDWE","tlshash":"7a9302bb19e3fc741bd18f18d8637b37e23ad002ecb208508752d7f5a97764a858561a","first_seen":"2025-11-16T08:40:49.56113Z","last_seen":"2026-03-16T00:02:33.293529Z","times_seen":281,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=ad3273b60a74d71d04b6f2a53e630fe3\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=21","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 22:13:33 GMT","end":"Sat, 28 Mar 2026 22:13:32 GMT"},"fingerprint":{"sha1":"A3:08:82:4A:9A:ED:6E:4C:29:FC:10:0D:1D:8F:8B:68:0E:D0:49:72","sha256":"B4:01:36:5D:F9:70:75:BF:F6:56:67:76:BB:CC:A2:D3:BA:69:61:33:56:FC:C7:21:69:6E:04:BE:95:D7:B2:F5"}}},"request":{"raw":"GET /pxf.gif?uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=ad3273b60a74d71d04b6f2a53e630fe3\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=21 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:03 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ddad5a2b8844a86d0b2f7f0079e741d3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":671,"timings":{"blocked":285,"dns":1,"connect":96,"send":0,"wait":98,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/Container/62987FB2AA.html","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-06T21:49:59.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /Container/62987FB2AA.html HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\naccess-control-allow-headers: Content-Type, X-Requested-With, Origin, Referer, User-Agent\r\naccess-control-allow-methods: HEAD, GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, must-revalidate\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=leQtgvx3SR2Pd6fz6CvLfFLJ3hDRILB06Caou5OENo5M5x6X9A6uSmpA07eAKL%2FseIAmG0JJdzvKmwTms%2B9MJbChXsi5WS67fIY%3D\"}]}\r\ncritical-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npermissions-policy: ch-ua=(self),ch-ua-platform=(self),ch-ua-platform-version=(self),ch-ua-full-version=(self),ch-ua-full-version-list=(self),ch-ua-mobile=(self),ch-ua-model=(self)\r\npragma: no-cache\r\nserver: cloudflare\r\nset-cookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; path=/\nlang_v2=en_US; expires=Thu, 16-Apr-2026 21:49:59 GMT; Max-Age=8640000; path=/; domain=.filecrypt.cc\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db0dd945684-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"script.aculo.us","description":"","website":"https://script.aculo.us","common_platform_enumeration":"","icon":"script.aculo.us.png","categories":["JavaScript libraries"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Prototype","description":"Prototype is a JavaScript Framework that aims to ease development of web applications.","website":"https://www.prototypejs.org","common_platform_enumeration":"cpe:2.3:a:prototypejs:prototype:*:*:*:*:*:*:*:*","icon":"Prototype.png","categories":["JavaScript frameworks"]}],"data":{"size":627242,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (52409)","md5":"8da2533c2a13fa0f8a240d68992b8e81","sha1":"55ae55c8ae78bf4dd2ef66a442fb9e4f043d6ebb","sha256":"001baca8f9023466ae3144cb4f64ea5d9a46afe15ac2ce5f3d37f248bc7dbda2","sha512":"e0544bf74ac800e7a8ea11c2ffec2dff0ce46a630aaf04a7c3d80c1c839ab0279a2910938e4d3e7443916abb9f82792d9bf30c9435ed4107df2b8f3530c5a407","ssdeep":"12288:3sdqeHntKnhYZiahM40lN0R5Jr9OnaYuqFFObnpe9AUTpKWZVfmuenM5xkdJ:3sHtbhM40/0RRIZDFObnpe9AUTpKWZVy","tlshash":"7dd4501837844986371b4ebb773fa5d1e40b38da7609488ff6087c65a1965a3fbe8331","first_seen":"2026-01-06T21:50:39.858629Z","last_seen":"2026-01-06T21:50:39.858629Z","times_seen":1,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":40,"dns":21,"connect":1,"send":0,"wait":202,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","date":"2026-01-06T21:50:02.082Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 362552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 06 Jan 2026 09:14:45 GMT\r\nexpires: Wed, 06 Jan 2027 09:14:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 45317\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849529,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-05-17T14:57:40.198546Z","times_seen":49448,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","date":"2026-01-06T21:50:02.453Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 31 Dec 2025 21:35:41 GMT\r\nexpires: Thu, 31 Dec 2026 21:35:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 519261\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-26T18:19:09.702698Z","times_seen":850331,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":72,"dns":1,"connect":7,"send":0,"wait":20,"receive":9,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/2/css/magic.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/2/css/magic.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:03 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Sep 2025 08:17:30 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68ba9c9a-affe\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zH%2F0PUudu2BsEuevY2qAv5I%2F8Xq5YtKglOOOG6II%2F6sZn%2Bpp585jCog8xCX6zcuVwOwBh9ZsPvDBFnFo1OPRtgH4m0qReK7Q7TRfwnJsuF4%3D\"}]}\r\ncf-ray: 9b9e6dc32cc50daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45054,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bcd1967f8c2604f55f57197de0ae895e","sha1":"c31a10c3ecde74b50450a0a1ad21aa474ff05e7d","sha256":"787eac5d9417257a04de7b18ef21f5ec887de3aee642ceba9a7d56a8209eea2a","sha512":"b37f1a61bbe740bc29308e664227701366ac978d4fbed081f13c47200edd74a792ab980559a236cff39ae27d3fda3ffffef3f1ac2dc420612b616496b44e9df8","ssdeep":"384:lQLl1pRp0itimTKDbObwHuHXFlF7FPFSWRyYyRZZZaZjZPfbfUO3OipypE:GpRp0itiFbObwHuHXFlF7FPFSWX","tlshash":"b913276b2dd2114086564365a3fe6b2c261c85c31c6becfab3a218ce8f1567c53db61f","first_seen":"2025-06-11T18:18:27.729381Z","last_seen":"2026-05-26T13:32:22.899809Z","times_seen":5674,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":33,"dns":3,"connect":1,"send":0,"wait":476,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/fonts/Montserrat-italic-100_900-latin-ext.woff2?v=d27f916d","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /fonts/Montserrat-italic-100_900-latin-ext.woff2?v=d27f916d HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 75000\r\naccept-ranges: bytes\r\netag: \"687cf10a-124f8\"\r\nlast-modified: Sun, 20 Jul 2025 13:37:14 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MOF38wiNAHIlQ2fioMsXc7kv6dK4MR%2Brbjkot%2Ff90K2IUDEZTVYZhZEBrJlHQwWnz3MweG7oj8z7%2BaCIZTpEEzBu%2BSHaGUJNr%2FynEg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e6db31cae1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":75000,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 75000, version 1.0","md5":"ac1da469b5525982246e1d02167c89fe","sha1":"041e9c1d27f916d59b8b252dddb69e48e82b3d98","sha256":"3a0319af9bc79fa2d32d768c2c21fed29cccaa0dcaf8a81da64c973282c2650a","sha512":"139974fe21500d61e6bb24a6d7347c42a8ed5ab165f685bcb3a4f1acebf7ef7477e575e543c756dfa77fbbdbe4b536fdc267e07962a461895caccc3a41977d34","ssdeep":"1536:tWQV6tWCt5iovwRJqd0+6VF31LijVQlOqdZkuYuVH:tWMFaiovWW+HlLYYOYZkuFd","tlshash":"ed73021b47e571f278ebe3a1dc4dab1ce1035161c5124a20de164fa3e5684af29f227f","first_seen":"2025-06-28T17:41:37.39976Z","last_seen":"2026-05-26T09:02:56.863765Z","times_seen":194,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":81,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/fonts/Montserrat-normal-100_900-latin.woff2?v=2ee1ba9c","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /fonts/Montserrat-normal-100_900-latin.woff2?v=2ee1ba9c HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 37828\r\naccept-ranges: bytes\r\netag: \"687cf10a-93c4\"\r\nlast-modified: Sun, 20 Jul 2025 13:37:14 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VGCchwVYheSptkTdmLwkUyj4RxxjdCzZbWadipAgSoiJLvM6jXaMnJSy6n877FeKHELZ%2FCkIm98enylBbP2NTlb%2FpZzQBlRTVStNxg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e6db31cb31ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37828,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 37828, version 1.0","md5":"50b140b1e97d859d6d0603414f4298ee","sha1":"500e4872ee1ba9cf89f1ba626d64987b0f9ab5c9","sha256":"fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1","sha512":"55ef84e956a7943e3fc61a8a349e64e9f35b7dfc63402ab52b995f43a7cd4b1d2acd300126dcdd610d0b106af426848f998ccf154f712034422d242d6ad9130d","ssdeep":"768:TLreREud92B1C5buEpioxWe6O1ESHFnLQkbknuF1dcjI5djeBX:Tu68248oxWe6O19H1zwnubdk","tlshash":"a103e0d50dd6198aa53b3f7f467f0a3e1b12c429a57180f44a135fd32e169a7e910f84","first_seen":"2024-11-07T01:11:00.992427Z","last_seen":"2026-05-26T16:48:52.546062Z","times_seen":37968,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6","date":"2026-01-06T21:50:02.470Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /recaptcha/api2/webworker.js?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026co=aHR0cHM6Ly9maWxlY3J5cHQuY2M6NDQz\u0026hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026size=normal\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=98zt8ewmaax6\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\nexpires: Tue, 06 Jan 2026 21:50:02 GMT\r\ndate: Tue, 06 Jan 2026 21:50:02 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: same-site\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"884763df105a7eb061a62c244fa7832c","sha1":"bfc4d2601e5af803e2dccd964e469f624f167be1","sha256":"cd968daeca8c270c3ea51f8eecfa315a5d805bca263da5ef6f9c4c64254afc9a","sha512":"096a5e005a5b9f72fb552517cf5d4615f74c0111d6b97f23f9c989107426292f11090eb097ed66b5f20e05aacd401ec18ad33eae5b97705188b7c34649abf80a","ssdeep":"","tlshash":"6eb012231596dc280c00420ad427d3b8e012d138e65180f181342fe856249f34110940","first_seen":"2025-12-11T19:34:34.569022Z","last_seen":"2026-01-20T22:35:06.704801Z","times_seen":43041,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/2/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.073Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/2/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:03 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Sep 2025 08:17:34 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Mgo83j4ugxYvIJuVTHAyH%2Bj%2F1dNFzc7JSd6zJVz212ODpz5yBKRBdvUJ7q%2FYJ5jJsMvNUjrckgvDWMkn5fsI0hEKrCdZwhu6ilLRZ3SaEY%3D\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"68ba9c9e-3705\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6dc4faf30daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14085,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"227a44e64b67ab29f2e7117764ffb6b9","sha1":"93e2a98edccf8c0cdb54bc27cf0fe35b4146ad28","sha256":"18cbc0908b3d76650c16a11587ef5e431d459de627f25238e754d7e5cb765bbc","sha512":"7fad223aaa0855ec678220c435e95d2ce802031d7ed68a7ab4703156b5dde264237ca6fd0a14d1ba91ec313968eb4b7a6a85c3b17a8b7f8c47fb7c3adf2067f8","ssdeep":"192:iFzimibibi9iFcrcYmeo4U4q1VpTgjism5KFAQkOwl+21AleJkzepeQToS:iFzimibibi9iSo4U4q1VFgRkOwl+jKF","tlshash":"b952234409b9da21c418602f203e3362fb680a179d66bad9fb8944056fcfd6f79b453f","first_seen":"2025-11-24T06:33:44.896093Z","last_seen":"2026-04-22T04:42:57.870325Z","times_seen":267,"resource_available":false,"data":null}},"time_used":621,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":621,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/fonts/Montserrat-normal-100_900-latin.woff2","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /fonts/Montserrat-normal-100_900-latin.woff2 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/css/font.css?v=0a8b5d7e\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US; dom3ic8zudi28v8lr6fgphwffqoz0j6c=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1; cf_clearance=_JbjsqTiLx7fmSeYzGp.jfX73Lv2AmKiOxoqFTvTipI-1767736201-1.2.1.1-r3f9628dNSpgal3DaGI7NxPqhvqbY86.zGunJnGT07ijxhR88yaoZutoxNxt8lb_N5ufxplrkNw.W2vDWOBthItJpabsieeCQCJPANwvkeNx5cVivT97r0vUt5qiS3gX.JX1YSRAV8hxAxqJHhhzBbsfGoBqrW41Il1wS9fTI.1TE_wu_p.Lh.mI2r6.AQj1C1W4VapCTrJY.CN7yHqK3Qfj5zmGnIpVEjHcw8.fuKU; pp_main_63921d76617cd6f9a05f4abb537a9c2f=1; sb_main_ad3273b60a74d71d04b6f2a53e630fe3=1; sb_count_ad3273b60a74d71d04b6f2a53e630fe3=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=sourshaped.com\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:03 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 37828\r\naccept-ranges: bytes\r\netag: \"687cf109-93c4\"\r\nlast-modified: Sun, 20 Jul 2025 13:37:13 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R7hZPYsyNC6fOTFqdyx2uhx0Uh4WbGAOeZN9QhiDD0Rr1eaPP3TimAaG008DmOSpSnJwdyZiXYSfYGCqHvZbWO6ijxaI5cBjuBdBuQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e6dc5eb081ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37828,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 37828, version 1.0","md5":"50b140b1e97d859d6d0603414f4298ee","sha1":"500e4872ee1ba9cf89f1ba626d64987b0f9ab5c9","sha256":"fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1","sha512":"55ef84e956a7943e3fc61a8a349e64e9f35b7dfc63402ab52b995f43a7cd4b1d2acd300126dcdd610d0b106af426848f998ccf154f712034422d242d6ad9130d","ssdeep":"768:TLreREud92B1C5buEpioxWe6O1ESHFnLQkbknuF1dcjI5djeBX:Tu68248oxWe6O19H1zwnubdk","tlshash":"a103e0d50dd6198aa53b3f7f467f0a3e1b12c429a57180f44a135fd32e169a7e910f84","first_seen":"2024-11-07T01:11:00.992427Z","last_seen":"2026-05-26T16:48:52.546062Z","times_seen":37968,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":58,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/impr.gif?sid=H4sIAAAAAAAC_1RTPWwcRRueddJ9-oSAiArQIlEQCZ9nf-4vKSJMCIoIiUmCUiBEZmdmz8Pt7Swzu7fnqwJWoojKdJR7z11sfqwIujSg6EwXCYmjchE30FEipUZ3PsnwFu_P82zxPO--c29UHJEABTvceF8PVZKwtXqNum_cUqnQpXWv3nQ9WqPn3VsqbYTn3cE8mf45Lwhr9Kz7ruRdveZTj1KPeu4lZWSsB2sLFirbb3u1Nq2Ffs2rhxiY_862WIFlDkT_iLwAJWbP_RF_BMWnSHs_XJS2m-vszXd6RcJybdAXex-m3VSXKXonbWwcxOne8mtoOyPk6xXodG_pALo_mTtApGZk5aWniNK9pUxE_QfHSqMEMkUk_oeyP4VMplBsCq63ocRvBOACV68h7e1e1aZkW8csm7MzcvrZ31DljJx-egZp7-F6ogbuDZ0UudKpxSCuoAZTqM4UWXGAfOhAlQfg-RdQ4ley9uwK0t7kmk00lDh8vVlv8bgu6qteGNPVkAZ0lXERrcYiagVRgzfrIl6sSMVTMLuCwjoolIMidlBkDnri0A1pK-QeCxpxW_AmDVkYChnRdsunlLV5EwX_HErsgJu7u5nYzLv9SW4KOSlSbkfeN8eQHyzA3TnoByNvv_gkS7zQ9_yQNkYeMnMHXbUDUzyG3axghQObE_RFhVISlJagZASlIihzgrJfPRCJ9W21KxJbRN6y-ssaVGOdd0bsgc47MiVgZgdGVBOVfWa3wfNT42FsxVjPE4vyaswiUY2yI_L8_D84o9s9dOWhy0TgN4OoQVkzFE1P0DBqxD6rB7IR0FgGsKqCsitg1sFQzYjz_w1kakbInx1E7AA2OQBXL4MVr4CVFdhmhWG6H6tEcrOV5TXOIXSFLD-NfMsZJUfkxfH1m-uPF-dwm5yF5E8uPHz0wV93X30EbipkpsKn6heCTnJ_fF2XZHJdl5b8eC3LVU8N2fxUbuQsl6e-e09uldqIyxftzrdv8Tkxb_dvSptfYalQaceS79eVENJc0oZL8tNle0tGG4XdXC9MWmRXNt6-dLmXGWmt0ukUbO7w3M_gakbObL62eAaNey54dgc2O9FpNUGUOUgUQSKfkGWARRXsv-bopB_Z--gYByzfRtqr0DcV-kkFluzAFqfGeWaeXPg9WASixBlHiXEmUWKSr473ZNWhGwfS55S2mg0vaMXSC0LB43orbIsGo0EgkduZ-nj7y38CAAD__xUWJ3KpBAAA","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTPWwcRRueddJ9-oSAiArQIlEQCZ9nf-4vKSJMCIoIiUmCUiBEZmdmz8Pt7Swzu7fnqwJWoojKdJR7z11sfqwIujSg6EwXCYmjchE30FEipUZ3PsnwFu_P82zxPO--c29UHJEABTvceF8PVZKwtXqNum_cUqnQpXWv3nQ9WqPn3VsqbYTn3cE8mf45Lwhr9Kz7ruRdveZTj1KPeu4lZWSsB2sLFirbb3u1Nq2Ffs2rhxiY_862WIFlDkT_iLwAJWbP_RF_BMWnSHs_XJS2m-vszXd6RcJybdAXex-m3VSXKXonbWwcxOne8mtoOyPk6xXodG_pALo_mTtApGZk5aWniNK9pUxE_QfHSqMEMkUk_oeyP4VMplBsCq63ocRvBOACV68h7e1e1aZkW8csm7MzcvrZ31DljJx-egZp7-F6ogbuDZ0UudKpxSCuoAZTqM4UWXGAfOhAlQfg-RdQ4ley9uwK0t7kmk00lDh8vVlv8bgu6qteGNPVkAZ0lXERrcYiagVRgzfrIl6sSMVTMLuCwjoolIMidlBkDnri0A1pK-QeCxpxW_AmDVkYChnRdsunlLV5EwX_HErsgJu7u5nYzLv9SW4KOSlSbkfeN8eQHyzA3TnoByNvv_gkS7zQ9_yQNkYeMnMHXbUDUzyG3axghQObE_RFhVISlJagZASlIihzgrJfPRCJ9W21KxJbRN6y-ssaVGOdd0bsgc47MiVgZgdGVBOVfWa3wfNT42FsxVjPE4vyaswiUY2yI_L8_D84o9s9dOWhy0TgN4OoQVkzFE1P0DBqxD6rB7IR0FgGsKqCsitg1sFQzYjz_w1kakbInx1E7AA2OQBXL4MVr4CVFdhmhWG6H6tEcrOV5TXOIXSFLD-NfMsZJUfkxfH1m-uPF-dwm5yF5E8uPHz0wV93X30EbipkpsKn6heCTnJ_fF2XZHJdl5b8eC3LVU8N2fxUbuQsl6e-e09uldqIyxftzrdv8Tkxb_dvSptfYalQaceS79eVENJc0oZL8tNle0tGG4XdXC9MWmRXNt6-dLmXGWmt0ukUbO7w3M_gakbObL62eAaNey54dgc2O9FpNUGUOUgUQSKfkGWARRXsv-bopB_Z--gYByzfRtqr0DcV-kkFluzAFqfGeWaeXPg9WASixBlHiXEmUWKSr473ZNWhGwfS55S2mg0vaMXSC0LB43orbIsGo0EgkduZ-nj7y38CAAD__xUWJ3KpBAAA HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDIxMjQwNiwiayI6ImFlNDhmMGI3NzBkMjAzNTU1OTE0MmMwOGFlY2Q4MGQzIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo2ODk0NCwicGlkIjo1ODQ3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7IjI4IjoiNjM5MjFkNzY2MTdjZDZmOWEwNWY0YWJiNTM3YTljMmYiLCIyOSI6ImFkMzI3M2I2MGE3NGQ3MWQwNGI2ZjJhNTNlNjMwZmUzIiwiNDciOiIxMDI3Zjk3ZGVlNzI3YmQwMWY4NTdiYTIyYmRiMzFkOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyLzYyOTg3RkIyQUEuaHRtbCIsInR6IjoxLCJhciI6W119fQ.ZpUXF_94tW4Hat1JtoElJQMCgEvsIbYAl4KvhEohXq8; uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl14212406=1; pdhtkv29=true; uncs29=1; u_pl27353197=1; slecad3273b60a74d71d04b6f2a53e630fe3=[6291497]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:03 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+ed587a5b88bde895d7bfb380b9d54f66=6291497; expires=Wed, 07 Jan 2026 21:50:03 GMT; path=/; secure; SameSite=None\niprc_l:6291497=1; expires=Wed, 07 Jan 2026 21:50:03 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 4\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 310657c8d7607e2b35364ce69658e5e5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/IT.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/IT.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=C9TqfoczgGD4n5eWIsze%2F86n503M6DMcuXYVSMK7IQM9TubmpOohLdVKKeZtQYr79D5abTGDR2fDSBO17iYs%2FO9nId%2FQPrGnN7krhg%3D%3D\"}]}\r\netag: W/\"6836f090-3a1\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32ccd1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":929,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"db99f6b2d4e403cfcfcd1d83c4e33e78","sha1":"930f6cedbc14ecdcc14a515bfcc059a527bf1a30","sha256":"1ae4a076c651d7118a3cef11f8b7206a56ced70c6da0c5391e793dc076b6be96","sha512":"f84605d6b4114e8a9763af7971bccfe4e5627bd1d3221f3db728216a5a678dbc1b0810c0a799afda60cef1046864a53680be2e32402fadb4957eff2523122089","ssdeep":"","tlshash":"761159d496474c6b2870ebf0db34aaae173283a09fe1e488a36b356f314344714c5dd8","first_seen":"2025-07-29T23:13:50.416446Z","last_seen":"2026-05-26T09:02:56.869508Z","times_seen":153,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\ncontent-length: 0\r\ncf-ray: 9b9e6db9dbfc1ae6-OSL\r\nlocation: /cdn-cgi/challenge-platform/h/b/scripts/jsd/88d68f5d5ea3/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=t19y0soFEC7Oi4e8NF0HV4UlK8VspXKDZnrQtBORPdsONSg24JpskZs66jmWv5cwNjFYxM6OuQgxurB6Uk0WfliXdGmm2C7jh55R6hMEdNlLchG45QvkZDwGGL087Nk%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1141\u0026min_rtt=638\u0026rtt_var=282\u0026sent=1233\u0026recv=143\u0026lost=0\u0026retrans=0\u0026sent_bytes=1369472\u0026recv_bytes=19238\u0026delivery_rate=66476557\u0026cwnd=254400\u0026unsent_bytes=0\u0026cid=c2f128981e99902c\u0026ts=1266\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10529,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/CN.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/CN.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6cwdJfg5mcgPnJI%2BZhWNGZRdYYbExh31lkBSlsMlnqxieU22To%2FhQ8arHt%2FPqwP%2B678Q1J4MeaDtObgmB0g9uF5sDfWNSb9PzPSuCg%3D%3D\"}]}\r\netag: W/\"6836f090-a5f\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cde1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2655,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"74b7498d388c0fa9ef28ae8594b0c2bc","sha1":"5881f8b4ed2e8f9ce91202ebd970aaec3845f4e8","sha256":"b7528e6010b862d7e00e12a5da307f4a324784b06e6b2854d4f7c84bce05f444","sha512":"ca6ee5505452654f11cfe02a92978b895b0d123f860bbf8e97d1f7d21737303d85e5700b14fdbada2a58219df132f776bb502f971354ad4b6f060a65d213d8de","ssdeep":"","tlshash":"695154c453255dea59615fb4ce703b6737b501eb0e61e2d4a31b346fb0079b210d8da0","first_seen":"2024-08-20T13:51:14.324224Z","last_seen":"2026-05-26T09:02:56.85978Z","times_seen":154,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trusteddisguises.com/ae48f0b770d2035559142c08aecd80d3/invoke.js","fqdn":"trusteddisguises.com","domain":"trusteddisguises.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"trusteddisguises.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 07:59:56 GMT","end":"Sat, 04 Apr 2026 07:59:55 GMT"},"fingerprint":{"sha1":"EC:E4:50:64:38:80:BC:9C:DB:B7:2B:AA:CE:06:67:8E:59:7E:0B:B2","sha256":"97:2D:4A:52:1D:B8:39:FE:71:B7:CA:C0:27:1E:EC:62:08:ED:8A:62:E6:D6:13:A1:02:4B:9A:A1:B1:27:0B:B3"}}},"request":{"raw":"GET /ae48f0b770d2035559142c08aecd80d3/invoke.js HTTP/1.1\r\nHost: trusteddisguises.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:00 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18568\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: trusteddisguises.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ecd6d3557923480021d0106d81055568\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46331,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46331), with no line terminators","md5":"7c63a8220df25042f0ffd60dc45d3d6b","sha1":"651e38735de25223eb08a08547a627dd1fbbdfa7","sha256":"24c8189161f7f1bde66e710873abf4eab352180065a43a56b6a2cdbf93950565","sha512":"03844b1fee1bddee7d3e398f506ae4ff409e210e2594da6b441002f9ffe69c44b8c64a39bbeeafee48776d25b725b5bbb1038aa46a306e1bc66ef686982b8c00","ssdeep":"768:dB2EL/5+sNKlKMHLQTwkf0RysYeLvLoK12G6FYc0Cas0f:dB2EV+aMHLQTwkf0rLDLoK12tFYNLB","tlshash":"8f23fa5dbf92f006165f70b7372fa106b11a8c19680cd89cfa07fda46d68f45e837aa4","first_seen":"2025-12-20T16:48:18.719495Z","last_seen":"2026-01-06T21:50:39.864321Z","times_seen":2,"resource_available":true,"data":null}},"time_used":803,"timings":{"blocked":289,"dns":46,"connect":91,"send":0,"wait":96,"receive":91,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"trusteddisguises.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/controls.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /js/scriptaculous/controls.js HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FcYmeTkaoSPRC1JxCDmEqmy6vkcsPK51NXV0SKgV7WwPF3d9PUz3%2FCplswLUIBxxD4gFPvnbFH15BB7vpqhxWAx8jc%2BGvn06AlHhAw%3D%3D\"}]}\r\netag: W/\"6836f090-87e3\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db57f531ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34787,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"03b502fd8ae202eb164b348749392720","sha1":"8a7d159d60afcfa936eb28f6dd84d8ab874133cf","sha256":"e202a06e4447b310dc039ed968aab2f0595ca77eb52ec246d24b0a80a536ac67","sha512":"c913bb469109b326a5aee7d5f9b51f8c5b5169acea815165055aade6d407d466c5f61dda2751b8fac2f622231045293889ab1186f1df03a34367f4f215cf232e","ssdeep":"768:UJ6cryUsoAvpvXGGH5JXDedDaICVrF+Ae197GHOISf8H1f/RtWGql60kp:06crZsocf3+/ISf8H1nRtWl60kp","tlshash":"89f2504e73ab172581eb20aa6f5f414a7238811b2c06d81c7cacd7c45f5993492fbfb9","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-05-26T09:02:56.893638Z","times_seen":886,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/utility/robot/2/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 22:26:15 GMT","end":"Wed, 25 Mar 2026 23:23:44 GMT"},"fingerprint":{"sha1":"05:E7:A3:19:D2:55:91:F8:B7:45:48:72:0B:86:C7:0C:2C:CA:27:03","sha256":"14:76:91:36:84:B6:CF:C4:0A:BA:6F:14:80:F9:C7:77:48:3B:08:A3:C8:48:DC:0F:F6:CE:86:72:BB:CC:0B:06"}}},"request":{"raw":"GET /sb/interstitial/utility/robot/2/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:02 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Sep 2025 08:17:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KAMGYZnxvsgjVPFxsbhZk3XtwjUtymGx2n7egZGGsSuYnN95TFL96quPs3JCelQ7YinzEXfZmsxDyNaxCgLgP1w25Jj7vg7aRr0kJHFUtA0%3D\"}]}\r\nage: 3950719\r\ncf-cache-status: HIT\r\netag: W/\"68ba9c9c-4ff\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6dc3ff5e0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-05-26T17:41:46.211441Z","times_seen":9343,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"35.156.32.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://filecrypt.cc\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1; expires=Fri, 04 Jan 2036 21:50:00 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"001b5c748138518a5a939511cd7025fa","sha1":"34c5bb287a9918b4716f2f4da8c7a3b9cf1f3126","sha256":"2cd3216ba5c29184e29536319f4c86a06d5bd39c18f5938b36121c29633673a5","sha512":"c850200ec7008dda195fd9c8de77ec609772a3bbc11cab02d9a860446cd2e6f0b12e9476703c7cd8addd8376c3671f7cb1186d54944d0c7845d14331a2429e52","ssdeep":"","tlshash":"b49004c1003114c1111c3c05454c1440c05c7f1c445dcd1104c150531c3d717cc340d0","first_seen":"2026-01-06T21:50:39.855295Z","last_seen":"2026-01-06T21:50:39.855295Z","times_seen":1,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":91,"dns":20,"connect":21,"send":0,"wait":21,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:36:36 GMT","end":"Sat, 28 Mar 2026 23:36:35 GMT"},"fingerprint":{"sha1":"0E:EE:1D:ED:80:5A:CA:0C:1E:93:89:94:78:B7:34:91:38:D4:89:51","sha256":"CF:77:1B:FB:04:67:32:02:DF:D9:38:24:27:3D:A5:98:54:0C:4D:BA:C5:1B:62:FD:C1:E1:17:57:6F:63:B3:BF"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7907cc5285ce9986d5bba858bca0cc90\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-26T17:41:46.196343Z","times_seen":17007,"resource_available":true,"data":null}},"time_used":158,"timings":{"blocked":46,"dns":0,"connect":20,"send":0,"wait":22,"receive":18,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/interstitial.php?r=9799278\u0026srs=f0b51ed31f00d144c668d22b56ef6989\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\u0026atv=74.0\u0026cbref=\u0026btp=0.01\u0026pblcz=9545986\u0026abtg=1\u0026adbv=3-cdn-js","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"104.21.78.155","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 23:08:46 GMT","end":"Sat, 07 Mar 2026 00:07:30 GMT"},"fingerprint":{"sha1":"D5:B9:71:11:A1:C5:BD:EA:60:68:49:87:01:4B:0B:CB:81:8B:FA:6C","sha256":"66:19:A7:E1:FD:B7:41:C7:AE:CB:33:20:81:70:04:52:48:C8:D0:0E:66:96:B3:F7:FE:B5:FC:10:FE:48:0A:44"}}},"request":{"raw":"GET /script/interstitial.php?r=9799278\u0026srs=f0b51ed31f00d144c668d22b56ef6989\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026cbpage=https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\u0026atv=74.0\u0026cbref=\u0026btp=0.01\u0026pblcz=9545986\u0026abtg=1\u0026adbv=3-cdn-js HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://filecrypt.cc/\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LzfjxVH1jmavq7R%2BeBXAzN3fjihGDcoIDycI9mm83J45ropDw2MQ4COJQBaVSMAxBW63z5J4deczA0AKV9h2PfCZshgnwxdZCgR4HGSnq39HX4A%3D\"}]}\r\ncf-ray: 9b9e6dbd2d5b723c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":1389,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"013a6a3f68713b6b41802454c3458025","sha1":"19832613dd7d6665f9c3a6f8e331a50c8507ffe0","sha256":"8fe3ca0a027d4035f0a59d6f9e817f232709a03ba4f36d4708c4fcc9550a14fd","sha512":"30eb8810b7e3aeb7945245aa4b4632e95c44d23b1af5d757aa140d3a6edaba0a4d8c1080d17f452fc72c43c1c65135b4ac771a29d37d8383d5b71e924e6b6d7e","ssdeep":"","tlshash":"7421b67d9dac985811a2f0ecc59ef6f81f4709b7b9843926949aecdd108d8983154ac3","first_seen":"2026-01-06T21:50:39.866557Z","last_seen":"2026-01-06T21:50:39.866557Z","times_seen":1,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":196,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F2%2Findex.html\u0026l=1611\u0026fd=524","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.709Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F2%2Findex.html\u0026l=1611\u0026fd=524 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:03 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":727,"timings":{"blocked":321,"dns":14,"connect":93,"send":0,"wait":95,"receive":0,"ssl":201},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 06 Jan 2026 19:22:36 GMT\r\nexpires: Wed, 06 Jan 2027 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 8847\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-26T18:19:09.702698Z","times_seen":850331,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/BR.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/BR.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gxqu2vpv7uVFjjxOLr4D5P53byoJhB9zpGxdqFWo82t9Vzw1ZSZaLpqvLfQWYWIESxBzDMtkIl02LEZJKZV4euf%2BQkXeieBrxeJHIQ%3D%3D\"}]}\r\netag: W/\"6836f090-153f\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db33ce41ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5439,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e1dbb4e549101e3a2f8a24798ecb446a","sha1":"6842325e0d4826c8b5db1d68639e3bb92caa0af0","sha256":"c6cc670b1ef888a56d76c65b7460df309342f310e4526b04d4cb71f392a80e35","sha512":"31f586f55e27d784382a75bf730c55fa8cb9aa9d2a52484ae4a2ef7d3e85484093690fc20aec891231cc747122ef77cf90da0e826fc83f2b07109aabeea36f5e","ssdeep":"96:kI+f67/lKIeYM1bLq6VR/9EemoZxxE0ojPTiDaV:u6duLX6oZxxE0oyk","tlshash":"66b12e46d72eead18dd415f4de7926c3333185aa4ba2c688a35f181f7007eb1079cbe8","first_seen":"2024-08-20T13:51:14.290117Z","last_seen":"2026-05-26T09:02:56.870535Z","times_seen":154,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/cdn-cgi/challenge-platform/h/b/scripts/jsd/88d68f5d5ea3/main.js?","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/88d68f5d5ea3/main.js? HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US; dom3ic8zudi28v8lr6fgphwffqoz0j6c=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-encoding: br\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=0mgBr23VAA1nMV5A1%2BWmV3c3W%2FdNtGvZ9p6psTdF%2Bb8MuchHzyGoZF%2BiPWUR0etJ3bhQuclpO%2BuzAt1YlwVg57m9o306LKEi%2FrTm%2BtaSgROu859Tk3kmWPqw9PReCiM%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9b9e6dbb4d621ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=QUIC\u0026rtt=1166\u0026min_rtt=638\u0026rtt_var=355\u0026sent=1238\u0026recv=148\u0026lost=0\u0026retrans=1\u0026sent_bytes=1371873\u0026recv_bytes=20087\u0026delivery_rate=66476557\u0026cwnd=254400\u0026unsent_bytes=0\u0026cid=c2f128981e99902c\u0026ts=1473\u0026x=1\", cfExtPri, cfHdrFlush;dur=0\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10529,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10529), with no line terminators","md5":"a7862229697f6d2b4c20be95f44beb37","sha1":"f05b4208678efac86d8e9073d5b43d6e981244c4","sha256":"4eaa4fc2af7463f437c2a9ae8c5d3de4171b47fda3d17a8ce99314124410c0fe","sha512":"f010a7d090e7545c70c252c7bbf7884ca9fb8569b1064f202e7695cf03f63bec0f64774c4e412293cdd078407c01ddc0afcbb829fc8384208229acfbece895c1","ssdeep":"192:SQbXAO1AwHQFiwabK2hehuazGcJYIWhiP5qB64QMlmGSbxUr8zf:fbwO1xwabFhehuGGT7ixu3QFqwzf","tlshash":"3c22e78f3f707d864550adc214b7b8cf348d8d2958c265068d03ace43f6ba55a7a7fa4","first_seen":"2026-01-06T21:44:27.102156Z","last_seen":"2026-01-06T21:51:57.81213Z","times_seen":3,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/ID.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/ID.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qt6MZWIrGD%2B%2BiwQtcfH4TSwDmn8T9oRLzPfZLEvXsEOqa64px5ARbt2%2B7aY2guw%2FzAaSjIclsz3v0jho2EjvvlGLxhEKAyaTTxEa9w%3D%3D\"}]}\r\netag: W/\"6836f090-317\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db33ce91ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":791,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b6b137334979d0d31a08411a2246b5ce","sha1":"7f537e074bdf227132213e209cca8328a02f24f2","sha256":"1a8862c6eaa0039c284716be60350d245ac0e9a4bf1bc9ea1228d570f651764e","sha512":"9d2ab8402a30497296bacc3088842a6e09e40fdf535282019dc483919fa4a90229517b6db520e20079f0a0ec6c7f67ee304a0d041b4f5f7966446540ee12c410","ssdeep":"","tlshash":"6301f5c4a9434c6b3970eaf1eb78a7be533213b45ed4e598735b356f305240315c55e8","first_seen":"2025-08-29T11:09:50.001261Z","last_seen":"2026-05-26T09:02:56.86327Z","times_seen":128,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/surething.php","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /surething.php HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-store, no-cache, must-revalidate\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\npragma: no-cache\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GPGbHNA6JbSnIQzefrs27nuOAz8Q1F7Alk12%2FvN47TfKyW1SiOtigrVeyE42kNJcqfes5a3xU8kERa0fli2sf7wZ%2F9qWVjRUggxEpQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db6d8c71ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"35.156.32.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nCookie: uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://filecrypt.cc\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"001b5c748138518a5a939511cd7025fa","sha1":"34c5bb287a9918b4716f2f4da8c7a3b9cf1f3126","sha256":"2cd3216ba5c29184e29536319f4c86a06d5bd39c18f5938b36121c29633673a5","sha512":"c850200ec7008dda195fd9c8de77ec609772a3bbc11cab02d9a860446cd2e6f0b12e9476703c7cd8addd8376c3671f7cb1186d54944d0c7845d14331a2429e52","ssdeep":"","tlshash":"b49004c1003114c1111c3c05454c1440c05c7f1c445dcd1104c150531c3d717cc340d0","first_seen":"2026-01-06T21:50:39.855295Z","last_seen":"2026-01-06T21:50:39.855295Z","times_seen":1,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.7427018039615836\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"172.67.186.11","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.548Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 10 Dec 2025 12:57:52 GMT","end":"Tue, 10 Mar 2026 13:56:16 GMT"},"fingerprint":{"sha1":"77:2A:71:0C:1C:F9:2B:14:04:DB:13:5F:A6:57:67:6D:B3:A9:A0:95","sha256":"E0:53:FF:DF:EC:31:75:79:08:DF:B9:B1:56:18:5A:48:15:62:EF:8B:BB:4C:1B:05:1C:E8:DD:3F:0C:A4:80:41"}}},"request":{"raw":"POST /ut/hb.php?cb=0.7427018039615836\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 1427\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1427,"data":"{\"clientHints\":{},\"isScrollable\":0,\"totalClicks\":0,\"sessionLength\":0,\"ippMissclicks\":0,\"visible\":1,\"caught\":0,\"lastevent\":0,\"isFullscreen\":0,\"isTabFocused\":1,\"eventImps\":0,\"retryCounts\":0,\"isScrolled\":0,\"isMouseMoved\":0,\"pagePercentageSeen\":100,\"belowTheFoldSeen\":100,\"touchEnd\":0,\"touchMove\":0,\"clicksByType\":{\"idle\":0,\"input\":0,\"video\":0,\"button\":0,\"link\":0,\"img\":0},\"browsingTopics\":[],\"ufp\":\"Win32/Mozilla/Netscape/true/false/1280x10240en-USunknown4824 bits\",\"sessionStartTime\":1767736201,\"sessionId\":\"f0b51ed31f00d144c668d22b56ef6989\",\"timeZoneOffset\":0,\"zones\":[],\"pUrl\":\"https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\",\"pReferrer\":\"\",\"pTitle\":\"Filecrypt\",\"pDescription\":\"\",\"pKeywords\":\"\",\"pHasIframes\":2,\"pWidth\":1280,\"pHeight\":1024,\"vWidth\":1280,\"vHeight\":1024,\"inIframe\":0,\"bsd\":\"eyJwcm9iYWJpbGl0eSI6MC4wMSwicGVyU2lnbmFsIjp7ImlzV2ViRHJpdmVyUHJlc2VudCI6MCwiaXNDRFBEZXRlY3RlZCI6MCwiYXV0b21hdGVkQnJvd3Nlckdsb2JhbHMiOjAsImlzV2luZG93Q0RDIjowLCJkb2VzVUFDb250YWluSGVhZGxlc3NLZXl3b3JkIjowLCJpc0ZpcmVmb3hNaXNtYXRjaCI6MCwiaW5jb25zaXN0ZW5jaWVzIjowLCJpc0Nocm9tZUZvclRlc3RpbmciOjAsImRldGVjdENTU0Fub21hbGllcyI6MCwiaXNIZWFkbGVzc1Blcm1pc3Npb25NYXRjaGVkIjowLCJkZXRlY3RMb2NhbFN0b3JhZ2UiOjAsIm5vUGx1Z2luc1ByZXNlbnQiOjAsIm1pc3NpbmdXZWJSVEMiOjAsIm1pc3NpbmdBdWRpb1ZpZGVvIjowLCJtaXNzaW5nQ2FudmFzIjowLCJtb3VzZU1vdmVTY29yZSI6MCwiY2VudGVyZWRDbGlja1BlcmNlbnRhZ2UiOjAsInNjcm9sbFN1c3BpY2lvdXNTY29yZSI6MH19\",\"sentTimestamp\":1767736201452}"}},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FGkSEIQ32joxN4StN1ktEmGO3I5u%2F2FTe8%2BVtgPfp7oX0e5V7pihP65xFygSxWzArQm9gSDKIimrlOKBtgS70bX3tt34Fp6hQ9zT\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e6dbbd8520b41-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":210,"timings":{"blocked":24,"dns":12,"connect":1,"send":0,"wait":155,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/fonts/Montserrat-normal-100_900-latin-ext.woff2?v=bf88d714","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /fonts/Montserrat-normal-100_900-latin-ext.woff2?v=bf88d714 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 70828\r\naccept-ranges: bytes\r\netag: \"687cf109-114ac\"\r\nlast-modified: Sun, 20 Jul 2025 13:37:13 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6kwQayDTLqaaMHIuhPvE04s5FS8IElzSBnKczuNkYWLvwE%2F2mpyoISPW2jl1BUtH1%2FC3K%2FV99Hyyhz8V2KK2cqjj3ngfWWfMw3pvIw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9b9e6db31cb11ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":70828,"size_decoded":0,"mime_type":"application/octet-stream","magic":"Web Open Font Format (Version 2), TrueType, length 70828, version 1.0","md5":"acd7cf75ffdc5bcc208dd01ee857ca54","sha1":"07ee998bf88d714357b7cd7c825a4f0181d2e595","sha256":"04d8c7b1d7f460e84057c514b3ba913bd0b86917dd036ab9a05bda8e6f911f41","sha512":"2304fa8fcda642fea6b0c4ae720ec240fea476a3b61197b430e73cd0ade46cc7e12719ffa3e5ad5a36c2c0bef26df9f99a0c1af921b63bd634085daf3311620a","ssdeep":"1536:zLejXdrhuXIzL+prOZX44+ikpX/W4BOYQVfsKcgkWEu9:HMdoX8+c1R4/X4cgkM9","tlshash":"c663023ac9ca46b4fa7063727d3176887e560f40fce4f8961872a5e0b42a46825ef6d1","first_seen":"2025-06-05T10:09:29.861015Z","last_seen":"2026-05-26T16:30:47.74802Z","times_seen":531,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":92,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:36:36 GMT","end":"Sat, 28 Mar 2026 23:36:35 GMT"},"fingerprint":{"sha1":"0E:EE:1D:ED:80:5A:CA:0C:1E:93:89:94:78:B7:34:91:38:D4:89:51","sha256":"CF:77:1B:FB:04:67:32:02:DF:D9:38:24:27:3D:A5:98:54:0C:4D:BA:C5:1B:62:FD:C1:E1:17:57:6F:63:B3:BF"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:01 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9ca677c1a870d34afb02be7ef34fb5c6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-05-26T17:41:46.196343Z","times_seen":17007,"resource_available":true,"data":null}},"time_used":156,"timings":{"blocked":44,"dns":0,"connect":18,"send":0,"wait":23,"receive":19,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/impr.gif?sid=H4sIAAAAAAAC_1STv28cRRvHZxO_bwFCCIKgobiCAhA-z-7O7s6QAmFCUERIrCQoBUoxPy-D93aWnd1b21XAEgoUyHTQrZ9zYgFRBBItKDrTRULK0cSFLST4BxBSanTOSYaneJ7vM58pvs_omU-3m0MUQ8P3V95zGzbP-VLSx72Xr9pCudb3LlzphbiPT_eu2iIlp3trs1SNXg9j0sev9N7RctUtRTjEOMRh76yttHFrS0cUbHmHhX2G-yTqhwmBteq_vW8C8DwANTpEz4JV06f_MB-AlRMoht-f0X61duVrbw-bnNeugpHafb9YLVxbwPBYmioAU-zOb4PzU4S-OgGu2J1PAG60M5sAhJ2iE88fgCh25zZBjG49dipy0AUI9SS0ownofA8sn4B0m2DVAwQgFVy4CMXw9gVXtXz9MeUzOkULj_4G207RwsFzUAzvLud2rXfZ5U1tXeFhzXRg1yZgBxMomz2oNwKw7R7I-hOw6le09Og8FMOdiz53YNX-S1lCpUlUshgSgxcJjvEil0osGiVoLFKZJcocPZE1E-D-BDQ-gMYG0JgAmjKAodrvEUyJDHmcGqZkhgknRGmBGY0w5kxm0MiPwaotkNUNKKsbsGq_fPC_36Fq7oG_vv-jFFEaKRyLNDGM6lTL0LAIM8VJnEVpHMVMpxkzhJHMME2NIEmkDTU65ipkIeNJlnAV6oiwhLGQs5TEgiuCjcKEhpIarrNYcBozbeKMpoYSzjUNsyzJkoRRE4cpV5KFKaeCZoqHnGvBMk2MyogyPEloxCQljEWUpTKi4FUAvkYwUh20GkHrEbQcQWsRtDWCdtTdUrmPfHdb5b4R4bxG8xp3Y1cPtvktVw90gYBXW1CpbseWH_lNkPXJ8YbxauxmiYu6G3Ohuu3yED1ztAYPD1JY1fs9rgk1WGQZVhGOkyRhIYkkplxLRbGKwdsOrF8A7gPYsFMUPLUCpZ0i9OcABN8Dn--BtC8Cb14A3o6ziAK_DgzDRnHH2FzLar2s-1KCch2U9QLU68F2fohOjS9dWb535OXawy9Ay_toHiCrDsqqgw_tLwgG-c3xJdeinUuu9eiHi2Vth3aDz9b1cs1r_f9v39XrravUuTN-65s35QzM5J0r2tfneaFsMfDou2WrlK7Oukpq9NM5f1WLlcZfX26qoinPr7x19tywrLT31hUT4HaKnvjrc5B2ik79_PXRV0xevQuyvAG-PPbpHQJRIsgtglwfn3PRgf9XL471tr8JgyoAXm9CMexgVHUwyjvg-Rb45uS4Lqv7b_wWHwWIPBiLvEI7Iq9m3O73TKwjiTHN0jCmRocxUdIklDCVchzHGmo_tdc2P_snAAD__xqSdOYoBQAA","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STv28cRRvHZxO_bwFCCIKgobiCAhA-z-7O7s6QAmFCUERIrCQoBUoxPy-D93aWnd1b21XAEgoUyHTQrZ9zYgFRBBItKDrTRULK0cSFLST4BxBSanTOSYaneJ7vM58pvs_omU-3m0MUQ8P3V95zGzbP-VLSx72Xr9pCudb3LlzphbiPT_eu2iIlp3trs1SNXg9j0sev9N7RctUtRTjEOMRh76yttHFrS0cUbHmHhX2G-yTqhwmBteq_vW8C8DwANTpEz4JV06f_MB-AlRMoht-f0X61duVrbw-bnNeugpHafb9YLVxbwPBYmioAU-zOb4PzU4S-OgGu2J1PAG60M5sAhJ2iE88fgCh25zZBjG49dipy0AUI9SS0ownofA8sn4B0m2DVAwQgFVy4CMXw9gVXtXz9MeUzOkULj_4G207RwsFzUAzvLud2rXfZ5U1tXeFhzXRg1yZgBxMomz2oNwKw7R7I-hOw6le09Og8FMOdiz53YNX-S1lCpUlUshgSgxcJjvEil0osGiVoLFKZJcocPZE1E-D-BDQ-gMYG0JgAmjKAodrvEUyJDHmcGqZkhgknRGmBGY0w5kxm0MiPwaotkNUNKKsbsGq_fPC_36Fq7oG_vv-jFFEaKRyLNDGM6lTL0LAIM8VJnEVpHMVMpxkzhJHMME2NIEmkDTU65ipkIeNJlnAV6oiwhLGQs5TEgiuCjcKEhpIarrNYcBozbeKMpoYSzjUNsyzJkoRRE4cpV5KFKaeCZoqHnGvBMk2MyogyPEloxCQljEWUpTKi4FUAvkYwUh20GkHrEbQcQWsRtDWCdtTdUrmPfHdb5b4R4bxG8xp3Y1cPtvktVw90gYBXW1CpbseWH_lNkPXJ8YbxauxmiYu6G3Ohuu3yED1ztAYPD1JY1fs9rgk1WGQZVhGOkyRhIYkkplxLRbGKwdsOrF8A7gPYsFMUPLUCpZ0i9OcABN8Dn--BtC8Cb14A3o6ziAK_DgzDRnHH2FzLar2s-1KCch2U9QLU68F2fohOjS9dWb535OXawy9Ay_toHiCrDsqqgw_tLwgG-c3xJdeinUuu9eiHi2Vth3aDz9b1cs1r_f9v39XrravUuTN-65s35QzM5J0r2tfneaFsMfDou2WrlK7Oukpq9NM5f1WLlcZfX26qoinPr7x19tywrLT31hUT4HaKnvjrc5B2ik79_PXRV0xevQuyvAG-PPbpHQJRIsgtglwfn3PRgf9XL471tr8JgyoAXm9CMexgVHUwyjvg-Rb45uS4Lqv7b_wWHwWIPBiLvEI7Iq9m3O73TKwjiTHN0jCmRocxUdIklDCVchzHGmo_tdc2P_snAAD__xqSdOYoBQAA HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDIxMjQwNiwiayI6ImFlNDhmMGI3NzBkMjAzNTU1OTE0MmMwOGFlY2Q4MGQzIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo2ODk0NCwicGlkIjo1ODQ3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7IjI4IjoiNjM5MjFkNzY2MTdjZDZmOWEwNWY0YWJiNTM3YTljMmYiLCIyOSI6ImFkMzI3M2I2MGE3NGQ3MWQwNGI2ZjJhNTNlNjMwZmUzIiwiNDciOiIxMDI3Zjk3ZGVlNzI3YmQwMWY4NTdiYTIyYmRiMzFkOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyLzYyOTg3RkIyQUEuaHRtbCIsInR6IjoxLCJhciI6W119fQ.ZpUXF_94tW4Hat1JtoElJQMCgEvsIbYAl4KvhEohXq8; uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl14212406=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:02 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7a4b091b4a74013532454195432fa839\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/ren.gif?sid=H4sIAAAAAAAC_1RTP2wcxReeddL99BMCIipAi0RBJHzef7d3lxQRJgRFhMQkRi4QIrMzs-fh9naWmd3b81UBK1FEZTrKve_ONn-sCLo0oOhMZwmJo3IRN9BRIqVGdz7J8Ir373vF971582BYnBAfBT1ee18NZJLQlXrNsd_YkClXpbFvrtuuU3Mu2xsyDYPLdn_mdO-S6wc156L9rmAdteI5ruO4jmtfk1rEqr8yRyGzg5Zbazm1wKu59QB9_d_aFEsw1ALvnZAXIPn0uT_ijyDZBGn3h6vCdHKVvflOt0horjR6fP_DtJOqMkX3LI21hTjdX0xDmSkhXy9BpfsLBVC98UwBIjklSy89RZTuL2gi6u2eMo0SiBQR_x_K3gQimUDSCZjahuS_EYBx3LyFtLt3U-mSbp2idIZOyflnf0OWU3L-6QWk3Ueriezbd1RS5FKlBv24guxPINsTZMUh8oEFWR6C5V9A8l_JyrMbSLvjWyZRkPz49Ua9yeI6ry-7QewsB47vLFPGo-WYR00_ClmjzuP5imQ8ATVLKIyFQlooYgtFZqHLj-3AaQbMpX4YtzhrOAENAi4ip9X0HIe2WAMF-xyS74Dp-3tFyoznD92D4pMscQPP9QInHLp7Gd_MO71xrgsxns0M3W9OW54_byLT99CRO9DFE5jNCoZbMDlBj1coBUFpCEpKUEqCMicoe9UuT4xnqj2emCJyF9FbRL8aqbw9pLsqb4uUgOodaF6NZfaZ2QbLz40GseEjNXM0yqsRjXg1zE7I87N3sIZ3u-iIY5ty32v4UejQRsAbLneCKIw9WvdF6Dux8GFkBWmWQI2FgZwS6_9ryOSUkD_biOghTHIIJl8GLV4BLSvQzQqD9CCWiWB6K8trjIGrCll-HvmWNUxOyIuj2-urT-bncJdchGBHVx49_uCv-68-BtMVMl3hU_kLQTt5OLqtSjK-rUpDfryV5bIrB3R2Kndymotz370ntkql-fWrZufbt9gMmKUH68LkN2jKZdo25PtVybnQ15Rmgvx03WyIaK0wm6uFTovsxtrb1653My2MkSqdgM4UXvoZTE7Jhc3X5t8gfGCDZfdgsjOeRhFEmYVEEiTiiCwMNKpg_lVHZ_nQPERbW6D5NtJuhZ6u0Esq0GQHpjg3yjN9dOV3f26IEmsUJdoaR4lOvjrdk5HHdt2L_LDZDEUc8tjnvufzVt0RrYC2wqAV1JGbqfx4-8t_AgAA__-762tVqQQAAA==","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RTP2wcxReeddL99BMCIipAi0RBJHzef7d3lxQRJgRFhMQkRi4QIrMzs-fh9naWmd3b81UBK1FEZTrKve_ONn-sCLo0oOhMZwmJo3IRN9BRIqVGdz7J8Ir373vF971582BYnBAfBT1ee18NZJLQlXrNsd_YkClXpbFvrtuuU3Mu2xsyDYPLdn_mdO-S6wc156L9rmAdteI5ruO4jmtfk1rEqr8yRyGzg5Zbazm1wKu59QB9_d_aFEsw1ALvnZAXIPn0uT_ijyDZBGn3h6vCdHKVvflOt0horjR6fP_DtJOqMkX3LI21hTjdX0xDmSkhXy9BpfsLBVC98UwBIjklSy89RZTuL2gi6u2eMo0SiBQR_x_K3gQimUDSCZjahuS_EYBx3LyFtLt3U-mSbp2idIZOyflnf0OWU3L-6QWk3Ueriezbd1RS5FKlBv24guxPINsTZMUh8oEFWR6C5V9A8l_JyrMbSLvjWyZRkPz49Ua9yeI6ry-7QewsB47vLFPGo-WYR00_ClmjzuP5imQ8ATVLKIyFQlooYgtFZqHLj-3AaQbMpX4YtzhrOAENAi4ip9X0HIe2WAMF-xyS74Dp-3tFyoznD92D4pMscQPP9QInHLp7Gd_MO71xrgsxns0M3W9OW54_byLT99CRO9DFE5jNCoZbMDlBj1coBUFpCEpKUEqCMicoe9UuT4xnqj2emCJyF9FbRL8aqbw9pLsqb4uUgOodaF6NZfaZ2QbLz40GseEjNXM0yqsRjXg1zE7I87N3sIZ3u-iIY5ty32v4UejQRsAbLneCKIw9WvdF6Dux8GFkBWmWQI2FgZwS6_9ryOSUkD_biOghTHIIJl8GLV4BLSvQzQqD9CCWiWB6K8trjIGrCll-HvmWNUxOyIuj2-urT-bncJdchGBHVx49_uCv-68-BtMVMl3hU_kLQTt5OLqtSjK-rUpDfryV5bIrB3R2Kndymotz370ntkql-fWrZufbt9gMmKUH68LkN2jKZdo25PtVybnQ15Rmgvx03WyIaK0wm6uFTovsxtrb1653My2MkSqdgM4UXvoZTE7Jhc3X5t8gfGCDZfdgsjOeRhFEmYVEEiTiiCwMNKpg_lVHZ_nQPERbW6D5NtJuhZ6u0Esq0GQHpjg3yjN9dOV3f26IEmsUJdoaR4lOvjrdk5HHdt2L_LDZDEUc8tjnvufzVt0RrYC2wqAV1JGbqfx4-8t_AgAA__-762tVqQQAAA== HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDIxMjQwNiwiayI6ImFlNDhmMGI3NzBkMjAzNTU1OTE0MmMwOGFlY2Q4MGQzIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo2ODk0NCwicGlkIjo1ODQ3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7IjI4IjoiNjM5MjFkNzY2MTdjZDZmOWEwNWY0YWJiNTM3YTljMmYiLCIyOSI6ImFkMzI3M2I2MGE3NGQ3MWQwNGI2ZjJhNTNlNjMwZmUzIiwiNDciOiIxMDI3Zjk3ZGVlNzI3YmQwMWY4NTdiYTIyYmRiMzFkOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyLzYyOTg3RkIyQUEuaHRtbCIsInR6IjoxLCJhciI6W119fQ.ZpUXF_94tW4Hat1JtoElJQMCgEvsIbYAl4KvhEohXq8; uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1; pdhtkv=true; uncs=2; pdhtkv23=true; uncs23=1; u_pl14212406=1; pdhtkv29=true; uncs29=1; u_pl27353197=1; slecad3273b60a74d71d04b6f2a53e630fe3=[6291497]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:02 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ee50ace0e84583ec1769ec5df90beb4b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/container/link.js?v=eadcad74\u00269823982","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.213Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /js/container/link.js?v=eadcad74\u00269823982 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Wed, 28 May 2025 12:34:46 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uJUWPUBqSqtEDEwHlwl5snMeC1lFCmqZIe4RwUQ7aP4KYOdEVzXHIBfXcRmZiyRWFicj13Kd89ylWTF%2F4AOPKhNQR7MbBeUxt3sQSg%3D%3D\"}]}\r\netag: W/\"683702e6-6c6\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cc41ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1734,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"1d913ea989677461815382d6d7aeb099","sha1":"d36489deadcad74e91d4d1e54901ac47d6a3232b","sha256":"d4a31c31c4d3a1f465e3ba595239a79203ade8966ef9bf1a4ba179b7382a8b02","sha512":"3df651599569659dd9ff65e159694cd456ae0907b3e102036506a90a08b9b897f254d0a87cb0e358e6ab973b6c684e9bf4da7f623f0fba7bf428370103ec5d8d","ssdeep":"","tlshash":"d2312f2b7c50116201535a215f5eb92ebf26d82641a8ce40b7f001d6dfe2f761d2edcd","first_seen":"2025-07-03T09:52:25.318204Z","last_seen":"2026-05-26T09:02:56.859273Z","times_seen":181,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/CZ.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/CZ.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xmopJxa2FWih%2FRps8vyZ3bfOx4YyiFKwVUraIXEzlkYzvwVt6OlN0LvVSyA2L9goDtbBn3jvuCKD%2FCkd0fdi9DryOVd8RT77Z5kX4Q%3D%3D\"}]}\r\netag: W/\"6836f090-3d0\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db33cdf1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":976,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fa1e7dc1a63698a383eaac5f21e46468","sha1":"189e4183fd313fe1708e9ab76d9d38b7e4d5e68a","sha256":"e6a8a05506df943e748603b6970f9de5399ba7569002c1ab0e01d0f31ca7c520","sha512":"462b4b77c672129df3ecd0c883b577d908dcfc3fbb781d728852c14134827780f948c68fa58c6da174c0acd9b5deb9d0a59ea9bc48ad888925267087dcdfd95b","ssdeep":"","tlshash":"ea115be6c5839c276971bab0d7b5796e137213708fd1e454a327393f358606205c6ae4","first_seen":"2025-07-29T23:13:50.423588Z","last_seen":"2026-05-26T09:02:56.856711Z","times_seen":157,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:02.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 06 Jan 2026 21:50:03 GMT\r\ndate: Tue, 06 Jan 2026 21:50:03 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"1f04e9e49d52374a409de4887e47180d","sha1":"8fee2f920567a574448d1aa6565c95951b68f9b5","sha256":"10cf0680b9dc5b310d265479bcebc5b380474bf2e8da9361cf8be458d183994e","sha512":"5fde8f721343e9c6254229e791ed64d6b47f28fad7690f7c83fa8c29e3112d0974f65ae0c63f09acd3e026dcb56c4de3fe0ffe37c464eb326b0495aa6c03b31c","ssdeep":"384:pKf5KgKPKrKyUK/qY4+K4KYKpKfMK1KWK6KyhK/qY4XKNKtK4KfdKkKDK3KyQK/9:pCJmwBUiRDfMTcfFBhiEymdmtC0BQiVb","tlshash":"df7210a1041750009b834ce223cebf35fe1f52117152d0b5abfdab6b9dcbc66526939d","first_seen":"2025-11-19T00:20:32.486705Z","last_seen":"2026-04-15T20:27:38.048842Z","times_seen":6026,"resource_available":false,"data":null}},"time_used":294,"timings":{"blocked":134,"dns":1,"connect":9,"send":0,"wait":22,"receive":0,"ssl":125},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 06 Jan 2026 19:22:36 GMT\r\nexpires: Wed, 06 Jan 2027 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 8847\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-05-26T18:19:09.702698Z","times_seen":850331,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":8,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/JP.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/JP.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VlT1I72joDQ%2B77TWvZgHowARTQdosBx%2BI4GKsDGviOpE%2BrAkJcDc9r%2BQtiWzKufjNProJmuxWRm%2Fe6XZTphZTffenS3qXkkRQRaOQw%3D%3D\"}]}\r\netag: W/\"6836f090-333\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cd81ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":819,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef619e2b56c0bfa1f185ac0ccadd02a3","sha1":"8bc8463f6131d5d196cb767eafce5e0280c05743","sha256":"ca0e98d1ac3283f7e21666c8c50b1a6fe1f4a73e897df3bb6a94838e56ab7162","sha512":"95fd642e2b724b18879a3d5a7612e6eaf4403315af1796a3746b5e2d00d10c13d17634ed56fc126091cfd1647958a956a98c90c60fc72f7725a2c67e979b5af6","ssdeep":"","tlshash":"d00145d491874c2f2830eaf0db78a6ae572203b45fd2e588b32b356f340200311c19e8","first_seen":"2024-08-20T13:51:14.323563Z","last_seen":"2026-05-26T09:02:56.874677Z","times_seen":154,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kettledroopingcontinuation.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F2%2Fjs%2Fscript.js\u0026l=10925\u0026fd=650","fqdn":"kettledroopingcontinuation.com","domain":"kettledroopingcontinuation.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:03.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"kettledroopingcontinuation.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 21:42:11 GMT","end":"Wed, 25 Mar 2026 21:42:10 GMT"},"fingerprint":{"sha1":"DD:BF:7F:13:B7:AA:5E:41:65:09:9E:F1:FE:42:C4:9A:00:0B:F4:E6","sha256":"FE:3B:B4:EE:8B:60:30:E2:9F:CB:E9:E2:06:C0:A4:2E:FF:35:D3:22:85:14:1C:B8:13:CD:72:FB:EA:5C:E9:98"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Futility%2Frobot%2F2%2Fjs%2Fscript.js\u0026l=10925\u0026fd=650 HTTP/1.1\r\nHost: kettledroopingcontinuation.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:03 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: kettledroopingcontinuation.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":94,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"kettledroopingcontinuation.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/63/92/1d/63921d76617cd6f9a05f4abb537a9c2f.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /63/92/1d/63921d76617cd6f9a05f4abb537a9c2f.js HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:01 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 40055\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 2d67036926b5b09e7438ddead9be87af\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":111912,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"62c22c27f0675936e2c7038522978799","sha1":"ed1ccf944d3a0d9b746fcaf62bb0534047b51cac","sha256":"9e3fb08e3a56a91c889020364f5d035bf1fc6a1c6456cef652ffd17be53d93b4","sha512":"d2744881141cfcc165a0717ec8d9ce266cd0c221150117c4ce9bf81714e5788b61cfd47d054d27a608408357add0b6ab2b3a992e4ea21d9af302ff9c15eaf829","ssdeep":"1536:Td3V/gVqfRjblFEvzOc+NxPXLZC8kvRQGntv7p4WKM4OLAZVCAFhuEQYX:8qJjblF2zOnC1JQGntTpU5oYX","tlshash":"7db3d9987f01b05c07de703b252fb71bf55a1e59298cd6d4e107f8ab1a9c70be83a612","first_seen":"2026-01-06T21:50:39.873427Z","last_seen":"2026-01-06T21:50:39.873427Z","times_seen":1,"resource_available":true,"data":null}},"time_used":808,"timings":{"blocked":307,"dns":27,"connect":93,"send":0,"wait":98,"receive":93,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/favicon.ico?v=3c50dfbb","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /favicon.ico?v=3c50dfbb HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:01 GMT\r\ncontent-type: image/x-icon\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Fri, 11 Jul 2025 18:00:46 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SFL2UCHKBDUinA1hUsngkNUyOZIsuOaBAxr%2Ffs7eFjMNduJQcZF02XITmS9iRR8LJQb1VWEjMLKiIf%2BpER5Oy%2FHg7V%2Fp%2FOGt8Y80NQ%3D%3D\"}]}\r\netag: W/\"6871514e-47e\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6dba1c3f1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"58f2b1136696cfffdb7995c4c9ad82ad","sha1":"455bcfe3c50dfbb02e65258228df5f6413b04a10","sha256":"459e4e89c57133ab4adc9657c18d10dcf8f7a97e3f7479c46c86bd46f09745f7","sha512":"639e3c0ce20fd46da9ea35689bad3dd3b19083843a50d64832e7605ee25849803de249064c24c2b98a74851b56d57dee5c8eba69d403153b81c1801d9340381f","ssdeep":"","tlshash":"4a21af06d3e34ca9c9ffd339f108da0e5c85769896349825b2e50ce32ceac1a994d378","first_seen":"2023-04-08T13:26:58Z","last_seen":"2026-05-26T09:02:56.890655Z","times_seen":611,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/sbar.json?key=ad3273b60a74d71d04b6f2a53e630fe3\u0026uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /sbar.json?key=ad3273b60a74d71d04b6f2a53e630fe3\u0026uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDIxMjQwNiwiayI6ImFlNDhmMGI3NzBkMjAzNTU1OTE0MmMwOGFlY2Q4MGQzIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo2ODk0NCwicGlkIjo1ODQ3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7IjI4IjoiNjM5MjFkNzY2MTdjZDZmOWEwNWY0YWJiNTM3YTljMmYiLCIyOSI6ImFkMzI3M2I2MGE3NGQ3MWQwNGI2ZjJhNTNlNjMwZmUzIiwiNDciOiIxMDI3Zjk3ZGVlNzI3YmQwMWY4NTdiYTIyYmRiMzFkOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyLzYyOTg3RkIyQUEuaHRtbCIsInR6IjoxLCJhciI6W119fQ.ZpUXF_94tW4Hat1JtoElJQMCgEvsIbYAl4KvhEohXq8; uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl14212406=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:02 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 5810\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://filecrypt.cc\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1; expires=Tue, 13 Jan 2026 21:50:01 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Wed, 07 Jan 2026 21:50:02 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Wed, 07 Jan 2026 21:50:02 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Wed, 07 Jan 2026 21:50:02 GMT; path=/; secure; SameSite=None\nu_pl27353197=1; expires=Wed, 07 Jan 2026 21:50:02 GMT; path=/; secure; SameSite=None\nslecad3273b60a74d71d04b6f2a53e630fe3=[6291497]; expires=Tue, 06 Jan 2026 21:50:07 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 114\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8353b7de00ccf8a46ff46683f7dd9718\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5785,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"a9f609341148f34f1a7579abc39adaf3","sha1":"120bdd71c3e8be61b48ca4310d343e7a4ac5acaf","sha256":"a53b3c47485d6f2631fd0cfc48d499f3a4a1a7d4ea6c4391b62ab6d90604205e","sha512":"2ebc303115d69addc8b2132a4bb46d452be88597be50d1c64a9cf7667c7c6aa7935dfb8579b20e9ff52583110dbf7507bf3373c261d8a5cea99ca56492441fc3","ssdeep":"96:9bG0SwyrKHEbokFykhu10RhKT959qsKqrr3dv2v65tOdTeE+hs:9lkckFykoohoUrql2v6//E+hs","tlshash":"fbc17d3210f773204de34c18ca172ced4f629c96abd8c08da956871fab9b18b5f4e615","first_seen":"2026-01-06T21:50:39.874723Z","last_seen":"2026-01-06T21:50:39.874723Z","times_seen":1,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":211,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/bframe?hl=en\u0026v=7gg7H51Q-naNfhmCP3_R47ho\u0026k=6LcrmP8SAAAAAKa2tsM9xcOAuKaUKRrkBamt_c6q\u0026bft=0dAFcWeA5avpm1ZGxWZiYHhvxSvbQbDsNZs5s_EbSLThSD8o-BWTp5yv2CI9_06QcJEauo5dVhOQyEHMp0WbKCsp2xZG35YSB78g","date":"2026-01-06T21:50:03.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"21:10:1E:48:79:6B:E7:49:AB:BB:0E:38:86:C8:4D:74:7B:42:EE:BB","sha256":"0A:58:99:06:D8:BC:1C:BD:3E:CE:EF:7D:D6:D2:50:2D:1E:DE:8F:87:97:56:72:B9:3F:21:88:AC:79:3A:75:03"}}},"request":{"raw":"GET /recaptcha/releases/7gg7H51Q-naNfhmCP3_R47ho/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 362552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 06 Jan 2026 09:14:45 GMT\r\nexpires: Wed, 06 Jan 2027 09:14:45 GMT\r\ncache-control: public, max-age=31536000\r\nage: 45318\r\nlast-modified: Mon, 08 Dec 2025 05:00:52 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":849529,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"ca956219876073e2f13e8fd63f0b9d26","sha1":"230a172e1fcf2036687131567200dee5fd200a09","sha256":"392c00d030e58635abc9339f903f23a2ebf2cc0ac6371363105549689dfe0206","sha512":"4bbbd3cd9f929185245ca260e7a2521763d3d90b47bbb1d1205819b40b84918e552d482ad8db91c9258e2504891a91efa190041d210c5290c63f38014adbf53c","ssdeep":"6144:QmhF4MqL/nL5k0wmjxRqyFF83/p50YFqrnMI74ggRLXal17bRc0wMwVmbIyWHVEI:zlqT1qyOEnMKabwBRIm0Epzax4XssBQ","tlshash":"040528d8b15278a2a332f4f14467241da77f966ed4084d1df29899f03fb4409a0bbeb7","first_seen":"2025-12-11T19:34:34.525691Z","last_seen":"2026-05-17T14:57:40.198546Z","times_seen":49448,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/builder.js","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /js/scriptaculous/builder.js HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O8lwz3Y2BZv9JV8yKYhx3C8gpVTJucelQLvR1%2FkWukVCjZX2bgy%2Fa4lK7IXkDtBX62Q2co9JuxbhWbrv1Z3%2BR9r7pIUfn9tjo08v6w%3D%3D\"}]}\r\netag: W/\"6836f090-1288\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db57f491ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4744,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text","md5":"c6321f204481f259724bd6455c0fdded","sha1":"af9964a44d31fe9773b46d6cd62612ec2137ea79","sha256":"828884af31cfdef92040ee522a81d8f82c7998b72c3e7d35e1c442946b5d2b0a","sha512":"b4541012d505ecc1fb45f4caf49f0d3468fe36c06fe4dd765ed3a6f1947f2607139b87ee30d8798a9c29c2062350985e8a448d0e54975c26fe71564b4327a644","ssdeep":"96:/ztIEijFEJLqATz9rbTg7ClLDT7+9uaDySvihTMK6gVoGPLochgQr:7eEffdT7i8MwTGMLJr","tlshash":"17a164a5b1a113f2199b552f16bfc10db2a6001f6804aa60b8dcc3ad0f38e5531f6fdd","first_seen":"2023-03-07T01:03:08Z","last_seen":"2026-05-26T09:02:56.891769Z","times_seen":1005,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/js/scriptaculous/scriptaculous.js?v=4daccb0e\u0026load=effects,builder,dragdrop,controls","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /js/scriptaculous/scriptaculous.js?v=4daccb0e\u0026load=effects,builder,dragdrop,controls HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6%2BK01pUNQd0jHuAyIaAaFcFZNv2cwWI475dgkdkOlRda9Wn095XSFZOQskn62MGyPWwIb1Si%2Fjl8WRog3gnJnHyQ%2FjgbmFkWAyXHhQ%3D%3D\"}]}\r\netag: W/\"6836f090-b9f\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db31cc21ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2975,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"945aadb4d8b5f2f7a58a4c7ac244925b","sha1":"3e177b34daccb0e40b841fb9331474d687917ac2","sha256":"78cbc6b573f99b4c9c92077e62e0550abde74981f021023425e5f957b95f0f9f","sha512":"a099e32c6a2e0155bf124f2247654c5cf2b45247830de58f2063e108b01d57dbc7913212e6d8e5011f11d9d8e81b464ba16f1412ec623289442b36a013483591","ssdeep":"","tlshash":"bf51d91e7da5c27014a72275023fc00a332b71a73544db48b4eee5819f985ac6db7fe8","first_seen":"2023-03-09T23:31:03Z","last_seen":"2026-05-26T09:02:56.879846Z","times_seen":614,"resource_available":true,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1522\u0026rd=1522\u0026fd=507\u0026bv=25.12.4806\u0026tmpl=136","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1522\u0026rd=1522\u0026fd=507\u0026bv=25.12.4806\u0026tmpl=136 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:01 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":646,"timings":{"blocked":262,"dns":1,"connect":93,"send":0,"wait":97,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:51:40 GMT","end":"Sun, 29 Mar 2026 00:51:39 GMT"},"fingerprint":{"sha1":"F3:CE:FF:C9:F8:70:23:18:40:13:70:96:1A:D1:FD:34:D3:CD:66:FC","sha256":"07:8C:A3:3F:1D:F1:E0:75:3D:26:20:F5:D5:75:64:CE:F7:40:6E:B7:BB:B9:EC:79:33:27:5F:51:2E:B0:12:E7"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:01 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5d3fb21f66a7dc22bea7606bb12a05e5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-26T18:18:27.566527Z","times_seen":15742433,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":41,"dns":1,"connect":17,"send":0,"wait":20,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.916229926093.js?key=ae48f0b770d2035559142c08aecd80d3\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1\u0026shu=cb262d03b65f98e6ec1f9209da437263239e679f4947f9e8fb452ef8fe3ad1919a575ad1e2495991a9643bad40fd0481c8fae73ba839ef3786f84aae8177575598f316adc916a8b87da1aaeb97e4fd74dfa55829c84992896c28\u0026pst=1767736261\u0026rmtc=t","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:01.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /watch.916229926093.js?key=ae48f0b770d2035559142c08aecd80d3\u0026kw=%5B%5D\u0026refer=https%3A%2F%2Ffilecrypt.cc%2FContainer%2F62987FB2AA.html\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=758cf5d5-14f0-4030-acdb-fdb83b6c75df%3A2%3A1\u0026shu=cb262d03b65f98e6ec1f9209da437263239e679f4947f9e8fb452ef8fe3ad1919a575ad1e2495991a9643bad40fd0481c8fae73ba839ef3786f84aae8177575598f316adc916a8b87da1aaeb97e4fd74dfa55829c84992896c28\u0026pst=1767736261\u0026rmtc=t HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://filecrypt.cc\r\nReferer: https://filecrypt.cc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDIxMjQwNiwiayI6ImFlNDhmMGI3NzBkMjAzNTU1OTE0MmMwOGFlY2Q4MGQzIiwic2lkIjoiIiwiaXNpZCI6NCwiYXNpZCI6MSwiemlkIjo2ODk0NCwicGlkIjo1ODQ3MSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidXkzYjl5c2IiLCJjcGtzIjp7IjI4IjoiNjM5MjFkNzY2MTdjZDZmOWEwNWY0YWJiNTM3YTljMmYiLCIyOSI6ImFkMzI3M2I2MGE3NGQ3MWQwNGI2ZjJhNTNlNjMwZmUzIiwiNDciOiIxMDI3Zjk3ZGVlNzI3YmQwMWY4NTdiYTIyYmRiMzFkOCJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9maWxlY3J5cHQuY2MvQ29udGFpbmVyLzYyOTg3RkIyQUEuaHRtbCIsInR6IjoxLCJhciI6W119fQ.ZpUXF_94tW4Hat1JtoElJQMCgEvsIbYAl4KvhEohXq8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:01 GMT\r\nContent-Type: text/html\r\nContent-Length: 3224\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://filecrypt.cc\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=758cf5d5-14f0-4030-acdb-fdb83b6c75df:2:1; expires=Tue, 13 Jan 2026 21:50:01 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Wed, 07 Jan 2026 21:50:01 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Wed, 07 Jan 2026 21:50:01 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Wed, 07 Jan 2026 21:50:01 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Wed, 07 Jan 2026 21:50:01 GMT; path=/; secure; SameSite=None\nu_pl14212406=1; expires=Wed, 07 Jan 2026 21:50:01 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 16\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a988386b176a7c5d32b96e8c9a92e6a4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4546,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3670)","md5":"4c28f0d8ed5c2dda7146530527ab7461","sha1":"47073024ab204e81964f76f84976318a21844dbc","sha256":"4277a89374cecaf1066bbe0c60e131049591b1ef50222aaa17a21a64c4d60f29","sha512":"21a1497bd0ef6f37c9c7a4fb6fa50b2f0827a747fbae3167cd87f7fb5dd1808c129b7c8c56fd3b955a6ba7f4c9ba21952e4cead3f1c6c05563efc2f4851b7fc2","ssdeep":"96:IHWoz03H9YAZXlbXqtP7AkpmlB6knLNk/zDy1N/t1kU41ZD46UCfMEDaH:6jzQ5VXqtPtp66MkLOnXkfV46UCkCaH","tlshash":"e6914d7e5cd051fc684b30bb193978087c60510b660989c27d9cf3758f316b56e9ddc8","first_seen":"2026-01-06T21:50:39.877526Z","last_seen":"2026-01-06T21:50:39.877526Z","times_seen":1,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":113,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/css/container.css?v=1ae7396d","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /css/container.css?v=1ae7396d HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: text/css\r\ncache-control: max-age=604800, public, max-age=604800, immutable\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Tue, 13 Jan 2026 21:50:00 GMT\r\nlast-modified: Fri, 22 Aug 2025 10:26:00 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n7av1iY4%2BEHFcaUBWehktCneJ27d5NQoTMkUMKQeUodtHL5gy%2BW63epp2n2gdjuEoxcqUoWFfEMWrKCgPyLaaJjsyhKoqZu8ux5ZnQ%3D%3D\"}]}\r\netag: W/\"68a845b8-945f\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db31cb61ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37983,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5661)","md5":"4e00e326fe4dc6bcc2ac988ab4622b70","sha1":"0c533c11ae7396d66d5e54599fbd5aade5d09a87","sha256":"ccc340e5472b4744364f93b471a3430b53be478164d328f675e8a489cec08e28","sha512":"ef66b43d37482ae8cccb2b9ab1e296f82167606687106cbdb7ec9d13c98ea7afa422b9832fe411ec2bf0163ac4751eb34499ac9807c9eab60c412f0730da4f53","ssdeep":"384:ZLQALpQ6TFC1eTwokj7HPse70CbHJdclyQXvD7FQ2L7IpbRNffKTdgy:ZJ3TEcTwoeI0FMl77RMhXWgy","tlshash":"44030c22e691312cf623c0696bd3db5932358003e6679eb8b795b279cfce0e55533389","first_seen":"2025-08-24T23:49:37.153441Z","last_seen":"2026-02-08T06:31:23.5417Z","times_seen":102,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/CustomCSS/d3fb0b49a214ff372b4112b6073c1cec.css?v=1c272ea9","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /CustomCSS/d3fb0b49a214ff372b4112b6073c1cec.css?v=1c272ea9 HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: text/css;charset=UTF-8\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\naccess-control-allow-headers: Content-Type, X-Requested-With, Origin, Referer, User-Agent\r\naccess-control-allow-methods: HEAD, GET, POST, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: no-cache, no-store, must-revalidate\r\ncritical-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model\r\nexpires: 0\r\npermissions-policy: ch-ua=(self),ch-ua-platform=(self),ch-ua-platform-version=(self),ch-ua-full-version=(self),ch-ua-full-version-list=(self),ch-ua-mobile=(self),ch-ua-model=(self)\r\npragma: no-cache\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R%2FwprnHpZN8UQ3Ng7WuiRdw65qUrbeYMFX3ppO%2BnbEC6AIvmJKyqGoP1WWxXVQhV2JkhiCnTl%2B5yFB%2FKlUrLNDTYJii4zfMIi5zKGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db31cbd1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"724443990d37a24443ba5b6a32b8dc9a","sha1":"acffa4a7e070dda9c4dc161abb5bf2d89bba0a5e","sha256":"ce9210e77b3d1d54add1dff7b4d5a385caadddbd6c700662e9cad16e8387be9f","sha512":"6ae05233ab25471df0de05168fd0535dfd008c5e76d1325a7d348d97f8cd8a26cec3315b6157d6cca41fabfa6b96842014a559f566e6d76fdfe4c87a2a24b8b5","ssdeep":"","tlshash":"a58004040f54007dd0340c0d140d4531c505c0137455575d301f55f0f1d01374005410","first_seen":"2025-11-24T22:55:04.351072Z","last_seen":"2026-05-26T09:02:56.861934Z","times_seen":74,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":131,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"filecrypt.cc/images/country/FR.svg","fqdn":"filecrypt.cc","domain":"filecrypt.cc","tld":"cc"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"filecrypt.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 30 Dec 2025 08:43:05 GMT","end":"Mon, 30 Mar 2026 09:40:44 GMT"},"fingerprint":{"sha1":"D3:57:91:19:EA:B1:43:18:C2:3A:C9:A3:61:41:17:C9:94:E4:C1:53","sha256":"82:84:6D:D2:07:21:24:CF:01:FA:92:24:9C:AB:6C:BB:E9:49:6A:12:47:50:67:03:5A:58:97:BF:8F:91:42:78"}}},"request":{"raw":"GET /images/country/FR.svg HTTP/1.1\r\nHost: filecrypt.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/Container/62987FB2AA.html\r\nCookie: PHPSESSID=nqb45b4d2mbf6jpf2rb1cgbp9v; lang_v2=en_US\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 06 Jan 2026 21:50:00 GMT\r\ncontent-type: image/svg+xml\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Wed, 28 May 2025 11:16:32 GMT\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ucT5yFrIj8%2BTjBMuH8x2yYMqv7AS0emHNdlcZb7xqYVSiTJ1WpreOT4vdVAQBXaoa16%2FSQjU%2F3Xzk7v9CKwhKk2sHTPqVuoc7%2FvmBA%3D%3D\"}]}\r\netag: W/\"6836f090-3a1\"\r\ncontent-encoding: br\r\ncf-ray: 9b9e6db32cce1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":929,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b7abd6a0c9f03d3ab50cbec091c700b5","sha1":"deaed51201781682efbaccc68279017821c6ea4c","sha256":"4d0149dd638431474df1fdbda51b8b088c6b314236945f302bd161064df3b708","sha512":"9768596b20942bca7c0e56d623fce668f51c7cee2d667ce9b00634e438a9ae30edd26c0288b68141ad2294006314e10b9a327e1ce29276c2d504cf3a20dc4d89","ssdeep":"","tlshash":"551159d492475c6b2870ebf0db74aaae173243a09fe1e498a36b356f304740714c5dd8","first_seen":"2025-07-29T23:13:50.434282Z","last_seen":"2026-05-26T09:02:56.879271Z","times_seen":153,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"filecrypt.cc","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/ad/32/73/ad3273b60a74d71d04b6f2a53e630fe3.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://filecrypt.cc/Container/62987FB2AA.html","date":"2026-01-06T21:50:00.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 00:11:03 GMT","end":"Sun, 29 Mar 2026 00:11:02 GMT"},"fingerprint":{"sha1":"93:86:61:9F:2D:73:66:D5:37:73:1C:FE:70:C8:9F:23:B1:C8:8A:D6","sha256":"9D:5E:D7:81:B8:B1:D7:5F:1F:E3:92:85:57:6C:B5:66:34:D6:DE:4F:AA:6C:8B:E9:92:36:D1:CC:BF:CC:45:D3"}}},"request":{"raw":"GET /ad/32/73/ad3273b60a74d71d04b6f2a53e630fe3.js HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://filecrypt.cc/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 06 Jan 2026 21:50:01 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30224\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 19daaf15ce595f637db5484f0f85a7ba\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":78888,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8a7c55f84292dc407f3831992808c4ae","sha1":"f87984c98222caff96151bd8a80c02c5c462750d","sha256":"989c9d2586e718808cd10cdd0a64e7a38d89d17d4e175945154f3f9ff7a07c16","sha512":"ff0d418326364ab784b521754953dae7d37bfab3cf70c9d0edc2153fefc691407be223e2181bf6637793831eda3f73f8ef6d95f48ca4e465b6bbca8627920020","ssdeep":"1536:x9yUBg8XFOUGDAVTesz3WArOwlNyBv77NzxpQ2jFFwBdjINf:x3B91cupUhxpJwTI5","tlshash":"5c7309487f82b16b5352a073626fd047f0256f1261dcd498d123e6e86f6c33af636b98","first_seen":"2026-01-06T21:50:39.879951Z","last_seen":"2026-01-06T21:50:39.879951Z","times_seen":1,"resource_available":true,"data":null}},"time_used":789,"timings":{"blocked":300,"dns":24,"connect":91,"send":0,"wait":95,"receive":92,"ssl":184},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-06","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}