{"report_id":"40193896-b3ba-4d7e-be8a-bb6224fdfcad","version":6,"status":"done","tags":[],"date":"2026-03-17T09:37:28Z","url":{"schema":"http","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"172.67.223.163","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"title":"PC - GhostWire: Tokyo - SaveGame","dom":{"size":110550,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"7874059bf337a387db5d087c4340f8d3","sha1":"71f1096399d2e4989669c9bd706c6c6296d97409","sha256":"b0f76f300ec4b407489b54ed427a15c62fee2d96fe335bfd1249a6804216db05","sha512":"4fadc679a35d5fcd85673b6b4eb0db84f73097a9979b2d31e6f518ef88b5b469aeae1dfcb4ff75d73eec1d42c83045c58e575968192d8c440e792122165abc7f","ssdeep":"768:cFFAFokMZjDutuzcXgguquXuUuPKOZEMuL4VjaZ7zye3MQRuqkVV:kmJjggKOZEMuL4VjaZ7zxcSuqS","tlshash":"dab39e5d25d529819723466c83df8e68763ca1230429ecff76c7848bcf8aee857e5207","dom_hash":"domhashd13d9654d4d011f7d1234bdfb59a03bb","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"172.67.223.163","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-21T09:37:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":20}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"creative-sb1.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2026-03-11T21:04:22.585124Z","alert_count":28,"request_count":14,"received_data":615511,"sent_data":6461,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"wowrapidly.com","ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2023-11-27","domain_rank":6163794,"first_seen":"2023-11-27T08:30:55Z","last_seen":"2026-02-26T06:11:00.721942Z","alert_count":8,"request_count":4,"received_data":205549,"sent_data":1768,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"sourshaped.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-06T14:35:38.581947Z","last_seen":"2026-03-15T05:34:35.563403Z","alert_count":16,"request_count":8,"received_data":126007,"sent_data":12210,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"protrafficinspector.com","ip":{"addr":"63.182.194.222","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2026-03-11T19:16:24.063036Z","alert_count":0,"request_count":2,"received_data":842,"sent_data":880,"comment":"","tags":null,"fingerprints":null},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2026-03-12T03:55:53.930691Z","alert_count":45,"request_count":15,"received_data":22569,"sent_data":14445,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-15T22:19:58.945817Z","alert_count":0,"request_count":3,"received_data":36234,"sent_data":1336,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.google.no","ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2026-03-15T22:38:01.198907Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":685,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2026-03-12T15:57:51.947782Z","alert_count":0,"request_count":4,"received_data":252796,"sent_data":1848,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2026-03-12T06:06:03.537259Z","alert_count":4,"request_count":2,"received_data":1060,"sent_data":1526,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2026-03-15T22:38:49.765101Z","alert_count":0,"request_count":1,"received_data":846,"sent_data":947,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-15T22:23:30.202114Z","alert_count":0,"request_count":1,"received_data":416844,"sent_data":433,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2026-03-12T06:03:08.282309Z","alert_count":6,"request_count":3,"received_data":257868,"sent_data":1230,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2026-03-11T23:46:19.249526Z","alert_count":2,"request_count":1,"received_data":3723,"sent_data":476,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"realizationnewestfangs.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-02T06:26:57.543488Z","last_seen":"2026-03-13T07:58:47.516344Z","alert_count":1,"request_count":1,"received_data":525,"sent_data":503,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.show-creative1.com","ip":{"addr":"172.67.208.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":392451,"first_seen":"2024-08-27T12:23:01Z","last_seen":"2026-03-12T03:07:13.915114Z","alert_count":0,"request_count":1,"received_data":2366,"sent_data":494,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"savegame.pro","ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-04-18","domain_rank":760365,"first_seen":"2018-01-04T12:50:50Z","last_seen":"2026-02-26T06:11:00.860389Z","alert_count":90,"request_count":45,"received_data":1642173,"sent_data":25598,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Kadence WP Kadence:1.4.5","description":"Kadence WP Kadence is a multipurpose WordPress theme that is available for free download and also offers a pro version.","website":"https://www.kadencewp.com/kadence-theme","common_platform_enumeration":"","icon":"Kadence WP.svg","categories":["WordPress themes"]},{"name":"WP Rocket","description":"WP Rocket is a caching and performance optimisation plugin to improve the loading speed of WordPress websites.","website":"https://wp-rocket.me","common_platform_enumeration":"","icon":"WP Rocket.png","categories":["Caching","WordPress plugins"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Yoast SEO:27.1.1","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"wayfarerorthodox.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-08-08T11:06:50.216151Z","last_seen":"2026-03-13T03:57:39.266131Z","alert_count":18,"request_count":9,"received_data":220502,"sent_data":15024,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-15T22:16:12.279722Z","alert_count":0,"request_count":4,"received_data":151344,"sent_data":2211,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9a4171bea7c584c9f376781494e339e","sha1":"76d8ec06d13a75459a8c9caf2ea2f6203b2db135","sha256":"3d623899e9b39727308ac6ad6bba7b7db8e71eb60dd307fe12d421a7c44fe35d","sha512":"e56f0b89955a726b6e986d0b77efbeffb57c7663c8517482043e97926134c77a4d7e85d8003e3fbfc6050fbb677d341c530d9a5e1d485ac358391175d4f1d018","ssdeep":"96:Voz0qMA0lGCEdrpCafSipb0DZ0atk/YlGCEdrpCafSipb0DZ0bzw1jDOCfMEDaH:izLCEdroUd0DZVk3CEdroUd0DZizovOv","tlshash":"1891e865bcdd64005457b8bda9aa95886c11820fcc84dec3383cde809f227eb4eda8d5","size":4270,"data":"","first_seen":"2026-03-17T09:37:34.171491Z","last_seen":"2026-03-17T09:37:34.171491Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b590f8c63b93bc4a38441fa0e039fa20","sha1":"3f4eb5d847f4852cb0d7ac844fa578a88ae3a05c","sha256":"f0a82b79e956dd5925473c311b42da937c685a4b8792a7691defef65053e2d45","sha512":"1917944a79fd9a12f9835a2a75c2a04e68e93474af6c722dd84a1bc1e90784bed894fa848e158008292e7bbc8a4d990a6ce7e5f06afd011fa9500d096b0f1d1a","ssdeep":"96:aoz+PTXkoHWRk/PzV0n7Gt24lCIL1jDICfMEDaH:XzackDWn7Gt24lBpvICkCaH","tlshash":"63914bb4ac8a6afc2a5734af667a632a3c50800fc745dd8afadccb142f107d409f5d95","size":4375,"data":"","first_seen":"2026-03-17T09:37:34.172419Z","last_seen":"2026-03-17T09:37:34.172419Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"97c5b45ef3e918b0d53edafab967ee8c","sha1":"cbc23ab5e71c7866867fd37485aee49b39c3aad9","sha256":"0ce9febc216b819a98326c03bcb1621736ae90da13c5c62674d285f410a606f4","sha512":"34b81e21b86fb6f22f732d64e42650ba6d8cded1826d05c5f6732e4a45ac8d4d36fbb8b05ff63312b297a1c4c5bcb9f5712c1a22140ab458584a0a659ca1aa6f","ssdeep":"","tlshash":"a631c6b0b04f3ba96acb246394697b056c855403874ac2c686decb44282478a1326d45","size":1708,"data":"","first_seen":"2026-03-17T09:37:34.173543Z","last_seen":"2026-03-17T09:37:34.173543Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9329b89d9942203d3a25af7f9b8d9f98","sha1":"2d10635acc15e601a766ffb840ba810023756a66","sha256":"3018581cb9694bcc610ba2f90c131a6ded34bb0605c57850d9bcd4c3c2021ef1","sha512":"477be493cce58668afcec56a44400c5156d536bc055706fe0f247d6b0d4c453170a96d0fbadca1b6a2885039669ce243cddeee20651097791a1b0db2f1702bf7","ssdeep":"384:rmJ6yCZibifCKtJQpYlRLCpZmGO0bvLCdIatfNYCC0AC:0Z+fCKtJQi7c+U0AC","tlshash":"0b927244683adc65c489602d327d6a71b32829278e2abbd87f4e02145f9dcbf353163f","size":20899,"data":"","first_seen":"2026-03-17T09:37:34.17435Z","last_seen":"2026-06-06T01:08:44.54723Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"aca63831fff5d915e1d8fd6c936bb9ab","sha1":"beb6723fa1c0d27501feeb9b979eafef146d3f54","sha256":"155cc2d89a4636fe39a6b202bcf09a76629ffb09cbcfa11e9b75106809d32bfe","sha512":"3e6787ab94b5eb9ef084deab4a5b11c71a9a16651def5995601949b587c79a1e43c6f330c553308b04593d60f388c037ba553758f9119d82bb43d153784f6d3c","ssdeep":"","tlshash":"a89002a956014a7609c9044c716687e439300048e4472010405d54491120dc1d010ac4","size":53,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-18T23:32:16.855371Z","times_seen":12012,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ced5cff222652a87650642e2c1f1baaa","sha1":"14750331bff096c5c517738ccdbf314300b427bf","sha256":"394f0eafd996e798462aa916d404a9cc9f47c4edf1240bf79259020191169042","sha512":"a4d60ba650b1fc99605c152a3d7147b4b31c7ba87d6954493c9ae1ece7334a682511064309f8f0b604c6ff17a37e82a517af185e6e08ccb85ffa0a162571a270","ssdeep":"","tlshash":"e7012b7ccc00f79980688af4587cdad45228cf10ef249cc71ee7083663c89390816754","size":736,"data":"","first_seen":"2026-03-17T09:37:34.175744Z","last_seen":"2026-06-18T02:58:52.315241Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-06-19T02:17:55.200386Z","times_seen":309258,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8d7432543e755e52d556c531ec9886f4","sha1":"d5a3e53a8fdbcd624fdf53ef89dc759ad9734dd0","sha256":"3f0e896a7089d518e75c207fb23eb3af295005b900d2ad7ee86e898afa6b3739","sha512":"bd14c3e23c13b24760c20acbdd842757adf3f2af544e51b90c4851ca2ae2866f407908096837da127c884fb916fa17996c6fd38a661f242e250b0f393500ca8e","ssdeep":"","tlshash":"36e02074660a781a6821e0600f5ff763b5d591c0f30d14c3524cd558e84cc1360dddc7","size":344,"data":"","first_seen":"2023-03-07T01:03:03Z","last_seen":"2026-06-18T19:16:56.886995Z","times_seen":16887,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/comment-reply.min.js?ver=6.9.4","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4a49df71f8b98c1d9f9d8fce74d89e8","sha1":"b95fcda0c8c26305ad94e80343d0cfca8a048a10","sha256":"9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f","sha512":"42cd5f854779886f24c43ed14617380110c946d1b430b454060c3b391de6fbae6d0ed8ab7cdd7cfdc9726b2d6142a4e01c4448e36088dfcee7fdd00b60909f89","ssdeep":"","tlshash":"5051a7d437c95d762a83b3395efe930271712709a50805608826c86931bcfea63b67fe","size":3026,"data":"","first_seen":"2024-11-13T06:33:24.856382Z","last_seen":"2026-06-19T01:57:33.793438Z","times_seen":81987,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee858e15db40066634ae2d7c3959fbf0","sha1":"82d919c1c636bbad55ae555ce661f9c34a3a7cfc","sha256":"dc869996cbc8f47cab9aeb9523f81a7f420207a2601cce9ba45e9b7e0e261452","sha512":"740ca0251429d605d84e91af1f06b496b7653cb9d0b3847f03b0bafdd1fac848df2b98f0e6e82f743659997e9ee40fa398b1be87b093a9a33c9703d71910822e","ssdeep":"384:8ron3hNZqWPgKQMsD2PNh7ydeAUKILk76ZuoWmyDOgLSttFe6s/fdq/7:UKy2Nh+dexI6SmyDOgmttp","tlshash":"4772f8f532c030722fa624e5987f864761327c295849d491ba58d8f51dbce8ae073fb9","size":15977,"data":"","first_seen":"2023-04-01T10:28:26Z","last_seen":"2026-06-18T23:38:37.219188Z","times_seen":12699,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"b5dc2d3892e6505eef5f249b47bbedd5","sha1":"3e4ec35f1f85800b1d583a2bee6013a9d0312119","sha256":"81c731c12ec481d93eaa5ec82a7b3bde2295bdb9e6fbc78fc26597b88c17a39d","sha512":"c8c63b75207db8fded85dfb2618558aa975f2346b4d3b65c50c4f70071ab32d22a042f89d38f39629cfb06bc75e594cacc347c384f38c5b3d9391f6a8187ca18","ssdeep":"","tlshash":"7c21947a904daacc1b25eddd232f437b76b2919fd4d6a908417e893470101a088a89f3","size":1434,"data":"","first_seen":"2026-03-17T09:37:34.178183Z","last_seen":"2026-03-17T09:37:34.178183Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/wp-i18n-js-after","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"90e9a9e8bdf043c27900f179c9524bb4","sha1":"b662d8fd532c1d16c21b118d5e1bb443eb87d69e","sha256":"7c7e47b842162fb5730b6df043a2f947c38bd72361eb0faa6e24f86527e8f75d","sha512":"60f85187e97bfe0a777a6bd097a7617d438b9584ce75a54fbab56991829d734e60ad47e0a49d01d14cb42eba5a3db16151c52f3da851740a17a3129bd144fc1d","ssdeep":"","tlshash":"603112cbf4ab3d50828fc7b48d23be0145502487c2afd50875e59d3496718c0b4c362f","size":1569,"data":"","first_seen":"2025-12-10T21:33:07.757732Z","last_seen":"2026-06-18T17:33:54.947696Z","times_seen":35,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/wpdiscuz-combo-js-js-extra","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed77b486af68d90645b33e35f6b807b2","sha1":"daab9df1df87ffdfaece005565104e966e9c0ca5","sha256":"e9d237af100b671561e46803e5d9866f6b6eb3bc01c83d01a64493d636cda4f9","sha512":"4ce5f5abf51de8ebb244f56c1b81b0bce012bf715ee47d19212f3751f134ebc35c2fe6d189cb5f812cb62c90ebd6df759800b5911df20957d8b9b67683a8ea99","ssdeep":"192:Bn3EKACzRUrtOoEuHusbhFblWSidUc+BC3UmW+LcWKvMxvbeMULJuX:BpACzRUrtOoEuHuchFblpidJfLcWKvMp","tlshash":"e5e18717c3ce4c7a867383f498da8a5772d913f4e6a44725bcad4c2c53ece16e20b258","size":7263,"data":"","first_seen":"2026-03-17T09:37:34.180408Z","last_seen":"2026-03-17T09:37:34.180408Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/js/splide-init.min.js?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7033ea3a039c5b74a9baba6d3d35b0d7","sha1":"e87683310dc3c7285fa53fe3949325bc8af686da","sha256":"f4096397ab5971c1d4266e35f51b9f9fa0513c6878b06acbfd9ca05275458fd7","sha512":"f8675b0ef76aa8a722c6d0a8db218ef176acde8384fe45f781cff707360f3b22d2b6ec1100780f827cdb6f589b3d169bf951586dbb23643f696eb3b7a6a86bcb","ssdeep":"","tlshash":"4651112f340975732e2728e1d42ffa5258d1a37469024922c8cdd4e9facceef18366d9","size":2935,"data":"","first_seen":"2026-02-13T14:27:49.946317Z","last_seen":"2026-06-18T18:50:51.072203Z","times_seen":291,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"7c8912cc18c895470dab5812ef23f240","sha1":"91144bd2493079c24f51a5547a78845490f4a092","sha256":"291dfa0b77b58440baa96b2ea62d093d228c6778d3ea82e08864e5206b18ed50","sha512":"cff25bcce62364b7c51af06016c152710add188a82b8f1543ac268130ee67907c2a8d5b41d2c4584e1c9a79883178e375b05896b1b5b3f4c190dbc536b9b55f8","ssdeep":"","tlshash":"7d310c7b6ba61517daf623e94c4b272efb7842ae1bc056c0d47297897110d6b087cd8c","size":1654,"data":"","first_seen":"2026-03-17T09:37:34.181398Z","last_seen":"2026-03-17T09:37:34.181398Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/system/3/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-06-18T22:56:50.706117Z","times_seen":12181,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c99a625fcd3e21ec70b22584d75691d5","sha1":"a1593c28c88cdad4ce04f8f0bc845abada3f60c2","sha256":"7c66a19b87bfd72825b03857a88c8a59ed66f4d7b2c49f45943ce9c1526223bd","sha512":"1d818c13b81d2562a75e295191470ce7debc08efeae1e2c70ba4c1309a8b1ced656930ca3439c53d1c7e3dc69b327189426aed210befab0335a92c2c3f9d5ddb","ssdeep":"","tlshash":"38f0971e92564caa93f38685991e370faa21402f84e5a8144cf88c48623cc82b53930e","size":460,"data":"","first_seen":"2026-03-17T09:37:34.182431Z","last_seen":"2026-03-17T09:37:34.182431Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/wpdm-frontjs-js-extra","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec74f64d9ce336972e24a3f42155ac82","sha1":"c390b7cf97e0038c02b2753fda98a783fcf2a39e","sha256":"9caeaef2217315253a1e57de6e57b75004156d7f8c29c3b2157b28d9af5b7388","sha512":"977ef6479ec0aae8334f31ee8b87ff99cebae79af3323d152e638efd97c3a14d2bd252693fd005f87fa93279a95f9afd7f7631ff489ed4f2f25e39ed3ab19e1b","ssdeep":"","tlshash":"dff0971ed2564caa93f386b5991e370faa21402fc4e5a8144cf88c48623cc82b53930e","size":629,"data":"","first_seen":"2026-03-17T09:37:34.183278Z","last_seen":"2026-03-17T09:37:34.183278Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-06-19T02:18:51.470398Z","times_seen":842237,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/wpdiscuz-combo-js-js-before","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"33d8c20dc92cc7ad91d9d813d6f820a0","sha1":"be6c317ba1ae11385ed8ceced4aec5bd1e030ae5","sha256":"bdc40a38683dc88146bf49bc891748fa08be18d97be9bfbc24520938a1c3fcc8","sha512":"92a39da6838283de82a9aa018a1557813bbedc33daceb18fb901dbe5459a1008dc43128cc85c83677387588fbf1b15d2bdb1b668c2aac1f65c3debc20babdcea","ssdeep":"","tlshash":"b7419b56c5fd11015493ea34b85a03353624434fed217a5cb74cd1502f6e9ab92f774a","size":1986,"data":"","first_seen":"2026-03-17T09:37:34.184112Z","last_seen":"2026-06-06T00:17:35.888481Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/kadence-slide-init-js-extra","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"120da7999f1889d522aa61b65890e499","sha1":"e3a7ba243db4f63ff52397bea2100c20975b1854","sha256":"6e9e102e4660ee99f5ef0521be0295c42e33152c43a85e42820638a1cf96caa7","sha512":"3780e7a64a22cf5b4f7d4271213476515f330f9bcc67ee7185af0e7bcb6bfe1c75e1a8db97099105b576b6b8e1df96758c40c499754438780a525b617ba0b065","ssdeep":"","tlshash":"2e312b33c8ce1d70c78b4f705c0ec23348c15000c292840bc5cc0c9040d81c301471de","size":1674,"data":"","first_seen":"2026-03-17T09:37:34.184976Z","last_seen":"2026-06-06T00:17:35.931225Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wowrapidly.com/eb69975d43180b17057798a48b392b00/invoke.js","fqdn":"wowrapidly.com","domain":"wowrapidly.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"caeb8ee07330751581ec7036dae78d2b","sha1":"de1361aaef6acb7e7b4bff8f3a982a6c7acc1ed5","sha256":"007b7d6f430239d5875c39ae002d75174b6e1f3c3c01a65dbd4a12803a348069","sha512":"635fd8ddd8d008ea3e848191f8702981d9716972d74ec85e27de15779120195480465a6b0ba761c834711bee50cf9ed6afbb9a4cff2b4692df0242b614e57834","ssdeep":"768:d5iG1tdXFeQ0R8ODdBxVdx846oPEriX2dusSBctajNJ0CkUFBaGkVlfjAmOg+Gcn:3lPXODNDI5mn+ZfjeGI8v3BfDWL1iI","tlshash":"c433a7dc3fc4f35c02ba2176236fa44ef5aa6e10658df5d8d117a0e82e6470ae83b754","size":50569,"data":"","first_seen":"2026-03-17T09:37:34.125472Z","last_seen":"2026-03-17T09:37:34.125472Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1c4ac56d6fe9c1328df8cad19690f1df","sha1":"abeb038cf2795a2a2357d59302ea2e2a4264a340","sha256":"c393fa054bdc5dd13d509fbf845866015a2478d662cc7ba0b9b608a296d04384","sha512":"3be0dd0191ae33bd1bf32dd084f93e4a8da694212029102b497695735075ebf774e567933cd33dac3f0c411e944ddc4b7833f12628c03ee579cc83ca44d76839","ssdeep":"384:/LFi3rtSfSXeM9zilt/rx7wlVa2ohm/foXm/hoRm/PokJjoZi5AcaGouiJKMvruV:TM5D5HLpp3D2A6Kk4FYEGzZ9kcz6","tlshash":"f9c2e9ca3fce7174a23a24b70c3b77c7baa95db531085d09a720a9b4fc3079d9166d18","size":27718,"data":"","first_seen":"2026-03-17T09:29:38.499592Z","last_seen":"2026-03-17T09:37:34.108169Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b64b6920a3f7a23aa37d4305866dae86","sha1":"6d456f69773fd77d6d474bee4356ae80586e1717","sha256":"e2c543492a5a09bdeea3601156f8a60beff719deea9c728a779b88e0005412c6","sha512":"08459100058add7538f4ef00da3f26ac488ab5b7fc45053f7cd007c29a7d06e0b74e030e42112ffa889b260b265676c9fffcddd256d458bc8cab8bfdf4890ee7","ssdeep":"","tlshash":"93312bccd501fee591714ef82cfcd18191988e40fa648cdf47e64c6d92c49aa0487e58","size":1649,"data":"","first_seen":"2026-03-17T09:37:34.185692Z","last_seen":"2026-06-06T00:17:35.880334Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"15a832bb6effef05db10a375d382cd95","sha1":"04003d9bf35720acaad1ef7f53d1ced7494bafa9","sha256":"1172bfd720e181b4aa95e804c84b2a9da1a714c81f93e87421ce268234c33d09","sha512":"e6a9d69d7fae53d061d66a4eb06ea3d7451243487356e78616efc4946a79840e00804555295ef7abb05bcc81b705fef4046d2620b910419be9039d706e6424b3","ssdeep":"","tlshash":"d3c09bcc220e5d755af737408f3fb704b5527214a4e57d31495a63449e30f1be754954","size":154,"data":"","first_seen":"2024-04-06T22:44:59Z","last_seen":"2026-06-06T01:08:44.55235Z","times_seen":40,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-19T01:58:21.865475Z","times_seen":19107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/android_bigsystem/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-06-18T22:56:50.706117Z","times_seen":12181,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/kadence-navigation-js-extra","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f2c72cb1f3d22ac55e75d071ff03732","sha1":"801eb309519ffb5b3af9235427212bbdc33259d7","sha256":"fc6857bcb2d17ebb13136ec20dafff791f67bc683426c5a9c0639e3eb590bad5","sha512":"3cf8811df4c8e10418115e5029c987619383e6364f89349d50aaf9905330cbc4886bc45be10f4a1587f82b8e3f171a74a7ef1e80b8c1304ac88bb900d20f1c9a","ssdeep":"","tlshash":"47315eeac94b7f3254a7bcb1547ab6a3a63e0804c3ab185f92ca0a5404943a252c7424","size":1741,"data":"","first_seen":"2026-02-23T03:32:50.827799Z","last_seen":"2026-06-06T00:17:35.842785Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8730939d689af83bd5bfd0628d59dcec","sha1":"48fbfb99ed32f2efe9d8753cca982c7cfaca142f","sha256":"5ea6c8bca905e8cd96dea4a3a5a99fb92144949abc9d09eba6ec0c6a06ffc13b","sha512":"32b17b9812acb262946e5e88204b6bf0f39e07e765ef5d0b76c81aeaaeabe1767005f8c6c387ef42fd5600da3a9dd5521e2e2a2f79c7530e43e6eeb8944b3953","ssdeep":"","tlshash":"cdf0dc472aabb0021b60478ce660156b2ae7541dcc469285dd8b55c3ea3ea61f102948","size":449,"data":"","first_seen":"2024-01-16T22:27:56Z","last_seen":"2026-06-18T02:58:52.227955Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"d793627e0e0d3b23a1db921a2976615a","sha1":"76e6d40e0b70ddea8f1f0f0abd769c12bd890f32","sha256":"ea27981fd6ae7a85bc2da22bcb8e4c9bc328461db65489390b4e013d4b025aac","sha512":"433ded66fc3f1cfe5f466fcdea9fc4460d4fd4c62aaa41a97b573e09b9cf5a2a581e935f218179e4842a34b9a5fb6549890956aacc82a8976cdf3684db41465c","ssdeep":"96:Koz0jMAqwmHRV8ldU9Fk/s/0FNJaTjFNSMw1jDaQACfMEDaH:nzBNsu9FkEyNYFNSMovaQACkCaH","tlshash":"1b913abe6ee5121e546b22de28676a49a930520b1b45d9c0fd1cd745fb10e7a0c78e88","size":4270,"data":"","first_seen":"2026-03-17T09:37:34.188191Z","last_seen":"2026-03-17T09:37:34.188191Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"87f956c09813c976643154cb57cfd9a2","sha1":"ed4e4cc156ec630baa9bd1b75aca44e3bdcbabd8","sha256":"6308b556490e0e5118592d3eabcddf45e7ade4cb57df560b72ce5f65415fc58a","sha512":"716c1e2a3aa236916447e0c83a23f8d7624a587f40342b6e396983c67d8cb81f558adff648ec356cb41d5f1046b1637733d8d81b0262075e810b866635d6b13c","ssdeep":"","tlshash":"abc08c44ae2e0c60aa71b84eaa8013ca68c0029bf822aa00156e4288608b0274401008","size":145,"data":"","first_seen":"2023-03-07T12:27:13Z","last_seen":"2026-06-06T01:08:44.582775Z","times_seen":48,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"8ca1198eaea2ef269247df0a4916724a","sha1":"393ce5792a823f43e5c5d2ffa37a1f6bafcadcdf","sha256":"55344f52f6b3c904fce0f4916f9494c607abbdecbb4737ea676e85bad1b83e44","sha512":"e73d217cfba351a02ddc8f3f3afbadf78c8010088480679451d787d3a649767ffcdaf42b8aa07df57c5c310fda242ab80ae9921f11e40447dbe97775edc5ba98","ssdeep":"","tlshash":"d9c04cc47b411db7b7613bcd6bc913c698c80b97b57159de93844589f49507b04c2948","size":145,"data":"","first_seen":"2023-03-07T12:27:14Z","last_seen":"2026-06-06T01:08:44.583398Z","times_seen":47,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js?ver=7.6.47","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8ab0e184e793b688a6fba75f18983b88","sha1":"d708736c1e3502aee263daead1eb5d9abea3cc44","sha256":"d673902cc5ea9a6a867ee22e9893b0bab6f64dc03c95f07f493cdc1e18dbe426","sha512":"84614972746d770ff0dfd0cf390bb8fe9613d0bb91e2136ee58aee6352ac4b0742d21ffbaccab0843a3bafeba38769d8e8187eb1c0b12f51c5121038b15e7298","ssdeep":"3072:Tv/JOJWTVh9YxSd7Z5UzhKuT9loYu4cvMC701DvXLHaWAE/w:T/JT79Ygf5ST3oYu4cvMC701DPiE/w","tlshash":"3c64f7987291b4b212f761a5006f120bf3769d3de00a9498e6add8f05eb8d4e2177f3d","size":314804,"data":"","first_seen":"2026-02-10T04:26:51.826142Z","last_seen":"2026-06-17T13:01:24.790411Z","times_seen":81,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/15/46/4c/15464ce51946267be2df1c3796e8eb8a.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ed058ca50b4335d68c565986f860731","sha1":"e915a8b14ceb50c419809d5be8abcf6c610c7aea","sha256":"4896c06860b31a16b4536bdd0017af00381312c8cd98dbb58b7861c2b97cee59","sha512":"326c43819ec7bc015dcfb66fcc015ee954039f6268e8c40a1e4aae5fae8017bf43f418cbda7331038449c4dfd0b4395049a2a753a13b3c1e9e4edb4a769ef850","ssdeep":"1536:70QP7ZTem5Kvg/+UriOXwaHe4J+LxR8Xmj8sV:3Cv4WUR+1db9V","tlshash":"af93d78c3fc1f0a513a5203b222f714ef0994d95546ce468f783f5692f7ca4ae536b98","size":93720,"data":"","first_seen":"2026-03-17T09:37:34.154274Z","last_seen":"2026-03-17T09:37:34.154274Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6e27846c62f3747e9e97e53e0f429c71","sha1":"dd21c22186a1c42ae199991599c6932e9e9f4774","sha256":"e4c25808d1653537b737483fb2cbef4eb701af9f6ca55b987496ab919b2dd5ce","sha512":"02434b622c83e92dcd3af77ea606cafba5afd6f8d3c53ad2e270b845062d3dfd2c92f43c794000fd3d41fe663afc842fede0d56d14da3b0f6c02db3bd727bd47","ssdeep":"96:KozzjY5RBNStUhSyN4INrHk/kRBNStUhSyN4INX1jDaQACfMEDaH:nzkjSryTHk0jSryNvaQACkCaH","tlshash":"bb91193d6c8da6bf6b4c0297227afc5c2d21930e2a04d5d6fe4eca84af1071d097de85","size":4266,"data":"","first_seen":"2026-03-17T09:37:34.190047Z","last_seen":"2026-03-17T09:37:34.190047Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4a7ed5f6c6dba80cfc71dd2b939f4c9","sha1":"fb73407562671512956e6ca6af71a7b7c848abde","sha256":"3f48c5e70c5901a5689bd85e4bcab7ac2a598fbbb8dcee643841998a6ce50fec","sha512":"7abd8da41d895ed5e4e0d823ed22ddf194b2afeb85d6be7915c2ad1f792d5286dc0c73e64f71d8c4a2c83922a7f50f3852a13d2c03c4ab0e9dfcdff98071b27d","ssdeep":"","tlshash":"22012b7ccc00f79980688af4587cdad45228cf10ef249cc71ee7083663c89390816754","size":772,"data":"","first_seen":"2026-03-17T09:37:34.190763Z","last_seen":"2026-03-17T09:37:34.190763Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"8730939d689af83bd5bfd0628d59dcec","sha1":"48fbfb99ed32f2efe9d8753cca982c7cfaca142f","sha256":"5ea6c8bca905e8cd96dea4a3a5a99fb92144949abc9d09eba6ec0c6a06ffc13b","sha512":"32b17b9812acb262946e5e88204b6bf0f39e07e765ef5d0b76c81aeaaeabe1767005f8c6c387ef42fd5600da3a9dd5521e2e2a2f79c7530e43e6eeb8944b3953","ssdeep":"","tlshash":"cdf0dc472aabb0021b60478ce660156b2ae7541dcc469285dd8b55c3ea3ea61f102948","size":449,"data":"","first_seen":"2024-01-16T22:27:56Z","last_seen":"2026-06-18T02:58:52.227955Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f7f534aa475f2ab416f5768f5eb1abf","sha1":"0e264d3826ec4cea33eb1d05bc113200a9ca55b1","sha256":"18821fa5e86c1240947fc976e78c43d849789cda4360578383adcfbd873d133a","sha512":"c24f6cff97cb6e0cf363714e9073f5f0533cfd228d16665aa6be8fc2527f88f5f3fa156e6dff75bcd4f581a1a3e8f7e0e7242ce4eb3d98d5af950a497b98ee7d","ssdeep":"96:JPczm1siDwcWu0HAGMUJhSENesmRmTj8pdkZ:Bc0DwBLAGtvArmjZ","tlshash":"c2b1b79c3f40b0a017a2a0776f6f2429f1396c10ab6be894d527a1dc3f29d29c2b2755","size":5119,"data":"","first_seen":"2026-03-12T08:34:48.0486Z","last_seen":"2026-04-30T07:10:40.662541Z","times_seen":2445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"239a2dd7163303173a974d5f8951a1bb","sha1":"ee7bfbb98a4830e7e4cce945ffe377e10bd41da3","sha256":"1eabc44440ce6a7921411dde049a80e449998be5608255135a7f1f53744c7698","sha512":"c1454c473667281dd6fd239b10246f6e86fbe37a62111edfefb25e83516dfd305f40db5ba3802b690631a86a35e22fc4f54dc496a55fab55311bae62b5a517e8","ssdeep":"","tlshash":"c4d0a795297588317599025651b5e398267021906611d24481dccc2f7a11de305a595c","size":217,"data":"","first_seen":"2026-03-17T09:37:34.19153Z","last_seen":"2026-03-17T09:37:34.19153Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ae75eae81a8d3da56c767e1030dccdf","sha1":"7b7674da701577a819654493c9410277592b586f","sha256":"66b19e6240c63dbb058b68bce2718f2c490ba5a6f4fd4cc238477d8746a99518","sha512":"fe5aa52ae43ee9dd186bea5a43729787bff9b69914861534f580ad0be0928f9528aa60012bcf4e2a278a6dd77eeeeaffddb21f4a612656074dc01ced8bba2438","ssdeep":"","tlshash":"efc04c799f203a1b6759778e970a27d858d453076e31350a6a56849271ca03b5050654","size":145,"data":"","first_seen":"2023-03-07T12:27:13Z","last_seen":"2026-06-06T01:08:44.548253Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c69314dd8e893322adc9179e7be14e4","sha1":"43205861d638a1f96833fb1fa01b179fe16c73ad","sha256":"dc0b09431087d1efbd45e1dbec9e771e417f2c7982e54213463b310899585c70","sha512":"e1e1b518f867869289e8737c297ccff55d3bc7c5b2d43de67498ddc703659bd31c3eb53b920cda8b7aab9ff08e7645ea09dbbadb7c3796ff50393bf2d313aee8","ssdeep":"192:rWtzk8T092KQk3U/OEDgXYL9GSSdRMxqK9uGlsDmVWmpwV45cJ:rWtVe3aLKuQRuqgSKVWmrk","tlshash":"5122bd1808b8a452d0abba7e216ee551f3a608575d9c7fe63f0c51040f5c46f72b9a3f","size":10445,"data":"","first_seen":"2026-03-17T09:37:34.193511Z","last_seen":"2026-06-02T03:38:37.367337Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/js/splide.min.js?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"dab7fc9d3a0fe3216703ada0b424b01d","sha1":"f0cc6b8c11b09195e3675338da9761f2fe6d272c","sha256":"f915b9eb6a60a2a0dda355aceaf19b00b44ba8a2429ac7c1dc0a8059e486736d","sha512":"dba0f3234d8a455f0d045968c3e7f57b6b1a67d2fa90ed2f0c58ca574a9c42462f005ac9f693d42b6b58b22d1bcb8e3dcbed4c0aee31cff5f925c18771741d28","ssdeep":"768:xveaVfq2uGhc6eIRE2yNQ4iyHuqpp0L0pvj8vCwF3CH:x5VfqpGvPqZWyNf0L0pvjWCwF3M","tlshash":"d8d2d68c72c1b42a279364f3a1af044ba27b29455c0e5510e4eaf8f47c786bd936bddc","size":29763,"data":"","first_seen":"2023-10-30T11:59:40Z","last_seen":"2026-06-18T18:50:51.085359Z","times_seen":696,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3c972136c2f555887dfed1bff386a35f","sha1":"2a17bc64abc27054f558deda6c9d017197b3498e","sha256":"a94c40c1d45e7b2b48521355415a3e58985a5fccd44af3f832728a7c053a5514","sha512":"e1f35ba770f4da14372c5f1273004574b98dcb24c0eb3e0479a2591b4e88e8d1db35f8a8f43de0da349ccbf3bf0ba72c47fe11aa3bf72b6a6870e0335cdf80ba","ssdeep":"","tlshash":"94f0dca7752ba4173f218688ed7481233e662928081b234ae89192dba572412b3b448d","size":449,"data":"","first_seen":"2024-01-16T22:27:57Z","last_seen":"2026-06-18T02:58:52.229777Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/advanced-ads/admin/assets/js/advertisement.js?ver=2.0.17","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b645b5402a5096f324a6b37d0a3259c0","sha1":"3741b4d49e4ab0034f34fdb9ce5afaf96f940b47","sha256":"2878e3b9f4818d49affee273031a409b8d24e264b58eb3f4d9b0d1195a6d2ff1","sha512":"a86a7ab81b7c02c027c34b17282d0a4150649a47534b73c86d6ea7d6109584a5f8594063227900d99d84e5b9f26b54a65654be2b75aa33b20c0a5f8700ee50fe","ssdeep":"","tlshash":"49900210815501d9b02041511d06e4e2e8904460c7423de28194400c500a540005005a","size":39,"data":"","first_seen":"2024-05-04T21:47:36Z","last_seen":"2026-06-17T07:03:35.564938Z","times_seen":10230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b00219cb958052cb557115d55f0c8d48","sha1":"3c55bbf5a8082db61decff924aaf787f4337df86","sha256":"8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6","sha512":"8551b616ff3abb64a5a63e68f07c82d72bf89cff6602339f900e282d3d0f8e9781a6361da024f289105f971f4c56c6a3c4c9dd33627525462fac6319f6f0435f","ssdeep":"192:pDvu5/lEKbR9plcliHYecexZno2fa65gIe2vVYAtW1eiIvO1SF:pTw/u6ZjyOeOe4F","tlshash":"6e0221487d41742f2933f0f2515f12ca753b28426ced6954a6e1f5e82d7848d28a3fbd","size":8291,"data":"","first_seen":"2023-03-07T01:07:43Z","last_seen":"2026-06-19T00:30:40.961079Z","times_seen":5782,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ae75eae81a8d3da56c767e1030dccdf","sha1":"7b7674da701577a819654493c9410277592b586f","sha256":"66b19e6240c63dbb058b68bce2718f2c490ba5a6f4fd4cc238477d8746a99518","sha512":"fe5aa52ae43ee9dd186bea5a43729787bff9b69914861534f580ad0be0928f9528aa60012bcf4e2a278a6dd77eeeeaffddb21f4a612656074dc01ced8bba2438","ssdeep":"","tlshash":"efc04c799f203a1b6759778e970a27d858d453076e31350a6a56849271ca03b5050654","size":145,"data":"","first_seen":"2023-03-07T12:27:13Z","last_seen":"2026-06-06T01:08:44.548253Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"0abe51039fbebcfaf8d62165e3c6525f","sha1":"7402b07d0b04b3d0d3eabd39dd5adfbbe28db2b5","sha256":"170d5d695d32ae2e9d1dfb2a96489a8fc6929d5f63cad573e32c8dcec9d51ccc","sha512":"b9c08ec21ac9074180a64bd3be3c162125ee958a5a2ba7cee0e0d653307a1de64b648f41a6283933ec7c2af6ab7ac4bdd7a85c5c257d259ea2908ddad34a5b5e","ssdeep":"","tlshash":"a321b6b5b8cd55082006a8d8ad9988a4ac12461ec8d6c5c325388da0dd523db4fca5f5","size":1384,"data":"","first_seen":"2026-03-17T09:37:34.195142Z","last_seen":"2026-03-17T09:37:34.195142Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/no-right-click-images-admin-js-extra","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e6145cd92b024a31c991f01c43299585","sha1":"7a42c5e044892580a1046cf69fb0120ef4a6df1e","sha256":"bf285f16de63b62e05ab1ac5e814002ff380a6c2ef0659624f90f70e06679a1a","sha512":"067c188aa940a78c4d8787c031c2517cfce50d9696de5ebaa7dded5ee7762903b418e6e83165a4811738da23d77c9ed73325db542f0a5a9c355b1d3e4a3ee993","ssdeep":"","tlshash":"01319226d8da3f64282bd8f2689711734a4dde72e6a386085a4b991450e0851d974901","size":1623,"data":"","first_seen":"2026-03-17T09:37:34.195843Z","last_seen":"2026-06-06T00:17:35.915454Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"18aea91491a5429d53f123aaafa4b49c","sha1":"1c5e9ee4381ee99c53bd21099cd050aeb34886ae","sha256":"89817baff16024d82380e2fee9580e7c93bdb5b6b0bac1924d389322500c223f","sha512":"e76783b460d5e0cf38007e76acb2f2ca48eaa068ba8325f210533911e0402d02983be91f179387f32ce8c3cdd24989cc839f09d869a40174cee1f19f6e5bd500","ssdeep":"","tlshash":"68f02b472b95f1120724078cf6ad045f1de7581d8c4693c15f8b15c3dd2a553f50304c","size":449,"data":"","first_seen":"2024-01-16T22:27:57Z","last_seen":"2026-06-18T02:58:52.230602Z","times_seen":45,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"1c146cc54e76ba60250b89e4112bd857","sha1":"c3381a9d82e8df1daa6c7eff55d6b1bbc0ab049e","sha256":"bb8b5ad4844a63f498a6e5b77673485b00106e414ec60f2691def74cd74dd777","sha512":"335d0336bb5dc78f4e038ed90ebb7a75e00a33d7b9ed8f20557dd5be943f7414e33509c92c8f6164c2f0becec2049f09af839e5bef055d0c80e9856b4a3ad588","ssdeep":"","tlshash":"e331183e744e3aa79f5c07e3204afd686d2993090b8451d68e4bcac8aa0474e013de06","size":1652,"data":"","first_seen":"2026-03-17T09:37:34.197371Z","last_seen":"2026-03-17T09:37:34.197371Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0345eab5966f4c0d5ea7b5a9f54e96ae","sha1":"ccb06f076c0ad8ae3439e1ceacb4c28d20cc7c6e","sha256":"0a82f0a2b8c8c6adda40e131b989bf788d16dc6c6359ad02fd87c13dcb353564","sha512":"4e253935e66f3b871d876ce31eeb84ed84df1a86eedc6d471538bd0b71f8e6445075ce46f559fcd1d3689964108f60a97867af92b3560f8a30214eed77f9d77f","ssdeep":"","tlshash":"36c092701030693004df990c7421e3ee3833406b7133b182a15d42985ab0ec61249eaa","size":131,"data":"","first_seen":"2023-03-07T01:02:08Z","last_seen":"2026-06-19T00:15:21.409875Z","times_seen":10481,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wowrapidly.com/bdbf20116fc8d5cbc12e86158035c95d/invoke.js","fqdn":"wowrapidly.com","domain":"wowrapidly.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f4ba2e15bdbbaa030a2a499fbf9fb47a","sha1":"0522525c9318785df328c6df410f8c21aef4a04f","sha256":"df43a7e45de3ebbad152053525f69af31ee12c0a353ace58fd0f78565f17e6b6","sha512":"f509cc9a085aa4e798fa434ab5771d7df8cc0511c6fb1353f74168b4122d6f44625b746348cb94c170721060b707eca04378ade1c11e5937c3dfbdb3fa9df563","ssdeep":"768:d5iG1tdXFeQ0R8ODdBxVdx846oPEriX2dusSBctajNJ0CkUFBaGkVlfjAmOg+GcT:3lPXODNDI5mn+ZfjeGI8v3BfDWL1JF","tlshash":"3133a7dc3fc4f35c02ba2176236fa44ef5aa6e11618df5d8d117a0e82e6470ae83b754","size":50559,"data":"","first_seen":"2026-03-17T09:37:34.109107Z","last_seen":"2026-03-18T01:43:59.413231Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/4a/7e/85/4a7e8505cb95ed24dea186cf1b52adb6.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bbe64f0cccef223f45d4d969c9ed5698","sha1":"9b8df8eb713efa8978d28e9aec39fbce4a053548","sha256":"7f65ea30cba0445eff4455f54fff9ffbde3b923633bfbc5938877baf5218a1f7","sha512":"85a7f406a1d71f522273e30ebbffff553ba140a97b3cd29ee547f9ebaf4be3d2973eff95661318c58f2141132ead53b3beecd6fc3af6e202f67bb47e757f4d44","ssdeep":"1536:1sgv0NC4Y5Tll1apjTHlxn0WuXEon8USxNKo4hRl+GdanrEf74:agvA25lIpZxn0WuXEon8pCTag74","tlshash":"7493e8887fb272ed4396307b362fb006f22a9d512498f4f4d586b8e52e7876da437704","size":91800,"data":"","first_seen":"2026-03-17T09:37:34.167176Z","last_seen":"2026-03-17T09:37:34.167176Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"90e932bd9e62583fc494c00498cfe7f5","sha1":"4f57e11bff609f90f49174187a0b5a6ba847ad28","sha256":"87cee5f49ba0d3017efc409579fc58b91a717f8f14751f7d804447ac9bcbaf4b","sha512":"ed9c129faf972ddfa705f05c3207884e5e9cd175baa45d49ce9d42bc0d01e4e8f36e627731bdd97214b1e2400fdd5012262a42f9800cd4f5565dbf183ba58507","ssdeep":"96:wXDE/3s/0EBM6ZUUCRTH+zl4NsBjcEmDtrGV2C2yics6w1RfGdzsvqZTq:wzg3kBFZYH+zhjngRw2cLzw1RfGdzsvx","tlshash":"56c153847983b970b2337057f0ff48d561baeba575298081964ec4a05d7388ee0a7abd","size":5661,"data":"","first_seen":"2025-10-27T08:47:54.273294Z","last_seen":"2026-06-19T02:07:59.028746Z","times_seen":196369,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/rocket-browser-checker-js-after","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b4a6ab6c0b324b64f5a4e9ef97432028","sha1":"dbcaf2e50ce6c1f81ebdcce26bdd76736db1f821","sha256":"96242f217fd8967824c203c7e261dc9ac7d8e7dd72b7a3340a7aba56f8c97993","sha512":"26798b158007e972bc0c4f74ea37ff3782ee899d7aa16d528eae101674008f306d508f75ccb53046a890062a0efb64e06dfb5d0643805ca96c361035d05ff384","ssdeep":"","tlshash":"d77195a8f83570a8a9f39036543b630371692661e1898090c2b1dad56cba7c2d3d7e09","size":3670,"data":"","first_seen":"2026-02-23T03:53:35.524211Z","last_seen":"2026-06-14T09:34:47.540526Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"74500761a8beccb42a4bca53aa15c97d","sha1":"2c5dd2108a3cb0c4cb690924fa619e709d290a14","sha256":"c8a90869a6776380cc245e8898275100fa25f053fe36166e5fba6c2fd0ee9737","sha512":"b40098674a6ac31dee119c3f36f67263a293f42ed5d085e5030c266148373956ae38fc4884c2e1a540b64ef9f9cd99be03510e82a1bfbf9646ddc2d42c9ea9c6","ssdeep":"","tlshash":"0821087d540daadf6b0c06832166fc2d6e26131c758580f5ca6fc9d8f30430a032de76","size":1382,"data":"","first_seen":"2026-03-17T09:37:34.199961Z","last_seen":"2026-03-17T09:37:34.199961Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"b8f8cc1bae650eb692b26b9b491bd0a8","sha1":"7b3b26a1315eed05990a50a26d8fed958e2d83a6","sha256":"a4832648ac9ff404fe6f98d755c450fe25760bf22a966ef674699603a30f29d0","sha512":"c20e7af19383a0fb35cb06dfa7a7eb13f057b90350482403368cf7bb345adcc911f0501105ed4f3c8b2fed54f5448ae3dc801efc08c3b7166764c5c4e285b71a","ssdeep":"","tlshash":"c121e9ee32a9038d041a45c334a36ec0dd353e64c79b11f48a248358e3928364930a74","size":1384,"data":"","first_seen":"2026-03-17T09:37:34.20084Z","last_seen":"2026-03-17T09:37:34.20084Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/download-manager/assets/js/wpdm.min.js?ver=6.9.4","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2d55006cf9d3b4d5bd82ebca073b6096","sha1":"0dab24a380f39ed58624be26a7b8b96d3d2b4a86","sha256":"6d6aa38b53d4a7a7aef17b73d5d88e446ffa06a2983f1d34b95aceafd3670bad","sha512":"fb9f73df5e000179dc0875784b6b8da0c2bf452cb8d235a69ba4774db9a513e841b5e8af312e34689ca7a6a18608bd6d420e959bf96b6742fccbd7f5dbaf3c5c","ssdeep":"","tlshash":"9d713118b9be219800ff6aab70276f14a5762d5ad8899529643188f11efdc81760373b","size":3670,"data":"","first_seen":"2025-12-23T13:01:14.709958Z","last_seen":"2026-06-18T21:20:41.411332Z","times_seen":1245,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-6QKNB8FJE0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a3198dd14ca64139a07c7eee9363154d","sha1":"d154131daff027e34a90579806be6e5d0077609e","sha256":"9bca32c4663498994185816b32f49bb49af732370c18abf9bf192b6ea4a46073","sha512":"f40faf4201e4cb4cb00710df685dae05411e6d7390e86e84e584b0f5e93b6a4a9c4fa6cd22dc1ea371b3b4f098e67225c111d51c50811409e290dac419744b5b","ssdeep":"6144:QlFJ9o5t1wxrSvXtxUWRGY8N8GphXlzZbTXcz0VjZZs82:eO8xrSgcx8pE","tlshash":"9f9409cdb3da70229396f478503f018ba57b2992f44cc899f18ad8e42d7469a4237f7c","size":416240,"data":"","first_seen":"2026-03-17T09:37:34.113394Z","last_seen":"2026-03-17T09:37:34.113394Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"e775e87e3c2e02172e5cb683ff6f9cc6","sha1":"5e0150efb49a2669dc2963e3cab07c1b867c47b6","sha256":"8ab9e1c9344dcaf6d85afaeb0ceea889b02f66e0081b86a79d6b20ca6ad3e329","sha512":"1a26bd54e05dba6681e7e6c3b1df49c78abed9729b7a4ca0effec01c5a897ffd049ed69be3c593d053a3d6785e7eb6a8f431f730e5cbd26c95efd9132ee89665","ssdeep":"","tlshash":"15312b5ddc0afee08075dcb15cf8c04462148864ed05cc8315ff086c43cad1a480ba6c","size":1662,"data":"","first_seen":"2026-03-17T09:37:34.201689Z","last_seen":"2026-06-06T00:17:35.908171Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/rocket-preload-links-js-extra","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"1722c039ca93b7ce127562e4632e7a5d","sha1":"36ca40c3af89700682ff84068b9b7de10d7733d7","sha256":"de3a213e08ca9b96b356356b0756183dd892b4df38a2657f0881ddc8027e3f1e","sha512":"65181fe22a80ab7ea9db33f5fe099e4f7ae7ab32a23575ced012a348fd971db50c9b6019fb42e18fe1531bf6ff3a1672e54f877e3ed35a480fb74937487b9ba1","ssdeep":"","tlshash":"714155f6e69e5d4250668af85e65d63baf8ccc09c47ac8169184e090806af86e0dfa11","size":1922,"data":"","first_seen":"2026-03-17T09:37:34.202451Z","last_seen":"2026-06-06T00:17:35.867802Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/rocket-preload-links-js-after","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f2a12adcc110168fe774c656693a73b1","sha1":"d086bf46ce5712d1798ecf53bebfc0a2a5940d66","sha256":"e886ff09c2de3ff5d8a652f704c8beba4d29ad0f1461c61f6d17b77dd204d8ea","sha512":"da9f7ec21bfd8fe97cc0c03502e734eae516e401944e45fa19020f7781a1b66a6a04f3486aa96dfb01df66f3dbfc52bc5ba8bff341bff01ac350766f5cb18ca2","ssdeep":"48:p9GmqipfdcR4C0GbLnghDu98TSTO9xqns6Gm0DDf0kv+lZTmsGY1xC2DfX/AfzWG:p95qQVNCXwzksxmY06kxY5","tlshash":"c3a187b5f14e743a09638735402f720aa27b0918e4d9c028b436ece05f74f5c609be2e","size":4931,"data":"","first_seen":"2026-02-23T03:53:35.540914Z","last_seen":"2026-06-14T09:34:47.55812Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/wd-asl-ajaxsearchlite-js-before","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8d525c1e25eedcce231b20e1b33566e","sha1":"6998b28b25e58a7e98e63215b9f09a9da9facc3b","sha256":"3bac6cc0b23feaa82af2fb0927336342a1831845a1b20cd9bc5ff9ac51903b33","sha512":"a63c9c0023086abc4bc09725a5ed1ba116469149f501233b02afbdc83075efc24cfcbac43f777b0bcae50eb990d18b46eb0539041bee6073c2bb1936a1c0278a","ssdeep":"48:/sDZgaZxdDy56tedDmKxAcwaSrxQv9Xurzakxb0FOi/tcbwZBNp2RN2go283P05e:/stg67yItYtxAwor30ki2wZHp20/T6e","tlshash":"14912369e601bc7741fb01f5a3013e59b26f20b3e39899a4b9c88858396dd5f551b883","size":4420,"data":"","first_seen":"2026-03-17T09:37:34.20457Z","last_seen":"2026-03-17T09:37:34.20457Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3fa97495b6df072fb73eb0ad45ae08db","sha1":"76c4c52538bff955f0814411b06ef4ab3c8fd280","sha256":"8b278d072c22b2e8cdb50310ba342d9d56ca477dd1b8af8b7337d21df6c93626","sha512":"bde588b43c9d02413951380a1b4b023e28a41401e9e040a3732f4873ae876a6bb036b21d0f19badac0e287a828219c98fc3baed78e40f5c4162d65d3220254eb","ssdeep":"","tlshash":"c7d0223a042a21a820311c2c2b0f65200242f2277340cb887b1cc7865f0f211c0728ce","size":286,"data":"","first_seen":"2025-11-05T16:06:25.699447Z","last_seen":"2026-06-13T07:39:42.478789Z","times_seen":831,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"0e629d8a88166e51b30b5aacb26c3345","sha1":"4923bb21962b7eaf177c613ae7ed2e9379020094","sha256":"17c5728bd8ca8f046b74fc898ff50ff316ac5e65ef3c8b15d5c474234e949da3","sha512":"1812ed3e449e43e6a8dd5e965527aa644e2948abd2cf30a61e0228cdb5102459d019ab1381e2404a482fdcb36fe6db9184a44756e663a076fe8908488edaa8c4","ssdeep":"","tlshash":"fb318666bc9d2901985b78f5a58ed6d86c11970fccc5dac328358e919c223df0e9fc86","size":1654,"data":"","first_seen":"2026-03-17T09:37:34.206751Z","last_seen":"2026-03-17T09:37:34.206751Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-06-19T02:18:51.469853Z","times_seen":914794,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wowrapidly.com/cc7c12813346dc9cc979a0dead9c3d06/invoke.js","fqdn":"wowrapidly.com","domain":"wowrapidly.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ba30f9b3b8b5fe85923e56093115baf4","sha1":"b40b91f850c576f9234b819dc871d3a7d404123f","sha256":"26180651225f491d9615d119ce03a1825878390f9a273c3666bc71cdeb13a947","sha512":"f0f2ebdc0e39613cea7640f8ee7d276d39e6e339f2ff16fbd73869f246c4c8e300d09b801cf387353465565896bfac088536a1c2f1beb2df270412b02de5f93a","ssdeep":"768:d5iG1tdXFeQ0R8ODdBxVdx846oPEriX2dusSBctajNJ0CkUFBaGkVlfjAmOg+Gc6:3lPXODNDI5mn+ZfjeGI8v3BfDWL1rq","tlshash":"1833a7dc3fc4f35c02ba2176236fa40ef5aa6e11618df5d8d117a0e82e6470ae83b754","size":50520,"data":"","first_seen":"2026-03-17T09:37:34.162626Z","last_seen":"2026-03-17T09:37:34.162626Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a647433a478bb4731656ca686430ac5","sha1":"01dc809f7ce3de4e655fe52456cb8bb9950e4b1b","sha256":"c2ff6df28bea9c7e1ac95692e3a2eb68b33be87031c45f96ebe5319876d9ea82","sha512":"86e4b04d95e4ce23562587241d6cdf96b72416022be638a6a6884f06242f4b7d690391e4c952f667c8ee8c15f1ead3edec9f84af4233e4103004991eb860e4e5","ssdeep":"","tlshash":"f8b0128b74ab3d50828fc7b44d23be014510208782afc50875e59d3096718c0b4c362f","size":99,"data":"","first_seen":"2025-11-18T21:59:56.555736Z","last_seen":"2026-06-19T01:17:05.767246Z","times_seen":13018,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/ajax-search-lite/js/min/plugin/merged/asl.min.js?ver=4781","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c3f551fe057f2a9a9b288bf7cc9fb40a","sha1":"b46de633b6cb22310242d2c393a99da19fdfd593","sha256":"c1254104a05d11257ba25dd168f5d039406b9d71591568c32003505abed841e4","sha512":"a4979cd66f600152e0942171f2c71723206b2b4c6f907efbc653369afb45e8c528606cd999ee3f3227557ab174f05a907f98544676aa66e1178489638a6857f2","ssdeep":"1536:EGMw7ld7tY4YmZDibici5ViYaTivniISMXnIiI6f6wwwGmbYCoaozjL7TMc7:b9SMXIAf6wwwGmbYCoaoY8","tlshash":"4d73e98c7291387742bf60b6a07b6509733358ad640a40b8b26cccf36db5f4615a7fb9","size":76895,"data":"","first_seen":"2025-09-26T20:48:43.934707Z","last_seen":"2026-06-18T10:08:48.214953Z","times_seen":1871,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1223797af7c8f4afc5c0509331e9fd16","sha1":"0b6e4c455625f0dffcbba0534b74e1b895b2cdbf","sha256":"c778723bd7d4c338694dfb021c7a11a01e7a89f67cc90e923755852f0f079712","sha512":"0237e95096305651bf39dde64253d8095e7630c3e1b4885c98f8c37b0bd0286d88e4354359c8457ceed493b543dfa4cbb26d43c11ffe917203b434424bfe2b19","ssdeep":"384:FeKCj0sDS7jyUK9A2xzMhjuFjF0TQhzYJ6bmgbOpYHMJE3Yo7mHh3QkwWBcXDcFZ:oPj0s+7jyUK9A2xzMhjuFjF0TQhzYJ6Y","tlshash":"d8a288ae6204357700eb2fe3f2abb7c239756899f5464421126dcc0e656cec79062ff9","size":22428,"data":"","first_seen":"2026-02-13T01:52:58.750502Z","last_seen":"2026-06-18T22:16:19.773544Z","times_seen":2724,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2b73e1ec43d421c2e2f1bfd11ec168de","sha1":"586c3f49823fc7ada1b52c205b3cab4506016c69","sha256":"48c5800c87c902b3e032d7f68717b70fd4a0db57af7dad22d76312dc4046fcba","sha512":"7cc530e9687923f5851fa2780b528a30b3e6cb9d3a3741b782c2493a8f32e6775154285bfd4516f0697fa3158335b3965f98e1d83d1e20c552011690e1a8a701","ssdeep":"","tlshash":"9241b7b8b83570a8a9f39026543f730371792661a189c090c2b1dad57cba7c2d3d7e0d","size":2195,"data":"","first_seen":"2025-12-03T02:57:52.196434Z","last_seen":"2026-06-19T01:17:05.759317Z","times_seen":4186,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wowrapidly.com/bdbf20116fc8d5cbc12e86158035c95d/invoke.js","fqdn":"wowrapidly.com","domain":"wowrapidly.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"825ffd1903278a0f6ac8763aa4ead388","sha1":"af11b84cfe3b2bcf81b70bd31aa952b7da18a293","sha256":"8de90da6f56c6a9da5487e2c3f6b7273868c7cd84c3e380980377ce140dff52b","sha512":"fb62dda35e639b13fa975335f27a312756e000ddea551c0f2bcf81e7597e8e4dc2282c59cec8ab410c4395b3ad5011632f9e077d0ed049e51de03cd79cfabfc3","ssdeep":"768:d5iG1tdXFeQ0R8ODdBxVdx846oPEriX2dusSBctajNJ0CkUFBaGkVlfjAmOg+Gc/:3lPXODNDI5mn+ZfjeGI8v3BfDWL15h","tlshash":"8233a7dc3fc4f35c02ba2176236fa40ef5aa6e11618df5d8d117a0e82e6471ae83b754","size":50541,"data":"","first_seen":"2026-03-17T09:37:34.142485Z","last_seen":"2026-03-17T09:37:34.142485Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f7f534aa475f2ab416f5768f5eb1abf","sha1":"0e264d3826ec4cea33eb1d05bc113200a9ca55b1","sha256":"18821fa5e86c1240947fc976e78c43d849789cda4360578383adcfbd873d133a","sha512":"c24f6cff97cb6e0cf363714e9073f5f0533cfd228d16665aa6be8fc2527f88f5f3fa156e6dff75bcd4f581a1a3e8f7e0e7242ce4eb3d98d5af950a497b98ee7d","ssdeep":"96:JPczm1siDwcWu0HAGMUJhSENesmRmTj8pdkZ:Bc0DwBLAGtvArmjZ","tlshash":"c2b1b79c3f40b0a017a2a0776f6f2429f1396c10ab6be894d527a1dc3f29d29c2b2755","size":5119,"data":"","first_seen":"2026-03-12T08:34:48.0486Z","last_seen":"2026-04-30T07:10:40.662541Z","times_seen":2445,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/4a/7e/85/4a7e8505cb95ed24dea186cf1b52adb6.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8bf5809967f9206b75e9931f33a48c76","sha1":"905ea380b7879f971c397448c95839f6efbae9fc","sha256":"05e361cad40f7863b254ede5309b9a05e20c04d439f67bd0c56b9a934343d800","sha512":"e7af3af6f2ce766be653d8a3c92c835198acb49d4444f6bebe991e61fbf4ff3b0da8bd9e7111110c69e76b4e38272d5ad858371ef7b613c45da4046430c79cd2","ssdeep":"1536:1sgv0NC4Y5Tll1apjTHlxn0WuXEon8USxNKo4hRl+GdanrEf78:agvA25lIpZxn0WuXEon8pCTag78","tlshash":"6393e8887fb272ed4396307b362fb006f22a9d512498f4f4d586b4e52e7876da437704","size":91794,"data":"","first_seen":"2026-03-17T09:37:34.143726Z","last_seen":"2026-03-17T09:37:34.143726Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5f16b368a415677d018f23a5773e2021","sha1":"fef20fd00d3e370f759feee39b41e113f02de373","sha256":"cd42179253eef41e7398ed26dd278a45f4c06674d738178719b2fb7040ecb422","sha512":"511b7dd4b123d764de4d0a5f7b4cc29d17972bca6ac07654c498485e6d5f73636af5bbed6138ede90c27bfc787d8094cf5185cf451bca2f4798650d7137cd3c0","ssdeep":"","tlshash":"40f055f6a69e5d4250668ac85e61d63baf4ccc09847ac8169184e090802af86e0dfa11","size":443,"data":"","first_seen":"2026-03-17T09:37:34.208671Z","last_seen":"2026-06-06T01:08:44.586342Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/no-right-click-images-plugin/js/no-right-click-images-frontend.js?ver=4.1","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12c857147f85781daf5761b8fabfec0c","sha1":"88ee7c45270c6effccfc962bd70d8665a7a295c1","sha256":"80a5df71ef283aa1517018e5af8140a093d38dcaa1d7389b5ada7b2bc20dfb59","sha512":"41d199c239e442b8476a0bf729b97ca0fa7703cacdc07899900deb5483d919abeabe21a30fb90cfa1512f9791715bf2260ae421f36cd1808d5dd8bbba2876979","ssdeep":"","tlshash":"493168e1379e4cf952e9632e13744ee0fd7ecdf6525431b8d488be98702c9182390576","size":1804,"data":"","first_seen":"2024-01-16T22:27:56Z","last_seen":"2026-06-18T02:58:51.991903Z","times_seen":544,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"3a5838d1182eb0b11f5a58bfe26e2529","sha1":"920b2291e65d62eb55c1958911768540abaff5cf","sha256":"d4efe709c65438ae90dff385486421fea45762880f21fc4e0dca3fa96210f428","sha512":"bc41d50cd2e5c17c75ba737c303f2f498cc94e2c3fe402b2f15c5f10531e53633598093da98579b2dee65733dce0f763d77380ae35a9591d8bf91f975b7c6845","ssdeep":"96:L9emIWL7lnv93ssmAeGejQVnmggoC7arVCG0GXF730IQRDdlZq+SxSD3LmD:8mIWZVszMuinmg3rQ8Xd30DDdlZq+Sx3","tlshash":"2bb157dcb9d57022235121a0597fb409f3357d6470ebb8006ba9c4a47eb15cfb1a2fad","size":5314,"data":"","first_seen":"2025-10-27T08:47:54.280246Z","last_seen":"2026-06-19T02:07:59.022835Z","times_seen":193485,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/download-manager/assets/js/front.min.js?ver=3.3.51","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1731c5a027ce4ef4cfa5515a1b612aab","sha1":"b177c499935a6376c58810476e09fa5446e209ea","sha256":"0ede5fb0b0ff02ed0ae707fe1c51b95980426dc6f723b86ea2b376633bb2b5d9","sha512":"a50d2fbbdc0fa89e3c5d4a37cce2fc944621cd65b12d13835547cefd2c4b6ce4d9bbb14d001f4380bc6565e41953d37a5ac426533e0485479cb8b14933c2326b","ssdeep":"768:6IuIxmrR/TqCcp38u+GMC0zTY72Y6f9Ue8AEhNW:6X0pD56ehNW","tlshash":"13e2f939b930727616ff219b701b770a7833586bd6069a00b43cf1e41bbce465667b2b","size":33717,"data":"","first_seen":"2026-02-17T08:01:51.120284Z","last_seen":"2026-06-18T18:58:55.683857Z","times_seen":830,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-19T01:58:21.865475Z","times_seen":19107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-19T01:58:21.865475Z","times_seen":19107,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"ce1bca84b39d72d71bf19a89b173c505","sha1":"e1ecd9d37b52448f53afc4ac99be19519a0103dd","sha256":"f9df9a50846a0a0a46820125055faa08b304a4cb6c404c557a9510ad44dee5bb","sha512":"5ca3255e2b07e75754a2dbfac9d0d8b980f05432dc28b596adaf261498c3a065cae4a5b324775e8215218e5772c374ecbde81db141ef7831a6cac57833345d3e","ssdeep":"","tlshash":"85b012895d42c8e561100fc9a8f5d84594885a80cb20ccdd83f58899f6445ee0c4b544","size":106,"data":"","first_seen":"2023-12-02T14:50:36Z","last_seen":"2026-06-06T01:08:44.592455Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"ca109953dc70655628f321cb7d381431","sha1":"dfd407073aba8cc870e7a2064203ecf652fb23bc","sha256":"0fe7b84d02bc07134b5280a5c5f2fda462246ab8384c1c90a6e6fcf230ae50c0","sha512":"fcab91580830ac67ef92ab16c25af93b7cd0525c1a6566f61b5c7eb41a66f1135d468ab05f8a76c3e73e7eab030ee3bd2538234e4ea039dfe8e78c5eaa0ce22c","ssdeep":"","tlshash":"b9e0cd5ddc07fee08075dce1d8b5d4486114c964ed05cc8715fb086c53c9e594c0ba5c","size":316,"data":"","first_seen":"2023-12-02T14:50:36Z","last_seen":"2026-06-06T01:08:44.593031Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"91f86c133d51af7bf4129d4798fadf0b","sha1":"09b7da519e00afcd63130099954880f9dd9010cc","sha256":"5a1e724d298b18ddb6d33d128fe4013e7a99715bc930d939810eee0af4943412","sha512":"8347bf918161878915b4963aa03c3b0d345712c6f1e382d8893f61d3e673c2d2b63b0f2065ac1b47eefd4aec79bce3c920343244f56470b184ceaf27e6bb25ac","ssdeep":"","tlshash":"c8b012099c1bccd0545098d1ecf3d44c65014194ce00ccc402ff09d8a74b99a0c0a548","size":106,"data":"","first_seen":"2023-12-02T14:50:36Z","last_seen":"2026-06-06T01:08:44.593599Z","times_seen":51,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"c839f1a003ec2297c8b55159d401384a","sha1":"e8ed5a55d71166978a930811372aff07065d8827","sha256":"ef26790bc0a8c730c522c8beb340c9a7f25362d8cfb47fc195c1cbe40ce00fc3","sha512":"56aa5a9a48af5e03d07d66a0e6279ca59d9c17de016df60b52de7c588eaa8717f3060c0023225a1dd0b517ec3887289b3116abbc1046340fceb89275abfb3779","ssdeep":"","tlshash":"32e0cd7dcd01fb9980648ad4d479d9d85118db10ef24dcc75ad7487663c8e690c15754","size":316,"data":"","first_seen":"2023-12-02T14:50:36Z","last_seen":"2026-06-06T01:08:44.590651Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"965531fa52a97024a06923afaf5f4d4e","sha1":"5b49f43c4bc3a87e91ee6870045b09b6bf938378","sha256":"3002bca1be155fba2783b1a6f218ff56319331d5553859ee75b57174da258fac","sha512":"7904a655503e87d14e42021601c6f80ac64b052b56718293d6a8b496def9f07c1b1b2337b2c154b99cb449128f5b631535770d90b7440cc660a47fa2f472adff","ssdeep":"","tlshash":"d4b0123d9c11d1c9405407d8e472ed9c56059700cf20ccc946f748a2b3d95ad0815280","size":106,"data":"","first_seen":"2023-12-02T14:50:36Z","last_seen":"2026-06-06T01:08:44.59127Z","times_seen":49,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"25d6cdfe59847097a069af65dd1860d1","sha1":"9f6b806d10f7ab8e3ff8dc34453465f48cdfd8c5","sha256":"424606e1dd4859c66446a2274adcfff759b31f43f04d251fb2f33b75dc79bab7","sha512":"2b4b4c23231f3c365a23ae359de1131885c17de9028d8db2a1a80c4cdc6c52ed78b29a9be890ceaac4009d4b1db19dfb04db608d6c505df6d4f6b99d49398aea","ssdeep":"","tlshash":"72e086cc9d42fee591214dd8acf8d58191588e50e664ccdf47e54c6992c4a9a0887e58","size":317,"data":"","first_seen":"2023-12-02T14:50:36Z","last_seen":"2026-06-06T01:08:44.591879Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/css/global.min.css?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/css/global.min.css?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 12 Mar 2026 17:23:12 GMT\r\netag: \"6d6c-69a9bbc9-9008a8d;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 5004\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 403668\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2F%2BP3h5oozILjkUETKPv2coMJmaSXeey8vZ6XHSP2MFRK3wlgjyi9JQ2MgRh7hHTVaL7aiyeNiExQ4w%2FQ%2BTv79O9EaoTLO9d41kov4A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045339b61806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":28012,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (28005), with no line terminators","md5":"5a9a1b3222d2100334fdb31b7a808e56","sha1":"2edf8afa6a1175d8bb67dc574c4c8bc47e9977c8","sha256":"da01e0607dea79444375b549255bee7f4d1ce295723e6307f98e0fa3e08c7bab","sha512":"8c8faa39ef188f2e72e61ad96b5249ea955f121152730ff9721338898333e9c4923c9795eac2e14398e509f9944f1935b31f2a2c30ea7c9e33ff672dc48fd6e8","ssdeep":"384:FHgp+vGmkX6BXfPFrBPXsd0D4dDGsjvjFv8nydGTSj8F4:U+vGg4dyF4","tlshash":"67c2318052b0526e2a6f477d829fb285692c3553cb1f3b96e03dc1f442cd79e1a66e0f","first_seen":"2026-02-12T14:43:10.402472Z","last_seen":"2026-06-19T00:44:38.565922Z","times_seen":2869,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_6QKNB8FJE0=GS2.1.s1773740225$o1$g0$t1773740225$j60$l0$h0; _ga=GA1.1.2071307227.1773740225; hu8935j4i9fq3hpuj9q39=true; s9ifs0idfjlwfie32dekl=0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9ddb045d8b901806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27718,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:35:17 GMT","end":"Thu, 28 May 2026 00:35:16 GMT"},"fingerprint":{"sha1":"17:4A:E8:7A:8D:4C:22:69:70:30:C3:3D:6A:72:7A:68:E9:D2:3C:83","sha256":"0D:06:FA:1C:4D:9B:7A:47:4C:58:29:3B:40:85:C2:D1:F6:2B:AE:C5:66:2E:53:32:27:48:B1:F2:5C:2C:A7:A1"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2572\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1ab3c743cbdf8db7b0604c5da363fdf8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5119,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5119), with no line terminators","md5":"2f7f534aa475f2ab416f5768f5eb1abf","sha1":"0e264d3826ec4cea33eb1d05bc113200a9ca55b1","sha256":"18821fa5e86c1240947fc976e78c43d849789cda4360578383adcfbd873d133a","sha512":"c24f6cff97cb6e0cf363714e9073f5f0533cfd228d16665aa6be8fc2527f88f5f3fa156e6dff75bcd4f581a1a3e8f7e0e7242ce4eb3d98d5af950a497b98ee7d","ssdeep":"96:JPczm1siDwcWu0HAGMUJhSENesmRmTj8pdkZ:Bc0DwBLAGtvArmjZ","tlshash":"c2b1b79c3f40b0a017a2a0776f6f2429f1396c10ab6be894d527a1dc3f29d29c2b2755","first_seen":"2026-03-12T08:34:48.0486Z","last_seen":"2026-04-30T07:10:40.662541Z","times_seen":2445,"resource_available":true,"data":null}},"time_used":752,"timings":{"blocked":341,"dns":21,"connect":94,"send":0,"wait":99,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/c6/03/e8/c603e83fb40b46b58dbb360dc1747e11/1756656826.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 02:33:25 GMT","end":"Fri, 05 Jun 2026 02:33:24 GMT"},"fingerprint":{"sha1":"4A:66:11:51:1F:1F:F3:84:B6:E4:4F:81:C1:03:83:9F:01:17:7E:82","sha256":"DA:55:E3:02:D5:3C:4E:3A:51:ED:21:0D:F4:32:52:C2:C5:31:87:50:DC:AB:13:D9:93:4A:15:0C:D9:8C:D6:4F"}}},"request":{"raw":"GET /cti/c6/03/e8/c603e83fb40b46b58dbb360dc1747e11/1756656826.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53571\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:13:46 GMT\r\netag: \"68b474ba-d143\"\r\nexpires: Thu, 19 Mar 2026 09:37:06 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53571,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:43:28], progressive, precision 8, 728x90, components 3","md5":"e2a3f96684fe29f60b2f3641ac5133b5","sha1":"19067bc7d9210709212cd32db05b55aefc422bea","sha256":"68a37280ff695ace386f3aabbbd8b75b36edce98355533b33bdf0788a7e8e8ce","sha512":"2811fce581695ab109a3788a4b0537b399804d0614cb04c0bd5f6e054f2ce6fa7dbff1385d3b222bbe7725a4489b3efbc3c1781d9f1d37688c160e2cd9dde8e2","ssdeep":"1536:GlRHx8xHqHTbzDnzmr0vCqxt3O82BAhjE:yHmKzfDzfvp2Gh4","tlshash":"f233f1078fe18d92fae48475f8f2d791d22259d5e7b316603e5cf91837b1892dd4d202","first_seen":"2025-09-02T22:57:47.7902Z","last_seen":"2026-05-18T15:28:38.148595Z","times_seen":737,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":78,"dns":24,"connect":22,"send":0,"wait":65,"receive":13,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=4a7e8505cb95ed24dea186cf1b52adb6\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 22:12:10 GMT","end":"Wed, 27 May 2026 22:12:09 GMT"},"fingerprint":{"sha1":"F8:CE:1C:DD:8F:86:0E:25:10:C6:86:56:A7:A3:47:DA:38:11:C7:3A","sha256":"19:3B:E0:74:B6:FC:9E:17:C4:75:30:39:E3:6A:CB:EF:32:91:9E:69:12:DF:51:AC:FA:76:15:EE:1B:D3:36:B8"}}},"request":{"raw":"GET /pxf.gif?uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=4a7e8505cb95ed24dea186cf1b52adb6\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 329837e0714aa9834b8f95d1f5bd9349\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":292,"dns":1,"connect":92,"send":0,"wait":98,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/android_bigsystem/2/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/android_bigsystem/2/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:08 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:17:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa847c-11c6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7XLprxhC5a%2FCJzRw46r2OPMdML63N9adoMYOqUFdbUnTveNKMt%2BLqFCwUsfatzTP%2B9DyHH4G5TWb1J082jrNP5ZzJs0VI5xy85hwRJYhAqw%3D\"}]}\r\ncf-ray: 9ddb04667dd6a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4550,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"324abcfd143ee18521b072561e5aaf71","sha1":"03da4f347fecfe1534187181586f3478087e2c71","sha256":"e9c5416113b8dbf6cd052ad5f86b08ed709ead3d616b52231b1e303e219a7099","sha512":"40e9f5e5dfc54717e7a9f468b97618b588904827110b0bffc5db58223e926ca4c99ac9bdd6f2cf0681db3df3ca18b4fc4a9432a516f03882e7a3006b9bd98ae3","ssdeep":"96:iTMXkGMiVWFRsUFnh8niycvmJxMX5eiAPJU1Qeb+wkopOUOxw:IMXyiUFlFh8aOJxMX5OPJEXbJ1rOxw","tlshash":"d091ad552b771644b51ae1aa6f662b47272900079a0fdc387fc5724c8fc61a8c6e3bcf","first_seen":"2025-08-23T20:32:05.824498Z","last_seen":"2026-06-17T09:06:38.688886Z","times_seen":343,"resource_available":false,"data":null}},"time_used":613,"timings":{"blocked":80,"dns":25,"connect":14,"send":0,"wait":451,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/cache/min/1/wp-content/plugins/ajax-search-lite/css/style-simple-grey.css?ver=1773059684","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/cache/min/1/wp-content/plugins/ajax-search-lite/css/style-simple-grey.css?ver=1773059684 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Mon, 16 Mar 2026 12:38:20 GMT\r\netag: \"202d-69aebe64-7001274;br\"\r\nlast-modified: Mon, 09 Mar 2026 12:34:44 GMT\r\ncontent-type: text/css\r\ncontent-length: 1198\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 75256\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yJsADj2%2F85LJ9N13VzDZ8QUM0%2BNpiOc3QN5SFRspfo7pGBZOxii5hFlt4lDLkfN7Y62mf4BkNBGXvhibU%2B%2FSel3k%2FxL4kjBvNGO4Pg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349c61806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":8237,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8237), with no line terminators","md5":"7ef806ccf1d60ecabcaa8e39a2b068f9","sha1":"2f46e781b8b4ac53bbc90092eb679cf37106d9c7","sha256":"3e1252d9d8b094e3d94ec99ec049cd23fcdc70a7d1662e7ff3033e3d9a945b65","sha512":"abc6192d61581055a1d42a51407f2133472288944a9b8c5e04e0820df041b4f224e71975c9b4148e95177950d9dcf27daf2769e0593af0f196411483bf0d141a","ssdeep":"192:1OmhlWatnGyotIKqHZ/9ov+VErS/r+rpr7qhL5PBbPOA+6B9WAKdP:1OmhlWat+G6NChL5Bbnkb","tlshash":"7902ee3a9a57701fb326c8b730067a5e658d8566e4174b3dcc6f38e4cacb4c299b7312","first_seen":"2024-12-24T05:15:37.179809Z","last_seen":"2026-06-18T02:58:52.002004Z","times_seen":33,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js?","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea2d291c0fdc/main.js? HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_6QKNB8FJE0=GS2.1.s1773740225$o1$g0$t1773740225$j60$l0$h0; _ga=GA1.1.2071307227.1773740225; hu8935j4i9fq3hpuj9q39=true; s9ifs0idfjlwfie32dekl=0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9ddb045dbb971806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27718,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (27718), with no line terminators","md5":"1c4ac56d6fe9c1328df8cad19690f1df","sha1":"abeb038cf2795a2a2357d59302ea2e2a4264a340","sha256":"c393fa054bdc5dd13d509fbf845866015a2478d662cc7ba0b9b608a296d04384","sha512":"3be0dd0191ae33bd1bf32dd084f93e4a8da694212029102b497695735075ebf774e567933cd33dac3f0c411e944ddc4b7833f12628c03ee579cc83ca44d76839","ssdeep":"384:/LFi3rtSfSXeM9zilt/rx7wlVa2ohm/foXm/hoRm/PokJjoZi5AcaGouiJKMvruV:TM5D5HLpp3D2A6Kk4FYEGzZ9kcz6","tlshash":"f9c2e9ca3fce7174a23a24b70c3b77c7baa95db531085d09a720a9b4fc3079d9166d18","first_seen":"2026-03-17T09:29:38.499592Z","last_seen":"2026-03-17T09:37:34.108169Z","times_seen":3,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-6QKNB8FJE0\u0026gtm=45je63d1v9119068260za200zd9119068260\u0026_p=1773740224664\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026cid=2071307227.1773740225\u0026ul=en-us\u0026sr=1280x1024\u0026ir=1\u0026frm=0\u0026pscdl=noapi\u0026_eu=EAAAAGA\u0026_s=1\u0026tag_exp=103116026~103200004~115616986~115938465~115938468~116024733~117484252\u0026sid=1773740225\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026dt=PC%20-%20GhostWire%3A%20Tokyo%20-%20SaveGame\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=904","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.32.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-6QKNB8FJE0\u0026gtm=45je63d1v9119068260za200zd9119068260\u0026_p=1773740224664\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=a\u0026dma=1\u0026cid=2071307227.1773740225\u0026ul=en-us\u0026sr=1280x1024\u0026ir=1\u0026frm=0\u0026pscdl=noapi\u0026_eu=EAAAAGA\u0026_s=1\u0026tag_exp=103116026~103200004~115616986~115938465~115938468~116024733~117484252\u0026sid=1773740225\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026dt=PC%20-%20GhostWire%3A%20Tokyo%20-%20SaveGame\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026_ee=1\u0026tfd=904 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://savegame.pro/\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://savegame.pro\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:171:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:171:0\r\nreport-to: {\"group\":\"ascnsrsggc:171:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:171:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":35,"dns":0,"connect":10,"send":0,"wait":21,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/system/3/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/system/3/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:08 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 11:21:12 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68b97628-187b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mKip6B6uhpdhfHAiHGFcX%2FE%2BVH7Bv5aa5XXGo3t7ROQzhN7LenCjCsyZlTK7sgtFCsU4jZvk8cZMI05tafsCDZO7sQFssiWZYg1NoQxMxYc%3D\"}]}\r\ncf-ray: 9ddb04667dcda0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6267,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1ad6ac44c42222ef0436d0d8dd6db994","sha1":"4a0e6f3e5a1b7c31ce6426f8a30aeda2f9ed8f38","sha256":"d6a92fda42c0c878a5457657cfc02763b0aad44f50d0efbb14877d8cc1054e1d","sha512":"30301800e586796a24dae52f1f4e7b276fe799e9b1e2ebaf87c8240395af190497fe8bd5c84c805c1c570f45709d0f6e08b491835f0433d22581a24d4200b51f","ssdeep":"192:IMXwejMX0PzkHhEJxMX5tnKdqMT5OPwHoQf:IMXwsMXSztnMXn5N0j","tlshash":"fcd1bf9546671904b50ed45b3f76575726144087ae0fc9283fc277888fc62ad92e3fce","first_seen":"2025-11-18T02:35:34.351031Z","last_seen":"2026-06-18T11:00:50.110173Z","times_seen":314,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":82,"dns":32,"connect":14,"send":0,"wait":460,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wowrapidly.com/bdbf20116fc8d5cbc12e86158035c95d/invoke.js","fqdn":"wowrapidly.com","domain":"wowrapidly.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wowrapidly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 01:08:36 GMT","end":"Sun, 19 Apr 2026 01:08:35 GMT"},"fingerprint":{"sha1":"72:CB:7F:94:29:E1:C7:63:05:03:A9:0C:B9:94:26:06:36:53:84:54","sha256":"3F:E9:3B:EA:70:B2:3E:4B:47:EC:50:C8:84:DB:A7:32:45:3A:AF:B4:FD:B5:DB:FF:9A:3F:B8:07:47:36:F4:AB"}}},"request":{"raw":"GET /bdbf20116fc8d5cbc12e86158035c95d/invoke.js HTTP/1.1\r\nHost: wowrapidly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 20303\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: wowrapidly.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a4490201ce98ed07ff09bdd8591694ee\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":50559,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50559), with no line terminators","md5":"f4ba2e15bdbbaa030a2a499fbf9fb47a","sha1":"0522525c9318785df328c6df410f8c21aef4a04f","sha256":"df43a7e45de3ebbad152053525f69af31ee12c0a353ace58fd0f78565f17e6b6","sha512":"f509cc9a085aa4e798fa434ab5771d7df8cc0511c6fb1353f74168b4122d6f44625b746348cb94c170721060b707eca04378ade1c11e5937c3dfbdb3fa9df563","ssdeep":"768:d5iG1tdXFeQ0R8ODdBxVdx846oPEriX2dusSBctajNJ0CkUFBaGkVlfjAmOg+GcT:3lPXODNDI5mn+ZfjeGI8v3BfDWL1JF","tlshash":"3133a7dc3fc4f35c02ba2176236fa44ef5aa6e11618df5d8d117a0e82e6470ae83b754","first_seen":"2026-03-17T09:37:34.109107Z","last_seen":"2026-03-18T01:43:59.413231Z","times_seen":2,"resource_available":true,"data":null}},"time_used":945,"timings":{"blocked":349,"dns":114,"connect":95,"send":0,"wait":99,"receive":95,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/sbar.json?key=4a7e8505cb95ed24dea186cf1b52adb6\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /sbar.json?key=4a7e8505cb95ed24dea186cf1b52adb6\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:07 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 5250\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; expires=Tue, 24 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\nu_pl26620252=1; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\nslec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]; expires=Tue, 17 Mar 2026 09:37:12 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 108\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dfcaed6d7e877214e0106629b5a85487\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5225,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"d9289f07c2e40b129977f84302c3dc7b","sha1":"040ea693fce7c80c17f8a1175daafb3ad3bd2321","sha256":"5c37f23d46d5e106e435a70897dd0529e555e7e2ac33fef7bd45acca357af685","sha512":"27db694c2cd18c52f55e2b2bac06a70d432647474286070e2cb71923b5fda34505714b349b77bc3a01eb2ddd190cc54f3d11fc81ee8bcbeab24d6dd9d1a926ac","ssdeep":"96:9YCppKEs/Ql2VTbwqkJ2DNdMTLhYOVBnQMYMp/WRvwZAv+Wz:9frs/QKbwFEDN2T1ByGFewZAX","tlshash":"47b15cfe1ece56034f930ce4ac9574a40cd3649785dd04d5c7af66ce4eab0e1b9a112b","first_seen":"2026-03-17T09:37:34.11002Z","last_seen":"2026-03-17T09:37:34.11002Z","times_seen":1,"resource_available":false,"data":null}},"time_used":784,"timings":{"blocked":289,"dns":1,"connect":93,"send":0,"wait":205,"receive":1,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=15464ce51946267be2df1c3796e8eb8a\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 22:12:10 GMT","end":"Wed, 27 May 2026 22:12:09 GMT"},"fingerprint":{"sha1":"F8:CE:1C:DD:8F:86:0E:25:10:C6:86:56:A7:A3:47:DA:38:11:C7:3A","sha256":"19:3B:E0:74:B6:FC:9E:17:C4:75:30:39:E3:6A:CB:EF:32:91:9E:69:12:DF:51:AC:FA:76:15:EE:1B:D3:36:B8"}}},"request":{"raw":"GET /pxf.gif?uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=15464ce51946267be2df1c3796e8eb8a\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 57a308cfa1f40692f978555a4769cb7e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":676,"timings":{"blocked":289,"dns":1,"connect":96,"send":0,"wait":96,"receive":0,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/android_bigsystem/2/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/android_bigsystem/2/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:08 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:17:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa847c-13365\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FZj0wmHgttlzDm%2FWUEl7VmSCSPBP6TARjw8HPAEdPKNM1jrBc8pNpiMdIDbCr%2F0Jb8gfc9P4kJxu%2B6HY3VJSt6drUGFwV0x3nrR2phseJDc%3D\"}]}\r\ncf-ray: 9ddb04666db1a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78693,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5982c5377696d20476871062646b253f","sha1":"8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242","sha256":"4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4","sha512":"92592dac2a817293e8ec1d94bf99df639626a90d524420b01a12210398927c0650cc26fa8e730300096b29961563aa02efb707478c6d51ac8616bb1bde5a0cb2","ssdeep":"384:jvuAuF81dghu3uFlZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uhu7uNKwZiMUL6Vpaj7F","tlshash":"1d731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-02-12T20:28:38Z","last_seen":"2026-06-18T22:56:50.680521Z","times_seen":8382,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":72,"dns":28,"connect":8,"send":0,"wait":477,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100..900;1,100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Roboto:ital,wght@0,100..900;1,100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 17 Mar 2026 09:37:07 GMT\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11268,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"0480a7b5f548d87b4900258575726b59","sha1":"db195efb64363a35a75bf835ed23cef2f8e211a6","sha256":"89796185ab1f9d2ea2acff84d1f6fa64f5f902130cd7157268bfd2389157e26b","sha512":"25b9f18ef84686f84d608bc54ea9dd03d2caf50f41b225ed37a5407283088bf151ac9b12304cef90ec83936343a5ff7d381af4d7b27cee64b459f960bfa6a4d1","ssdeep":"192:yuNJGCuNJbuNJT+uNJMcuNJPq1uNJebqGIwV4nuNJ1uNJ+AuNJ0N9fKN9DN9MN9n:ykcCkhkx+kRkg1kUqY4nkbk3kk9fw958","tlshash":"d6321e91040b50449b838ce223cebe35fe1f92507141d1b9bbfc9b6baddbca2526835c","first_seen":"2026-02-19T23:58:38.600237Z","last_seen":"2026-06-19T02:08:58.679291Z","times_seen":4384,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/system/3/img/icon.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/system/3/img/icon.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 10232\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 11:21:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68b9762a-27f8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 4596555\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o%2FGyQ4plTSSUW6JXQ9gOAf6z75yRuROzjDGMWVWpr6gxb5OERXvduYGZJI5jwOI32X9KMbeKRkshnoEjrg5Izb2Dy7B%2BAdMcfGsGvFNg%2Bbo%3D\"}]}\r\ncf-ray: 9ddb04667dcea0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10232,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"24a5e81b34aa002d3a1705dabb65302c","sha1":"e35c0129b0a258980be593673e958ddd3ea8d75a","sha256":"530f09c4dc9a4e8a50f8e063d5dd3fb7cefdea3ce1309ec1bdbb7489dda4f75b","sha512":"39843774c29524ddbb61dfabbc39584deaaa1a4363628260954af959eb896077a11a923049955b5ebce1fb19db35e688ad2640c70d8fa525ca4f4b32ac500819","ssdeep":"192:nDp+YjB32WWe/RojZKQsjh8nBV0KPh0xweeqgFWzYX/3Fcp8NkwvAJVOJpk:nDcYF32WWe/RooQZnBZ5GzgF+CFcp8NI","tlshash":"9922b0a2f8bd169ffc121aa40141f6b086389957950d48fce5c5f6d77842c1b3b7c368","first_seen":"2025-11-14T18:19:02.043615Z","last_seen":"2026-06-18T22:56:50.674774Z","times_seen":655,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/system/3/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/system/3/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 11:21:13 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LNjFe%2BHhZ4ajz%2BZoguXmqprksNVU7jEMRrDU0hgy1xqTJKJ6V%2F84Su2PaUJWEQoSOg0Wk9%2FuJ0dztVBhu4gU%2FWHuG0egRsphSyUd5xM%2F2ws%3D\"}]}\r\nage: 2258606\r\ncf-cache-status: HIT\r\netag: W/\"68b97629-149a0\"\r\ncontent-encoding: br\r\ncf-ray: 9ddb04667df9a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-06-18T22:56:50.706117Z","times_seen":12181,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/android_bigsystem/2/img/message.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/android_bigsystem/2/img/message.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 5402\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:17:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa847c-151a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 9433960\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B6qIupfdy4UitiQl9ULghMfuP2597yurEHja%2BlikK3mPX%2BqcZlnyA2DLTMJicP3KA5nWux7XHzVGoPLOoS%2BrKoIDs3u6PdOT6QRovEoWnUE%3D\"}]}\r\ncf-ray: 9ddb0466ef53a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5402,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"cd733a315b8211d98f006e6ea0803f4b","sha1":"7d171c38df62cfdaa0c6ec35f8c37aa183c52b54","sha256":"ce16892d1608a82787b41a5402c081485e9af89ecfcc525a850bdf13ddce6b70","sha512":"62bbfe897924bc8210b9315fa36ac169730f98a2c338aa31189fcd0f4507afa68bbb5b1e5c4527fa645c8571583883b6eea0ac8938c312df64ea8edc72d6e44d","ssdeep":"96:MhuQ5xSlknmWIH2IsIKiHhHDH5E1opW+HriIjVPfog+AAaFh6iGVDRTyeJZ7:MEQvSlknJIKiBjHpnHriIjpTRFgiGxlD","tlshash":"23b13b84fe22de426519ea56a6f9ef035b3f52c99a81c481fcc59c57842007ed06cec7","first_seen":"2025-05-26T10:03:00.759493Z","last_seen":"2026-06-18T22:26:44.843748Z","times_seen":1937,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/impr.gif?sid=H4sIAAAAAAAC_1RTP4zcxBu173f6FVAgCJDWRQpA7N7M2PPHSRfxp4EEkaAUiGL-bobz2o7H3t1slRBEQXUldL5vL7kmQqFBokFojw4Jia3YItdQUyCkIESD7rLSwRTf9715o9F7ozef7XfH0RA6uX7v3Wrui0Lu0CFKXrnhS1NNQ3LleoLREF1KbviSZZeS2UlpJhdxmg3Rq8nbVu9WOwRhhDDCyVu-sa6a7Zyy4OuHOR7maJiRIaYZzJr_4tDFEGQMZnIcvQDerJ771X0IXi-hHD96w4bdtqpff3PcFbKtGpiYww_K3bKaljA-G10TgysPN6ehCqso-mILqvJw4wCqycGJA1B-FW29_BhUebiRCWpy_6lSVYAtQZlnYTpZgi2OwMsl6OoeePNzBKANXLkK5fjBlaqZyttPWXnCrqLtJ3-An66i7ccvQjn-6nLhZ8m1quhaX5UBZq4HP1uCHy2h7o6gncfgp0eg20_Am5-inSfvQDk-uBqKCrxZXzBccqu4HTiaqkGWMTyQUpIBMkxTSWiqWX76RN4tQYYt6EIMnY-hczF0dQxjs04yJDKNZcpcbjRHmcwyYxXKBUFI5ppDp--CN3ugmztQN3dg1-9BuLn-hjPkFNJGIc64wdJRmnJOqONYslRLxaVmzGjGEUUWWStykaVEW0QZSoWkQiGiGcKWI02FyFNlJKXaUm64zqRCVnAnsMsVJZJzLQ3Kc8VywlMhFDHGaWWc0ShPOXVYYUKI1ZqkSrDMIsuQRhZlmcyd45qlKGMkhWBiCG0EE9PfN0UgoX9gitApvOlk09N-UbWjfXm_ake2jEA2e9CY_sDXt8I90O3_FnMXzKI6KVK1_UIq0y-8abegubW-gHCunSJ84KhjA54xMxDWiQExwmUolSy1Zr8-jp4_zcVfFw9h164TZZQjCGPmtDBUK42JFQxTgVKqc2og-B582AIZYpj7VXT-Twy1X0Xbf_8GSh5BKI5A-5dAdudBThecCJA3IUcwLx8GObEjObbDuqnAVD3U7Ta0t-P94jg6t3j_-uXvT7V89MseWP1jtFmgmx7qpoeP_Q8RjIq7X1-tWz_2c3kS2mutbO3_QfpV9Mzvn4P2q-jcd1-e_h_62iPQ9R0I9dldoYpA1REUPoLCnu1L1UP4F1Zn8374FEZNDKqIF6poogNVNMUeBL9OXGqJRkhwhlPhLE4zox0VWW6YRGlqoQ0r_22y_CcAAP__ajv8ybgEAAA=","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:01:03 GMT","end":"Thu, 28 May 2026 00:01:02 GMT"},"fingerprint":{"sha1":"F1:AF:5D:36:35:F4:F3:93:55:9A:8D:70:8F:C7:F5:6B:E2:26:FB:8E","sha256":"D3:58:1D:7D:AD:70:61:0C:FF:96:A1:79:6D:1D:A0:CF:58:59:D3:71:56:63:92:64:9D:FF:B5:46:E7:65:17:11"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTP4zcxBu173f6FVAgCJDWRQpA7N7M2PPHSRfxp4EEkaAUiGL-bobz2o7H3t1slRBEQXUldL5vL7kmQqFBokFojw4Jia3YItdQUyCkIESD7rLSwRTf9715o9F7ozef7XfH0RA6uX7v3Wrui0Lu0CFKXrnhS1NNQ3LleoLREF1KbviSZZeS2UlpJhdxmg3Rq8nbVu9WOwRhhDDCyVu-sa6a7Zyy4OuHOR7maJiRIaYZzJr_4tDFEGQMZnIcvQDerJ771X0IXi-hHD96w4bdtqpff3PcFbKtGpiYww_K3bKaljA-G10TgysPN6ehCqso-mILqvJw4wCqycGJA1B-FW29_BhUebiRCWpy_6lSVYAtQZlnYTpZgi2OwMsl6OoeePNzBKANXLkK5fjBlaqZyttPWXnCrqLtJ3-An66i7ccvQjn-6nLhZ8m1quhaX5UBZq4HP1uCHy2h7o6gncfgp0eg20_Am5-inSfvQDk-uBqKCrxZXzBccqu4HTiaqkGWMTyQUpIBMkxTSWiqWX76RN4tQYYt6EIMnY-hczF0dQxjs04yJDKNZcpcbjRHmcwyYxXKBUFI5ppDp--CN3ugmztQN3dg1-9BuLn-hjPkFNJGIc64wdJRmnJOqONYslRLxaVmzGjGEUUWWStykaVEW0QZSoWkQiGiGcKWI02FyFNlJKXaUm64zqRCVnAnsMsVJZJzLQ3Kc8VywlMhFDHGaWWc0ShPOXVYYUKI1ZqkSrDMIsuQRhZlmcyd45qlKGMkhWBiCG0EE9PfN0UgoX9gitApvOlk09N-UbWjfXm_ake2jEA2e9CY_sDXt8I90O3_FnMXzKI6KVK1_UIq0y-8abegubW-gHCunSJ84KhjA54xMxDWiQExwmUolSy1Zr8-jp4_zcVfFw9h164TZZQjCGPmtDBUK42JFQxTgVKqc2og-B582AIZYpj7VXT-Twy1X0Xbf_8GSh5BKI5A-5dAdudBThecCJA3IUcwLx8GObEjObbDuqnAVD3U7Ta0t-P94jg6t3j_-uXvT7V89MseWP1jtFmgmx7qpoeP_Q8RjIq7X1-tWz_2c3kS2mutbO3_QfpV9Mzvn4P2q-jcd1-e_h_62iPQ9R0I9dldoYpA1REUPoLCnu1L1UP4F1Zn8374FEZNDKqIF6poogNVNMUeBL9OXGqJRkhwhlPhLE4zox0VWW6YRGlqoQ0r_22y_CcAAP__ajv8ybgEAAA= HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMzMjI3OCwiayI6ImNjN2MxMjgxMzM0NmRjOWNjOTc5YTBkZWFkOWMzZDA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJmcmptNmV5ZGgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zYXZlZ2FtZS5wcm8vcGMtZ2hvc3R3aXJlLXRva3lvLXNhdmVnYW1lLyIsInR6IjoxLCJpZHQiOjIsImFyIjpbXX19.trmVf2wVquG7z9HkvB07B4rapFcYw6sKzXrYVbH2up0; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl16333479=1; pdhtkv5=true; uncs5=1; u_pl16332278=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 56ede12c39376c51f41bd093d377b4a0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbs?c=1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-6QKNB8FJE0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"GET /gtag/js?id=G-6QKNB8FJE0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nexpires: Tue, 17 Mar 2026 09:37:04 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 142790\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":416240,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"a3198dd14ca64139a07c7eee9363154d","sha1":"d154131daff027e34a90579806be6e5d0077609e","sha256":"9bca32c4663498994185816b32f49bb49af732370c18abf9bf192b6ea4a46073","sha512":"f40faf4201e4cb4cb00710df685dae05411e6d7390e86e84e584b0f5e93b6a4a9c4fa6cd22dc1ea371b3b4f098e67225c111d51c50811409e290dac419744b5b","ssdeep":"6144:QlFJ9o5t1wxrSvXtxUWRGY8N8GphXlzZbTXcz0VjZZs82:eO8xrSgcx8pE","tlshash":"9f9409cdb3da70229396f478503f018ba57b2992f44cc899f18ad8e42d7469a4237f7c","first_seen":"2026-03-17T09:37:34.113394Z","last_seen":"2026-03-17T09:37:34.113394Z","times_seen":1,"resource_available":true,"data":null}},"time_used":432,"timings":{"blocked":160,"dns":4,"connect":8,"send":0,"wait":33,"receive":29,"ssl":195},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"2063-65d8e5e6-4016bc6;br\"\r\nlast-modified: Fri, 23 Feb 2024 18:37:26 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 2729\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 1000\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rvpIJqsh9WCgJ%2BBDWAW%2FnTS1X39IezFxMpzUOpRf4OfcuYXMI8l0gTp%2FytQXZYyNjeBwPJ9H1Dk1WVpH7FGWhUfbEkJUfRsBnM4GTw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045389ed1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8291,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (8290)","md5":"b00219cb958052cb557115d55f0c8d48","sha1":"3c55bbf5a8082db61decff924aaf787f4337df86","sha256":"8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6","sha512":"8551b616ff3abb64a5a63e68f07c82d72bf89cff6602339f900e282d3d0f8e9781a6361da024f289105f971f4c56c6a3c4c9dd33627525462fac6319f6f0435f","ssdeep":"192:pDvu5/lEKbR9plcliHYecexZno2fa65gIe2vVYAtW1eiIvO1SF:pTw/u6ZjyOeOe4F","tlshash":"6e0221487d41742f2933f0f2515f12ca753b28426ced6954a6e1f5e82d7848d28a3fbd","first_seen":"2023-03-07T01:07:43Z","last_seen":"2026-06-19T00:30:40.961079Z","times_seen":5782,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 01:24:35 GMT","end":"Thu, 28 May 2026 01:24:34 GMT"},"fingerprint":{"sha1":"66:45:2B:BB:A2:6D:D3:A2:B6:16:36:65:94:BA:4A:C6:5E:05:66:09","sha256":"A4:2E:A7:56:DB:44:FF:55:9A:FA:4D:EC:2A:78:CB:C5:02:CD:CF:B2:FB:A7:A7:75:77:EC:01:DB:19:71:C0:77"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 496692bacb9e6454ae9a53b904fc64ea\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-19T01:58:21.865475Z","times_seen":19107,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":60,"dns":1,"connect":17,"send":0,"wait":25,"receive":18,"ssl":39},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.769915723206.js?key=cc7c12813346dc9cc979a0dead9c3d06\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\u0026shu=9c42038978b3f67c216c49db1c72ea9197a9ccecbd5b07ead5f660acbebddb5c56fc2c1c57244389e1aceac63a3a95edcd8d6d31be85211cce95391a010a0e64a5a4b43caf0c4371723fe100f0ea486c24c5a922101bfb519f639d\u0026pst=1773740286\u0026rmtc=t\u0026st1=c6ca371ccfead8e1f80f3a96f2de8086\u0026ps1=1773740226","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.426Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:01:03 GMT","end":"Thu, 28 May 2026 00:01:02 GMT"},"fingerprint":{"sha1":"F1:AF:5D:36:35:F4:F3:93:55:9A:8D:70:8F:C7:F5:6B:E2:26:FB:8E","sha256":"D3:58:1D:7D:AD:70:61:0C:FF:96:A1:79:6D:1D:A0:CF:58:59:D3:71:56:63:92:64:9D:FF:B5:46:E7:65:17:11"}}},"request":{"raw":"GET /watch.769915723206.js?key=cc7c12813346dc9cc979a0dead9c3d06\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\u0026shu=9c42038978b3f67c216c49db1c72ea9197a9ccecbd5b07ead5f660acbebddb5c56fc2c1c57244389e1aceac63a3a95edcd8d6d31be85211cce95391a010a0e64a5a4b43caf0c4371723fe100f0ea486c24c5a922101bfb519f639d\u0026pst=1773740286\u0026rmtc=t\u0026st1=c6ca371ccfead8e1f80f3a96f2de8086\u0026ps1=1773740226 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nReferer: https://savegame.pro/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMzMjI3OCwiayI6ImNjN2MxMjgxMzM0NmRjOWNjOTc5YTBkZWFkOWMzZDA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJmcmptNmV5ZGgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zYXZlZ2FtZS5wcm8vcGMtZ2hvc3R3aXJlLXRva3lvLXNhdmVnYW1lLyIsInR6IjoxLCJpZHQiOjIsImFyIjpbXX19.trmVf2wVquG7z9HkvB07B4rapFcYw6sKzXrYVbH2up0; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl16333479=1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 3155\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; expires=Tue, 24 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\npdhtkv5=true; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nuncs5=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nu_pl16332278=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 18\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4a821fec0d9bbd04392aa9774a1e7bec\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4408,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3532)","md5":"c38b65ee880306a678c148130830cc75","sha1":"71112ff0ae8285e5b3af95b88c63217a77bd2da0","sha256":"60fea2aff409d03d47c72e4afcb4ba6dd20864a62598fc58b50c34e0fb00525f","sha512":"8498c38e2ea5dd45e2a66436e5ddbbf9e7340af75e61862dbeb691f69ba5489a0bd19629d9128915cea46c658471d3e0371fcb0a77283a86175eb9e0a446ad79","ssdeep":"96:Hoz+PTXkoHWRk/PzV0n7Gt24lCIL1ZDICfMEDaH:IzackDWn7Gt24lBpVICkCaH","tlshash":"49914cb4ac8a6afc2a57349f267a63263c50800b8745d98afadccb142f107d40df5dd9","first_seen":"2026-03-17T09:37:34.120695Z","last_seen":"2026-03-17T09:37:34.120695Z","times_seen":1,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":115,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/system/3/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/system/3/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:08 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 11:21:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fJCGeC9YCetbniG7S3z61vVlQM%2Fs7lKQ17mXWVzNqcv9ai3qBJ%2BQNsBOUrrlBhH8WGLhH424Q6VEjhpPCFpAGAUGnkbZ7F%2BpBRXIdKLN4eo%3D\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"68b9762a-4fa3\"\r\ncontent-encoding: br\r\ncf-ray: 9ddb0467b8f2a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20387,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"9727c1dafccb8ddb5af06dbb8d35f844","sha1":"010e6719931909a44d57cfc66560b5779835c431","sha256":"ffb7ecc1eb94eebbb65dd93be20437ca67025db4391053a76e106ebd0ba0cc19","sha512":"179460d7bdec463ec6231e7cad6e1cf666c5283750d620304b4d0ae45fd6fe89d492cb8f0c497c2f6f5297fe5b611d28302f018b0c20d94228ddbaada1714d08","ssdeep":"384:KmmjyCyiKifCKtJQpYlRLCpZmGO0bvLCdIatfNYCC0AZ:HczfCKtJQi7c+U0AZ","tlshash":"57926244583adc64c489602d327e6a72b32829778e2abbd87f5e02145f9d87f353163f","first_seen":"2025-12-04T10:18:23.779445Z","last_seen":"2026-06-18T11:00:50.108088Z","times_seen":311,"resource_available":false,"data":null}},"time_used":603,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":603,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/css/content.min.css?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/css/content.min.css?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 12 Mar 2026 17:23:12 GMT\r\netag: \"863a-69a9bbc9-9008a86;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 5758\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 403646\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DYdvGxy5W4EMCN6trvTO%2F%2BV1RoGihE1yV48Gn5KTJWm3iP25C4%2F0OZ2TEFlphtna2zPrBHkoLopJmSYOlM%2BX1h%2BF3hl2uhnfZ8QOiQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045339b91806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":34362,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (34362), with no line terminators","md5":"f977bc8825622085aa16456915227f4c","sha1":"e1fb39c7a7bb33a8376af58b50bf769a4ccd421b","sha256":"c229104ed2bc8870130b0b0c5c5f0fd1a6e8b4e0366b508851bc22b54ebdd6b9","sha512":"e08cf211fe6d974fdecee488e24461847f8442bdcb1301d046a1d700bac5ffd92d9bb38f7f3edb18dd91cc11ca6189172e4be21caa7ff0af5ad344d2577d3b10","ssdeep":"768:NVIzqXltEcMLz8nBl957mwZLPFwG7ZDgyAid/oYTel0Yjdi:NGq1Isjd/oYTeyYjdi","tlshash":"b1f2b6e422b25ba4debf833ec588345c9800d617c65b67eaa8d5d21449dc7c60ee1f2f","first_seen":"2025-08-29T19:53:05.869134Z","last_seen":"2026-06-19T00:44:38.569997Z","times_seen":6270,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.147934760360.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=32c9efec-9ac2-4392-b63a-d8dc517f6796%3A1%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:35:17 GMT","end":"Thu, 28 May 2026 00:35:16 GMT"},"fingerprint":{"sha1":"17:4A:E8:7A:8D:4C:22:69:70:30:C3:3D:6A:72:7A:68:E9:D2:3C:83","sha256":"0D:06:FA:1C:4D:9B:7A:47:4C:58:29:3B:40:85:C2:D1:F6:2B:AE:C5:66:2E:53:32:27:48:B1:F2:5C:2C:A7:A1"}}},"request":{"raw":"GET /watch.147934760360.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=32c9efec-9ac2-4392-b63a-d8dc517f6796%3A1%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nlocation: https://wayfarerorthodox.com/watch.147934760360.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=32c9efec-9ac2-4392-b63a-d8dc517f6796%3A1%3A1\u0026shu=139d7c48d5358a4305f5b256bd3bd8d700b5503c441397b5d76bfe9e10b5a216543d09d6918527b5f0ef573b59aa0d7f4a8eda38a76ae88a0cb5ae60a370bfcff405cd60a8d2cb2f407bf1f9f2f3d4d45867fdf61e05f04f7c7f40\u0026pst=1773740286\u0026rmtc=t\u0026st1=9c8f218c6f68d49c1c24bd3cf5ffc43e\u0026ps1=1773740226\r\nset-cookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; expires=Tue, 24 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMzMzQ3OSwiayI6ImJkYmYyMDExNmZjOGQ1Y2JjMTJlODYxNTgwMzVjOTVkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoia3VmNmk1bWEiLCJjcGtzIjp7IjI5IjoiNGE3ZTg1MDVjYjk1ZWQyNGRlYTE4NmNmMWI1MmFkYjYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.jHlE25U0Sq3_7Y5k7Kfxy1Li-GjFy896lJMZAeNOW6s; expires=Tue, 17 Mar 2026 09:38:06 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0a3c0febd9f9574eed6e2d55b69e6e40\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4302,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":665,"timings":{"blocked":284,"dns":1,"connect":92,"send":0,"wait":96,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wowrapidly.com/eb69975d43180b17057798a48b392b00/invoke.js","fqdn":"wowrapidly.com","domain":"wowrapidly.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wowrapidly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 01:08:36 GMT","end":"Sun, 19 Apr 2026 01:08:35 GMT"},"fingerprint":{"sha1":"72:CB:7F:94:29:E1:C7:63:05:03:A9:0C:B9:94:26:06:36:53:84:54","sha256":"3F:E9:3B:EA:70:B2:3E:4B:47:EC:50:C8:84:DB:A7:32:45:3A:AF:B4:FD:B5:DB:FF:9A:3F:B8:07:47:36:F4:AB"}}},"request":{"raw":"GET /eb69975d43180b17057798a48b392b00/invoke.js HTTP/1.1\r\nHost: wowrapidly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 20317\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: wowrapidly.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3738c8cf616bbb72465b754b87892f30\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50569,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50569), with no line terminators","md5":"caeb8ee07330751581ec7036dae78d2b","sha1":"de1361aaef6acb7e7b4bff8f3a982a6c7acc1ed5","sha256":"007b7d6f430239d5875c39ae002d75174b6e1f3c3c01a65dbd4a12803a348069","sha512":"635fd8ddd8d008ea3e848191f8702981d9716972d74ec85e27de15779120195480465a6b0ba761c834711bee50cf9ed6afbb9a4cff2b4692df0242b614e57834","ssdeep":"768:d5iG1tdXFeQ0R8ODdBxVdx846oPEriX2dusSBctajNJ0CkUFBaGkVlfjAmOg+Gcn:3lPXODNDI5mn+ZfjeGI8v3BfDWL1iI","tlshash":"c433a7dc3fc4f35c02ba2176236fa44ef5aa6e10658df5d8d117a0e82e6470ae83b754","first_seen":"2026-03-17T09:37:34.125472Z","last_seen":"2026-03-17T09:37:34.125472Z","times_seen":1,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/css/header.min.css?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.544Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/css/header.min.css?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 12 Mar 2026 17:23:12 GMT\r\netag: \"62c9-69a9bbc9-9008a8e;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 4209\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 403647\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a6Wh%2F05trCndvtH17SypgPdiLRKxH6ovO32Rlh9qQXZQdQMYT5Xrcn14MU9Y7cLb%2BIMmEazj6shw9B1TELH%2F%2Fyu%2FQBZJbf6CP1iFKA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045339b81806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":25289,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (25289), with no line terminators","md5":"9912047b8887ba38bc5ba9c650a52412","sha1":"743f3f0d15f7a6982ce08191f4bbcd21d1a47d53","sha256":"923c417d8f206d7741ee3b8a6e648a9765e1cb0b18fd56acb75b9f720aaff272","sha512":"48f3979ff265680284962890805b58b90fccf8601dbd14639ec2a759a134b404337284b2f6aab167ef142ec2a57bbbea750b6e4614e2ede2f97828a1c012ecb7","ssdeep":"384:7EAOqVVXjxqaZtHjS1L2WWfpFgdF/11bXZfPP4rXxPkXcC/lWh0W6aS:m11Wfwp1dfHWh05","tlshash":"fab2a691d59038340073433be3da6a952d3899c5d6a31b5bb1e7d32f4aca98493a3f7c","first_seen":"2025-08-29T19:53:05.877445Z","last_seen":"2026-06-19T00:44:38.571515Z","times_seen":6155,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-6QKNB8FJE0\u0026cid=2071307227.1773740225\u0026gtm=45je63d1v9119068260za200zd9119068260\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~115616986~115938465~115938468~116024733~117484252\u0026z=1957336613","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.251.143.131","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:39:43 GMT","end":"Mon, 27 Apr 2026 08:39:42 GMT"},"fingerprint":{"sha1":"ED:13:E6:A9:AC:5E:48:95:A0:23:B1:F4:76:2F:A3:6E:95:4E:B7:09","sha256":"21:68:42:FB:56:73:F8:86:34:2A:C7:2A:2C:BB:10:DE:09:9B:FB:20:DB:72:B9:F6:10:76:71:B5:06:27:89:FC"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-6QKNB8FJE0\u0026cid=2071307227.1773740225\u0026gtm=45je63d1v9119068260za200zd9119068260\u0026aip=1\u0026dma=1\u0026dma_cps=a\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~115616986~115938465~115938468~116024733~117484252\u0026z=1957336613 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-06-19T02:17:45.265736Z","times_seen":954327,"resource_available":true,"data":null}},"time_used":367,"timings":{"blocked":162,"dns":2,"connect":23,"send":0,"wait":36,"receive":0,"ssl":140},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fsystem%2F3%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=602","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.080Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fsystem%2F3%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=602 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":167,"timings":{"blocked":73,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fandroid_bigsystem%2F2%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=579","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.067Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fandroid_bigsystem%2F2%2Fcss%2Fanimate.css\u0026l=78693\u0026fd=579 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":79,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open%20Sans\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css?family=Open%20Sans\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 17 Mar 2026 09:37:04 GMT\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6193,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"7e0a00a3f6ab7ec04a66dfa361b7e9cc","sha1":"99de190ea3c393de80111d132e58abc20f988664","sha256":"64c18f81af81ab6b2ebc8598ed900f7023e0e8788bedd348ab41a92d76f80655","sha512":"6ed19e94e0438c18bf2c2ced27f712d94ecc74391b5239d12e2f300bee21cd9879377577e3cb86f385fafb469e93351e671af17d8bfd3e2231c0202909406a90","ssdeep":"96:ZOEba9JOEbaWDFZ8OEbajkOEbaFYOEbahOEbaNy+aZjzBrWOEbazubqGIFuV4UOM:a9KkjzFXCNqJCbqGIwV4jRlYx","tlshash":"9bd11f9000175050ab471ce627cebf34ee1fa2616040d07aabfd478aeddbda5637931d","first_seen":"2025-09-17T04:21:06.438819Z","last_seen":"2026-06-18T23:46:50.714878Z","times_seen":11361,"resource_available":false,"data":null}},"time_used":444,"timings":{"blocked":203,"dns":1,"connect":7,"send":0,"wait":20,"receive":0,"ssl":210},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RSO2wcVRR9Y7tDCEESqJCmSAESu37z2Z2dpIgU8WnABhKUAoT0frN58ey88byZ3c1WDkHUhgLxacZn7biJEEg06dAuBZIlpEy3RdxQUyGFggK09koRp7j3Pp1XnHvO_eKgOiVtVGzx_ntmotOUbXba1H3tls6kGVl366br0Ta96t7SWTe86o6XpRhe8YKwTV9331Fix2z61KPUo577ti5UYsabZyx0_jD22jFth37b64QYF_9_28qBZQ7k8JS8BC2bF_5IPoYWM2SDH99Udqc0-RtvDaqUlabAUB5_lO1kZpRh8GxMCgdJdrz6DWMbQr5Zg8mOVxvADA-XG4Drhqy9_AQ8O17JBB8enSvlKVQGLp_DaDiDSmfQbAZh7kPLxwQQElvbyAYPtkwxYnfPWbZkG7Lx9C_oUUM2nlxENvjheqrH7g2TVqU2mcU4qaHHM-j-DHk1RzlxoEdziPIzaPk72Xz6LrLB4bZNDbRcXJYRixSPVCvpBLwVhl2vxRjzW1R2RYf5nUB04zOLdDIDs2uorINKO6gSB1XuYCAXbkh7ofBY0E1iKSIasjCUitO451PKYhGhEveg5T5EsYe82MOO3oe9XcPKddiyIc4HexjK-kim1rf1A5nainur7q96UE9N2T9gR6bsq4yAFfsoZH2o8117H6Jcn04SK6dmWRgv6ynjsp5qWa6h2F1cpl4sEu5HrSRWrBXRMGpxQWnL79AujaIw9nl4kJ-SF5cmO197n2BHLdyQRarXoR3B446SfigV83pdkXi84zPJu7C6hrZrYNbBRDfklb895LohG__8Cc7msOkcQl8Cq14FG9Vgt2tMsoeWDVWfDVQ7LwykqZGXGyjvOgfpKbkw_fDm9V_Osha7_0KJk2vz4AwQRY28qHFH_0rQT-_9tJ2XeqAnbBn-jZKVah1MP17_CkI35NKnp2dX2Pv5eYh8DzY_ufbo2yW-gzUEPHeQ6oYEF39Dqk6ufX_hzhVCCBivYdUJWQH82XxgP0e_cMBTZ8rTwjnkaZF-eS7U6oWbBMoXlPairhf0EuUFoRRJpxfGsstoECiUttGP3Pl_AQAA__8-X6NSBwQAAA==","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSO2wcVRR9Y7tDCEESqJCmSAESu37z2Z2dpIgU8WnABhKUAoT0frN58ey88byZ3c1WDkHUhgLxacZn7biJEEg06dAuBZIlpEy3RdxQUyGFggK09koRp7j3Pp1XnHvO_eKgOiVtVGzx_ntmotOUbXba1H3tls6kGVl366br0Ta96t7SWTe86o6XpRhe8YKwTV9331Fix2z61KPUo577ti5UYsabZyx0_jD22jFth37b64QYF_9_28qBZQ7k8JS8BC2bF_5IPoYWM2SDH99Udqc0-RtvDaqUlabAUB5_lO1kZpRh8GxMCgdJdrz6DWMbQr5Zg8mOVxvADA-XG4Drhqy9_AQ8O17JBB8enSvlKVQGLp_DaDiDSmfQbAZh7kPLxwQQElvbyAYPtkwxYnfPWbZkG7Lx9C_oUUM2nlxENvjheqrH7g2TVqU2mcU4qaHHM-j-DHk1RzlxoEdziPIzaPk72Xz6LrLB4bZNDbRcXJYRixSPVCvpBLwVhl2vxRjzW1R2RYf5nUB04zOLdDIDs2uorINKO6gSB1XuYCAXbkh7ofBY0E1iKSIasjCUitO451PKYhGhEveg5T5EsYe82MOO3oe9XcPKddiyIc4HexjK-kim1rf1A5nainur7q96UE9N2T9gR6bsq4yAFfsoZH2o8117H6Jcn04SK6dmWRgv6ynjsp5qWa6h2F1cpl4sEu5HrSRWrBXRMGpxQWnL79AujaIw9nl4kJ-SF5cmO197n2BHLdyQRarXoR3B446SfigV83pdkXi84zPJu7C6hrZrYNbBRDfklb895LohG__8Cc7msOkcQl8Cq14FG9Vgt2tMsoeWDVWfDVQ7LwykqZGXGyjvOgfpKbkw_fDm9V_Osha7_0KJk2vz4AwQRY28qHFH_0rQT-_9tJ2XeqAnbBn-jZKVah1MP17_CkI35NKnp2dX2Pv5eYh8DzY_ufbo2yW-gzUEPHeQ6oYEF39Dqk6ufX_hzhVCCBivYdUJWQH82XxgP0e_cMBTZ8rTwjnkaZF-eS7U6oWbBMoXlPairhf0EuUFoRRJpxfGsstoECiUttGP3Pl_AQAA__8-X6NSBwQAAA== HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_a+474d9791df5e132836fd529cf077a982=914; expires=Fri, 10 Apr 2026 09:37:08 GMT; path=/; secure; SameSite=None\niprc_a:914=1; expires=Fri, 10 Apr 2026 09:37:08 GMT; path=/; secure; SameSite=None\niprc_l+01044f350b6e12759a4673bf5b48e385=6517247; expires=Wed, 18 Mar 2026 09:37:08 GMT; path=/; secure; SameSite=None\niprc_l:6517247=1; expires=Wed, 18 Mar 2026 09:37:08 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ce107acbd2f3d89d88bf31ad49ab21a2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.513Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 19:50:51 GMT\r\nexpires: Tue, 16 Mar 2027 19:50:51 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nage: 49577\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-19T02:15:57.575743Z","times_seen":193331,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 19:50:51 GMT\r\nexpires: Tue, 16 Mar 2027 19:50:51 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nage: 49577\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-19T02:15:57.575743Z","times_seen":193331,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/pc-ghostwire-tokyo-savegame/","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-17T09:37:04.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /pc-ghostwire-tokyo-savegame/ HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlast-modified: Tue, 17 Mar 2026 09:31:18 GMT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wcXDNys%2Bucr4uS2Y0igJ6ArtK6jV29Gg4f4HyyVWF3e0PcX8DgXhULvTTWgcpoScsbfaS3IisRnfxIR2F2CbBZt5%2BGD5hphiPpGgaQ%3D%3D\"}]}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ddb04516bb449cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Kadence WP Kadence:1.4.5","description":"Kadence WP Kadence is a multipurpose WordPress theme that is available for free download and also offers a pro version.","website":"https://www.kadencewp.com/kadence-theme","common_platform_enumeration":"","icon":"Kadence WP.svg","categories":["WordPress themes"]},{"name":"WP Rocket","description":"WP Rocket is a caching and performance optimisation plugin to improve the loading speed of WordPress websites.","website":"https://wp-rocket.me","common_platform_enumeration":"","icon":"WP Rocket.png","categories":["Caching","WordPress plugins"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Yoast SEO:27.1.1","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":156309,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14024), with CRLF, LF line terminators","md5":"6fff726b7a5f98a0f17e169b27be15ff","sha1":"2212f1a0e4f8282f739bcc24f9f15dbde01e4d2b","sha256":"291589d683be3c7a46e4095acc745eb5bfbdb3ad9e063b4ec3c6e4e897029752","sha512":"43e8bff0f580cba64c8e97dbadadbb9ddc872c98565ee1673658093ed074991623db5de06afd6f29cf147f50e4d72cb9288c2494e5ce92fccf7f073ee1b0da3b","ssdeep":"3072:VAKn40q/nSazIzKzxz83BTNHG+Wgxs/FMXg3SZbGoZtvJAEv5adM:VF/azIzKzxzgTCKgEKdM","tlshash":"61e308b191580837453783d9e165b74eb06f9a33cb070ad1f2ff9a681be5fd0682361a","first_seen":"2026-03-17T09:37:34.128709Z","last_seen":"2026-03-17T09:37:34.128709Z","times_seen":1,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":62,"dns":30,"connect":8,"send":0,"wait":86,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js?ver=7.6.47","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/wpdiscuz/assets/js/wpdiscuz-combo.min.js?ver=7.6.47 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"4cdb4-69b24da8-9010a90;br\"\r\nlast-modified: Thu, 12 Mar 2026 05:22:48 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 65219\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 1000\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7Q9WefFUIlHrHav9hRxyKB9Zmq7O4tSsebMwwkuZ81gdpCIdJtqdcVvvoi4vy9DhtJR7g5hvkf3zOQHWXdTF%2F6lezVdjRfN4DkerLQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045389ea1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":314804,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (62916), with CRLF line terminators","md5":"8ab0e184e793b688a6fba75f18983b88","sha1":"d708736c1e3502aee263daead1eb5d9abea3cc44","sha256":"d673902cc5ea9a6a867ee22e9893b0bab6f64dc03c95f07f493cdc1e18dbe426","sha512":"84614972746d770ff0dfd0cf390bb8fe9613d0bb91e2136ee58aee6352ac4b0742d21ffbaccab0843a3bafeba38769d8e8187eb1c0b12f51c5121038b15e7298","ssdeep":"3072:Tv/JOJWTVh9YxSd7Z5UzhKuT9loYu4cvMC701DvXLHaWAE/w:T/JT79Ygf5ST3oYu4cvMC701DPiE/w","tlshash":"3c64f7987291b4b212f761a5006f120bf3769d3de00a9498e6add8f05eb8d4e2177f3d","first_seen":"2026-02-10T04:26:51.826142Z","last_seen":"2026-06-17T13:01:24.790411Z","times_seen":81,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"63.182.194.222","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"statistics.it.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Fri, 19 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"FF:73:E7:93:27:CB:4F:C3:84:85:D5:0E:06:52:E6:94:2D:2B:A5:C6","sha256":"09:27:72:13:57:CD:B4:25:3A:BE:58:AD:CC:13:D2:7D:D4:D4:F6:12:80:69:D9:B9:38:71:43:36:A9:56:FE:70"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://savegame.pro\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; expires=Fri, 14 Mar 2036 09:37:05 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"d052a807b7bf26c15afdcd958a122dce","sha1":"9690b6255dfda3d1b9d8067d51efdef13d7d8e14","sha256":"35f1b165f016730fcf8490bd8d733bcf9c6f1bb8aea282d90b233435629a7343","sha512":"541f5676522ebcccb45ea289b519a0be10703c5e28dfd6fef7c6249851439af3c4a47b0d6b20aad4bdbef896c9dcda4fc565302a9a8339d8e780b257efcc4eae","ssdeep":"","tlshash":"0a900440010c555c544c7c7c510144c30dc0410c741771d4ff45c11470f3045f73d05f","first_seen":"2026-03-17T09:37:34.13018Z","last_seen":"2026-03-17T09:37:34.13018Z","times_seen":1,"resource_available":false,"data":null}},"time_used":329,"timings":{"blocked":153,"dns":36,"connect":21,"send":0,"wait":22,"receive":0,"ssl":93},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.147934760360.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=32c9efec-9ac2-4392-b63a-d8dc517f6796%3A1%3A1\u0026shu=139d7c48d5358a4305f5b256bd3bd8d700b5503c441397b5d76bfe9e10b5a216543d09d6918527b5f0ef573b59aa0d7f4a8eda38a76ae88a0cb5ae60a370bfcff405cd60a8d2cb2f407bf1f9f2f3d4d45867fdf61e05f04f7c7f40\u0026pst=1773740286\u0026rmtc=t\u0026st1=9c8f218c6f68d49c1c24bd3cf5ffc43e\u0026ps1=1773740226","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:35:17 GMT","end":"Thu, 28 May 2026 00:35:16 GMT"},"fingerprint":{"sha1":"17:4A:E8:7A:8D:4C:22:69:70:30:C3:3D:6A:72:7A:68:E9:D2:3C:83","sha256":"0D:06:FA:1C:4D:9B:7A:47:4C:58:29:3B:40:85:C2:D1:F6:2B:AE:C5:66:2E:53:32:27:48:B1:F2:5C:2C:A7:A1"}}},"request":{"raw":"GET /watch.147934760360.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=32c9efec-9ac2-4392-b63a-d8dc517f6796%3A1%3A1\u0026shu=139d7c48d5358a4305f5b256bd3bd8d700b5503c441397b5d76bfe9e10b5a216543d09d6918527b5f0ef573b59aa0d7f4a8eda38a76ae88a0cb5ae60a370bfcff405cd60a8d2cb2f407bf1f9f2f3d4d45867fdf61e05f04f7c7f40\u0026pst=1773740286\u0026rmtc=t\u0026st1=9c8f218c6f68d49c1c24bd3cf5ffc43e\u0026ps1=1773740226 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nReferer: https://savegame.pro/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMyOTA1OCwiayI6ImViNjk5NzVkNDMxODBiMTcwNTc3OThhNDhiMzkyYjAwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoiYjF1NHRzdHAiLCJjcGtzIjp7IjI4IjoiMTU0NjRjZTUxOTQ2MjY3YmUyZGYxYzM3OTZlOGViOGEifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.8kD4fJQoVZ_9ltftzrHneh1EM5Yi-D3H1z5plQXL4f8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 2966\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; expires=Tue, 24 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nu_pl16333479=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 9\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 68c3599757ba919e28e2ba414f7c7fc4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4302,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3426)","md5":"55e077086c6bfa4aecea4e4b1c7cd13a","sha1":"136af9c4919b3baea9c125f0214a08d1556458b7","sha256":"6f30db1c062e9023565e2bcf60d57ca858a17461a2b41d5b9f5371cec2d9319a","sha512":"9a19484f5e249bc7d8de44acf6b6752c9c0c180a247a064cc2addac5ce6919378971c51b96513bdea8ec93f6c907bf8ae36531db2f2b988951b87e6e46d327eb","ssdeep":"96:voz0jMAqwmHRV8ldU9Fk/s/0FNJaTjFNSMw1ZDaQACfMEDaH:wzBNsu9FkEyNYFNSMoVaQACkCaH","tlshash":"f8914abe6ee1121e546b22ee28676a5db930620b1b41d9c0fd1cd745fb10e3a0c78e8c","first_seen":"2026-03-17T09:37:34.132977Z","last_seen":"2026-03-17T09:37:34.132977Z","times_seen":1,"resource_available":false,"data":null}},"time_used":109,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":108,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/uploads/2021/07/cropped-savegamepro-icon-300x300.png","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/uploads/2021/07/cropped-savegamepro-icon-300x300.png HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nCookie: _ga_6QKNB8FJE0=GS2.1.s1773740225$o1$g0$t1773740225$j60$l0$h0; _ga=GA1.1.2071307227.1773740225; hu8935j4i9fq3hpuj9q39=true; s9ifs0idfjlwfie32dekl=0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1; cf_clearance=EzKVtnRFJQZ9rIx_gcOrFFyDc_8PClf5EUV9rYJaK2I-1773740226-1.2.1.1-HSXvVg9_myIOr_.ydZx9xpv8k6KEpWh1T5GIOT5h.QdDzSluIroclitLNS0DCMp4t7S5_GJCOCmq6YUfApTmnnaRKEwDgrFJ50EczXbKHE.SFYb3LYLSkuJwHjUXxkGURBIf53WsgE.R9n3rW2f_DWUhS5dk0OPk44CQeoDw6eZntNGniuFL6uKd_vy3qgadK5Xd71axDykBdtOEQv54xd0hjWuJn97L5fxLTzErl5Q\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 05 Feb 2026 19:41:47 GMT\r\netag: \"cff7-64f0e64c-1a81a8a;;;\"\r\nlast-modified: Thu, 31 Aug 2023 19:13:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 53239\r\naccept-ranges: bytes\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=6,i=?0\r\nage: 352981\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gg6w5dRAwZKqM9BwgGci%2Ba2IdPhPUYf%2FgaURulA%2FXtJcl2EsMX1lg%2FbIb7IS4L4qkcbX5IaaevI847RJHhCIJcu%2FZiPcbrlzcm21lQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045f1be81806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":53239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"7a4247bce8a45fd3bb17227e07c21a35","sha1":"504fac03dbd70d8524fdd005e9b397fe647e2fc9","sha256":"80cadce0e8dc364759ab3ca93004acf19b14d68e57e171d0f99dd6be97aa42b3","sha512":"83c90c26956957fcd4e65782da7a106d42ee41782180dfbf3fac83d5ea23cd3d3a4281dfcb868c0f484c49d5662988fda4ce1b7a0b79c0d87441481b7697cd2f","ssdeep":"1536:aQF5OkpXs3daVKxVPmCBBs0aTynr3+uD8C+LNOsg/mbeh:aOgkpXs3daVKzBW0aur35ACXh","tlshash":"3e3302b2b05ec6e44c9b10b390dee39b41091bda7a7e26fe8c12dc1b05a97bd4339705","first_seen":"2023-05-07T20:57:02Z","last_seen":"2026-06-06T01:08:44.49953Z","times_seen":53,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/css/dist/block-library/style.min.css?ver=6.9.4","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.527Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-includes/css/dist/block-library/style.min.css?ver=6.9.4 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Wed, 18 Mar 2026 17:50:12 GMT\r\netag: \"1d23e-69a9af04-100119e1;br\"\r\nlast-modified: Thu, 05 Mar 2026 16:27:48 GMT\r\ncontent-type: text/css\r\ncontent-length: 14520\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 9345\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dBKrRSzqkjeoGIA4PaKr2lhGU0Ss1Xfv2S5ucKihO7Lazt6PsuJl4MTzIx7i1ati2b6obBUOl102JTU2lcz%2FPYiYc4LI6VrQa%2B%2BX9Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045339b21806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119358,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55871)","md5":"b592e353685f2eabaf8f935e377a95a0","sha1":"30d4a0ff9561f9c96a0a29cce379dfbde9749a65","sha256":"3b44e208bba827e614cf1e36e639e3c7cfb849771fb17e99bb38e14022d30d16","sha512":"193686fe6c1766b540e311015484745ad2ceddb9ffc3f883ac3ae66f1d29e32bca94ba11d40f3d0f6689c306f7760ae167d8af73a22778aba93a772e076a9cd4","ssdeep":"3072:WoeJBCCUQg5MG7x+qehvP0xdclkWwbFpPu:CfUQg5MG7x+qehvP0xdclkWiF0","tlshash":"cfc3621417b4dcf935ffa73a5e4ee258a107aa41c68a67e6e066d190718ca490cf3f0f","first_seen":"2026-02-03T19:45:02.649878Z","last_seen":"2026-06-19T01:57:32.305179Z","times_seen":46707,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/advanced-ads/admin/assets/js/advertisement.js?ver=2.0.17","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/advanced-ads/admin/assets/js/advertisement.js?ver=2.0.17 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"27-69a9af52-e802c93;;;\"\r\nlast-modified: Thu, 05 Mar 2026 16:29:06 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 39\r\naccept-ranges: bytes\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 3133\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CZ1Sg6wBB9QQY6Q1tDHu4ue%2FffCtuoAVUYvl3RWwfS%2ByBa%2Fh6wWiaaksJFuXQHhKNzlMk2s2e19v8McbZcDS0vuMUe6rEh32qF8KTQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045389e71806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":39,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with no line terminators","md5":"b645b5402a5096f324a6b37d0a3259c0","sha1":"3741b4d49e4ab0034f34fdb9ce5afaf96f940b47","sha256":"2878e3b9f4818d49affee273031a409b8d24e264b58eb3f4d9b0d1195a6d2ff1","sha512":"a86a7ab81b7c02c027c34b17282d0a4150649a47534b73c86d6ea7d6109584a5f8594063227900d99d84e5b9f26b54a65654be2b75aa33b20c0a5f8700ee50fe","ssdeep":"","tlshash":"49900210815501d9b02041511d06e4e2e8904460c7423de28194400c500a540005005a","first_seen":"2024-05-04T21:47:36Z","last_seen":"2026-06-17T07:03:35.564938Z","times_seen":10230,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.769915723206.js?key=cc7c12813346dc9cc979a0dead9c3d06\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:01:03 GMT","end":"Thu, 28 May 2026 00:01:02 GMT"},"fingerprint":{"sha1":"F1:AF:5D:36:35:F4:F3:93:55:9A:8D:70:8F:C7:F5:6B:E2:26:FB:8E","sha256":"D3:58:1D:7D:AD:70:61:0C:FF:96:A1:79:6D:1D:A0:CF:58:59:D3:71:56:63:92:64:9D:FF:B5:46:E7:65:17:11"}}},"request":{"raw":"GET /watch.769915723206.js?key=cc7c12813346dc9cc979a0dead9c3d06\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nlocation: https://sourshaped.com/watch.769915723206.js?key=cc7c12813346dc9cc979a0dead9c3d06\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\u0026shu=9c42038978b3f67c216c49db1c72ea9197a9ccecbd5b07ead5f660acbebddb5c56fc2c1c57244389e1aceac63a3a95edcd8d6d31be85211cce95391a010a0e64a5a4b43caf0c4371723fe100f0ea486c24c5a922101bfb519f639d\u0026pst=1773740286\u0026rmtc=t\u0026st1=c6ca371ccfead8e1f80f3a96f2de8086\u0026ps1=1773740226\r\nset-cookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; expires=Tue, 24 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMzMjI3OCwiayI6ImNjN2MxMjgxMzM0NmRjOWNjOTc5YTBkZWFkOWMzZDA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJmcmptNmV5ZGgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zYXZlZ2FtZS5wcm8vcGMtZ2hvc3R3aXJlLXRva3lvLXNhdmVnYW1lLyIsInR6IjoxLCJpZHQiOjIsImFyIjpbXX19.trmVf2wVquG7z9HkvB07B4rapFcYw6sKzXrYVbH2up0; expires=Tue, 17 Mar 2026 09:38:06 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 2\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9aa71904134ddef123750a48779e3539\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4408,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":675,"timings":{"blocked":283,"dns":1,"connect":94,"send":0,"wait":101,"receive":0,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/cdn-cgi/challenge-platform/h/g/jsd/oneshot/ea2d291c0fdc/0.23986059221661848:1773736494:z1eKZKZjn1SeAmBZMV4HYgDvK_bEE7QzQCDXrClVsa8/9ddb04516bb449cd","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.375Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/g/jsd/oneshot/ea2d291c0fdc/0.23986059221661848:1773736494:z1eKZKZjn1SeAmBZMV4HYgDvK_bEE7QzQCDXrClVsa8/9ddb04516bb449cd HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12166\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nCookie: _ga_6QKNB8FJE0=GS2.1.s1773740225$o1$g0$t1773740225$j60$l0$h0; _ga=GA1.1.2071307227.1773740225; hu8935j4i9fq3hpuj9q39=true; s9ifs0idfjlwfie32dekl=0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12166,"data":"BgXb8qAJs9kddanmAmv9vPCDv0XvOvUbhFpbsavrbtmsTmZUInvCbBmqFZvwvYYvanZcvnSsPTv9msemiUyXAttU2Xv2ffUrpvOKY19vFPvXJptnd-UhvV7-j12FD0pv$R3bmXrJSqo$EgIvvHEKXaRZhvcKycm5gbKKVAvWMenw1W0LaqcmPqubvDRKDFzK39vsEojfnFuqhunzMETvsOlvAIvWX4lbkf2JSBXwiCKopkrwo5sjgAIvsDnvvISg3y$cdyyvA0G$5lBAXhvvEoFPksXvsVTBvVXfMqvagchMX3t9TqIvAfnavIUr2fRCdJI1elvArtsqlGV9vvmlRy1qRfeA$esDevkZfbA+1arvvqoWAwOWZorvUldj7c$CX30TeoTEhJz7ql0uR7O2qRmqfYkq2CJwb1MsvXXlsMN8RvX4EpdWW8WTUAYWECXW7wnGtnkBuvTUjrQv1Ur$vhAfCZfbb$qH28JbLm7qC8Wzqub8+ry14G1e$ML2J2MP$DOrDvafrvRU$84o04OgbvsdB5k8w$ufBoHerEQqfefMCfmvLAPclP$O$o6vL$CzY$Rj-PILcHHuG8Mm8Xyj8pvwlOrALHNKMRBH099cwuNacKa$yT4bsJBTmlsIUpojUhF9-XzENd50s0ZU0aTkmgMDrwQItfIb+itbmtmV7K0YnG1k6TgEzRWheo0E+GuXkpA4va2RImnV3Os6vHHSGgKfMpEbbNgj5AmVVeaAECvdWDm5MXha30CVXY0onCXqyEkquTShaprsMvv6dQR7XdShb0hpoyJpRWgmsV8V0avleTAgjb3TbvF3GRmY48m+bPsPwXtAXDeq8omklfmNAokQlDgXSKaPBouqPhXl7QAXlk9tStAhf0R2uf0jkQUSrvjfhlksavsDq9XS7E1TZ7JavKaqUsySXdnXA28snAqkUJ4PwhmA+kcRb$Xs+3E2ZD8TjpRqM10mAfaUXSvdJb4MkSnsPw0dllh-lsQzfbPgU9SbcA0Rq5C-pl+HX34-19b27oZIskL90-7Lbajhdonv01b$Wo9lgYYrldW2z93oUwmpj6mh3o3fUc4+z-lrJIWMfPkpjsMvs3aLzdysMtU7Pz$sBkTLow$N9B1$o15p0vXg0hUmACfRdfXZXIvoaph7dwUihN1ksBXD7HwPU9o9SFfyvctdIj9UarAZtsEb$sS6Qgs2n9vZsYto62p-JUprAbUszhcVmUsVm-3sVrpbBbAonwqaWCBWop0KS38tbFk0gYh9cp7DVXy1M-m45gfmrtpSdLyuavDjRDvn$Kl0uyetftAbtdBpuavrA1WUoDMXqDq4tEw21UnM7pGUMW1zFue4v2J85CUgCbW1+0QuMtkstXmk1fYkOgtflvA8GysP9$GOPkqN0of3XkYCFeqP9kAepddLdbtyNbZ8bu5h9Sp75g8Ts$bmAe2vmGi+FiLIaQtkJdwh9ug9kNA4tR6S8yjsqRqdVNLGTVNo3fVu$3Qq7D7p92luGv61+2jobB$UyjDzCNMQABuffmkuRPNyuPwGa1KyKYN9vvkzVgs79RvhRkLVPvb$R9vnnZsv9NRNtOBBCDMapj3kSV5hUmWvh6vSSscUbXX2biwXv27ua41zHST54A8ULYYIXEC8mvkoIsqUmMmtRse47osBGbwenA4k9B9UpyHVJMEr39hXtMGB6fBi2e64e+sYVwahkq9bVYJkEQZH2J$HpqAqkbpsXQme-HPssK2jJ7-8suagUlWgCZ3b1DVUm6qPFrATWAkY8QLqqGJ0dAp-INqF$AtdbqoS8bfb8vfsgUOIvmrSqqLbaWJ2q2WO$zsseCoaGGi$potRcePknB$$vpEI$DAYXRj0BenRuqd4C534hw2gqUXMfXnmmA7VVQMzh8XIA7M$eRtlfbb2mpoQyKhXXJ$hYbsg9kXPNYRPQXf9$WDwlCWhvot00SUrML9ahvnnD5CCmTlSsJfSGr0V+jdKUJMYoubh1Dh3nrMD9ZcaI1d5WHDRSc-HkcZvqW4yXeRfqzRT-rsNk4YlfEvAEopsegMUtY9YHfG2DYAvTdmnTjZbEiw8EJMSWDtGKhqAp9pP5MVUWJhH2UUsVhokBvowVj$uHW-99yJPLBEPPhrk6AhkorAi2X9C$IC$aZFsAl0mZcRfovsd53YrFYl4nr$GksEaEthUGmRjtBIpiXfp25fN8qrCkPpfkgHTmdJs-BBgMoZXdQfYN86P4-r104brAibgqc2SuEi8jR62GbmvBk$tLPv993kFVyelosLbDuXZGbHF$AoGHUJc2Mk-aost-2QS0rwsl8pFQDGAr3ALYjY$HTlbv+TXdlMXY3pQ4Lb90BBrkDUoazw5ulJvMTEThJBnS8bQGBId3XmMrAvMn$DDolLmR+v9YDiBlAGvc-mW9NBllCjNBrAC$ngZOUsAL2scaXAzblkCavhpAD4vnQFdPuE96rk9RfaSPDj2vafMOIad0d5gpMfAnIQhlDGAJodU4K5BJHksSr7d7DSW83l1fTt2YNLvOZiWMXAmlvEZ-5S8TuDmvRDVO+MXm+IA2OS59Bm9bdl3PwfXBTNY1hSA3UVe2JBKkuhAsAjTZ7M9MM$dVC077ydOnrMAlobvq5k1nmVpvDBe8SMwb8op68NC2IMsXbokAIHR4UZcr0pMX1D7knRcyU8S0C2Sz9s97hVsAGfSoOL8o$kSkDLB+Y4yVAgjTbqH6-8yXUXbgr5-vKlJ$pDN-D35KeUO77llN0Ah9bRFbgPTwgvroq-kZles9t8Kr7SvXA6v5LACJXnVMRTao2ywusQnlCkw8y4Bl9wi99qyqbbSBeAG42m91eOypGPnvhVMRGAs7KwDVlAMjGI8KURVuYYnc8g$KMromE8v+9Flgd6ApnSeZ$voASbXVjrTU80FeYPO-cVUQmsjhJyHmLeM49XlbI38HvbZtcpSB4-YTkoUWeyQ2c71UgHqUFKoolGWN4PeydGF$XYgdX1P5e7soIeR+emMHSkvyoWhnbIv6FjwJGJ5PI4HvtwsVMNyJt69EBMzoi1OwFBMkNKkopD0-AkXkenK9h2w9mdnNh$7Ce+5FnioQjRIAqYk8GlmU7e1iGY9YjPIodWtRDRCdW7L6fbo78a4D6EWCBg0yI9XpWtloz9z+2Pdn+M8PoWWpsePRbdGodlP2fBgqiW$wAZMMkE209l84n0+D2AQWjIN9Q$LnP1wlt0kpU+L6rtZC9sYFp+9fHnCFp8$Il2uPaVAtB3-RbYJbADSRl2gY47yKI9UJrlakkP1Slo-Bt93ePzyVB6Cq3YtTurLjVSiY8H9UhvtdFBBS-ATO3IRFE8ucpPh6APF18DYu0c+pnqVeJAw5GYaQ2Et$lTgTeJW4tKJAE6K47n1ReUwXOmUGmpSBtMHd99LdvVvr27dqUFuFDXbp4DiPIu94L$Tc0qDuBIJX$OLVJPlbCc1$m90flvGh0I0dBVSTL$EbGhGVGvyd-MNfGm-4qPcu3aKfXIY$Pg0PdOnvq9cbUvhXhPpo$V$aF4zp-4WJ8SLSwaIaUAF$74jXhaSA+ZROK4X0UflfdohSX0FJjqjpadE4ZcXajp6S7u+o80eqgsoApuJX8b8v3wgHHILfMX9MJMGsYvVfgq8TyZLT$Srv-dZpKbhXZIt9UITMqfsbNv19po3AgVJPIa4Ave9dhALI5AcAsPDqROZuTeGpaDoSTo+4ue30FVPIH4U9DX3IdqgZ9wJ$boYd0IImUHihnR0I9XpDjvfokP-u-95u4wgVtHTZE$swJM1VQqL9qX0TccXIl$ou2T3eUOmIDApfUenADcrvseJXqPe$dmorsImI5r1OcQFMyhVp-9jvAvXQPDqrPPeaGm3eie1HzeXvLs9R$q0aZM-XlrXT-eiZPgLSCadotsiM6SMOgQzcwT2d8divGujIoH3uuD6fD08qZfoS0uUPduEooXyvd4-944RIJ$cR+fBQgVzpDbkwOAO4CvV41I8hfVkTMQGpe4hW4aSHUJNslbku4ZsJMTS4oX+dXOkP$SQbJ$pf$Agu4opILWzD3sZX34kPdVApVvKQ6uAbvW9O+onv3eboSoXOXIduL9WS2vsbI91OXITMjh+oU9QQTM7DdXQQe$EIHcvEDOr$PcobRAthgA9dKwlobEXErvUvFc6QNwoXQrhbZRpf1sz4pb1sjsi9G4hEkourHbvXRdp4YPSRVJjv2v6SL$7spfvMwgTZrAjmEHhP0aPujvOu8hROZMZWiWJ$ZRbpbAdXpItsTgwoAvhwQbS0SbLsFSqOpnnvzrQIlv6PbXKJU9UIe$1s2SlvIP8QR0yEYW0OhnmQvfMnsE0atpjvCvIn-OtfRevEaV-JEavXooeOLSWOpXZIL9S9vnmvuJMbCcLnVVkeZD9uEWgZhFyZ0IfMjvfI8fzpVsdXVOZnaD9plw+uoZ3nqHfWsWAp3STooo+FofNaweHPcr4D+4uwjIMn6IBapq8DtSROHfmbLngEbUaAdXXQmAsX64AbPWYsvXAviudHUpDA+AuavUHrOIXAbU-XLvagGhyrvU7uyu-UooKr1dFDUnmw-nPc5n0wsFnRW9AbFVZMr0YbyhnROP3sEe-rldC000HFZU5I0UwQTDaPCc2M8wIQzpJY5vKvebAEHDkWccXwh029mWmeTd80gu3ogZzrfYcS-JgeNoZeAd-J0FrfXvZR-vK9GYpAwM8vyuJYpwF$9QCvJFaWF$QuGTP90DUu+Jqc+YDAzrMn4qcXaJpPQQY4v0VnoDYAHDsnkPXaqXBZtv7ZOIloqwtp2SDSEblI8PefLM2uvp0etndw1ZrY20pfc43H6wqclVGlLP-qiZNuzYADupCaIvJIdsVYJXvu0WfqEbAQteoXUcTodHUe4$kPKYaH5EgHImQXNbjv7aMbMAVH9dROb-jHZRDSVJTadobQJ$ApYvMUXwqFSHudgpZc2M+d9nXTV4bWWTTvOlEoOVQW+cKSAp0$DoAv3r4HRO4pCpyv1UDoylAfRo84cptUmWGpBuHEolHD0Y$QvUe$LnSaVl1WKUB9MhZp$W+Y-JXuydal+BJrf0N4LBaduDEHEfzrD0bbN4SlLFW-hXadXQXgAueb9BZMZS3PJlT$249EXoirF$cRQpMM2UZsmJF$QBRYyWiZ2leaM98DvVRomBvowpiZhbcoyOGHyTrvWuP9jY3TM-Zr253ewnu5UsNSmDzImFbEY--JZMwfadLUQUZMhlaQUT0IeOsbAbDFYBpQgubA0P5vmbZScSL-AplhP-i-nRWP2VnRFWlJZceEgUkPApVrkUBrM9Gv0QHDQFTDkPRSXamarvSeFnIumnmQlbZQ2T2MyJ6So-ts2htdFFs-UPyMTf2W5AzrRON$iJv4TrApaHSalVUeDB9TOBZETWcUO424Zp9lCvGaQSTTZn0dTUWELVhqXcgWy5G56SflmHjJJMzuubJM756$Elyhr9prUsD0DEUIlIVcbTanSIcl-p20aTeZZOz5cpLR1R3WcWmfMXcABvoH5JG0AbCc9rHPvuDreeGEbAt9Q5jSerLEYHDWQUbE64cX2EHOdHk+-T0P24+IAfT-mnpf5CH9$SKJN-W-BkihcRsCEU0IZWMblspoiYZRaJ4DNSIokJlVKSsD4oLuZcEQlV+rLJtItrOWU9650eEbOfZ7edBv$eyl24dFCv9BvMEopMOdMWOocwvUHI0WXWZcjpjpKSDPadUIkCu9Oso9Hbv2qTCTbUoXUW0XkPTM1-sbZfG0L$QQXaQXd$omP7r+XvXC2hjId7hbVJL9ND5ecpWSdarO3e772SMXSM-5SWjqZcLnLQNppFmkwBa5Use$uCBBRnCBeB7ByBDDECrpebQbqPUYjwmnX7Js-AFlR-jO8u3H7VaI1HjHInYngwpYowVJhcROqwDwQqn4TMpB7VQQun-FEomyrbWbAYIEjwwo2vJWkUe$-Xu-vUFofclvU0gS6eZ+M9adUedsvfUeICd7enApvPATMV1nOrL9UI1ClVMe3hAeCbnJyn+AYv2AbXOHAsDbhdbcblPoNP87hn3ErClPTgthyy5PjbSwvUbeLXn+voivrev5vfyCJ$zuBUQUsl5eP9boDoooM7bRqQRYX4t9aQM4uko7lyMbByhymFPBSbhClbzYJU1BeBS5M0V0JU6YlVjCtCU9f8ROKrAfkUqwomb8+4EbckUvD+qJrECEEE2U-l38CC0at8kU2MYkE5NYMVDJ0Jy2MVhqkIKoebRO2MWC5aRu4GFDwGR5QaMYYCvw+YlMjpROVMcDqDRbXyDlyhaofV5nC2OIt9K4WMZAuE8BAI5AD0GS6SGAX7UpKh2EPTQEMCJ$E2GpSlYTLYKChnErrC07FCGBEE5FGpEaEoMEiayV8rSy8HDH4ybYZwCn-XsTeD2nhn0YpkuBCLiAkI5Q8+FIQ4mcU9L+rM-0RbW7lb35qAnBRbgp4TkP$EBv8IzYHToX6HlwKo8vaTKh-kjhyS3lwavXW54+qXV7TL6SjDmCCWWCC8D5F28vybtnBLkDbSZpiZsXRBNHzb$5mLAfLeo22Y+uub5y4kwk1dIkCcXP6fi4qn0TYbqSlbN-UILkAfIC7kT6rMN2fP3BqLV0m5J1nCYJRF25ZMS5SbqnlwTZbf$H$qNZTQmONCv5tYCv8DEL$eZRsTNZwWQM+Dl+qGCybUEnXezYnu2HILq6qP6HFbUIHfrvhqGJsSr7NA7fEEkENQQa6fX7aDI3hJKFqnGmTa1p04lEsXQQ28C78sA6-6O14cQlF$oyjQGd-5j722PlAYRMgMH2H7sDnA91E7UPqC5E05ww4DqPKBcL2+YU6OlspXRusbT+j2cp2fjMH9wplFBOEouY$PR89yX-LRP2lpYb8jBWUsTE20eF8u$UmOXgzGJUewQwRGw+21MUcE-FKfO-9DJDCHTLXy-X9nfbTuE3mlDo0IoypfN8nf0owYdHW9QSt9Z8YUVCtS$$rCvCSMhlwPqYvUvl$3b8KOpVNHu2MAKSAJcpNDrZRY07gYFVLnEbNk-dDwNZP0nGXrwgClJMnAb8kUY5gpb7Rot7EPmbpIB6MLIrwp56C+cfydTMzGpO2DfUF2Be5i4qGSn6ut+$XnPe-$rC6Phb-kHB0MY84XG1t1jJEtF3UtC6X8MX-G6Sys5CHbRYqX2ZPZZKYI4Chicp+-HbuejP1EXU-7IuXgWC$irwEFv4DfZ2AHOedXqPeIihsaO0hGvRP0p$sXv+cI6UGmVvy3llI8n-VpROzndd$EqbMELwcTCccRNbHb+9NZT+y1QLP3iOO3SollqqA3rDwVGKlv3eSVtoc7q7ToD7pXr6ql6SK4pFU6pqaVYFynGnMVyGUILnuPEodfno62o2OVh2XLmDG2ZcbDSDMV4UStloBAZEzrQB1zKz+KXvHBbSfGj31ut3i$FUgV9jnecR3eZNgHzEHADQApK$Nt78q+3BQBMnvPqK0fJil$53VyHb7rReWlJ$q51ZBAdEgpfztSeHUrA7bFYKFsmQhAYrWYm1bnRQ7qpptRAKoX6ApDdYQvQAvjqbXsXOAb1RhED+7gciacWC0KsjEQ4WkmEbv5PUqVFsWyvl-LeAk$qLeCmdi2BntpwXG2X9aYSnMPDOWpT-MuoNht8dUIvovg$lojmvM3RylWIgguo6GdvD7VcKREbjmX2hjn9dTa7Ijv8dUakNRSvlQfSUo3Zh6vQv3084M7abSfkGw99UMGhro1QrEAwphn8EA7ffv5DQOtpHtaor4vWhTZwD1bAXLq0-AwS$OAJae8XU2TRXkft0PhsCrffAb$aT$ksUWRXesbfXnkrQA+AmeRKhjvZ8p2ApmehgwX$8ZVeSQDp5dftvFYAkUkCOfpRR4sjh79ssfbVmqPowMhkrOoUIrR4r7Iq5vaemXWRIbf7rmstmwvVkfskWq1Y4ewSBpBokvA7kDeROBRH+vtg2eDeOV$m3s2fQysLDoSop1Br3MAeDefkmsabSmGGkrvw3$BhV$0f6sPeES6DwJt8DEkJeVp5EvZWDaAb8XzY9RC$jWsdrrc2q1mBcwCbNAiewSWq9XaeFoFDpj$1fhlvubesCbr91nBsX9WAkWAFXIhJ-iIbahaM-tnDfqtZyR7weAe$j8qXpfX7tRzpHLRuYf7hqhraXyVW7YuaWrCmmb8qY91Ws7APhlioR4svleUsXRRUrwtUUAs970o0Dpo2dsV2wSf0bpCaPD9VstFamoROjXBb3v$7O9FSoy97Seh$kuwytlFfsWFebkCeLajttnsEqLpmOhgBhlYk88LWMr-Itv2ya8fAnpewpH0IniWvbqsIWSqpwaiWsfsmmjRMSrsf2rP74bURS9BYsIae7SQ8R3EU5iTrEs7Dlvnmay7Za8k6X0e9vfPBk12s9QBZj1kPfqnYscQK9hTR49jVbecoTgjVAwagkl7mroSAS4RpXvpelvNhfRI08Q24g7eip+R$ZBGFgAqThmDQeq0kvnpXIIa9m$s9Vf5750mRcSU$qt8H-4r5mGbt4W3apbNr3H49EQALaLqWSoSnM8TBL1ZbBS5eXnt-sf1uQDcrm3mw3Az8SbQeIy9W3bUy1TpwX5pNC1FsbnUkq97H9oJRsRsdv3Rd7rDtV-Asv2bWjv$aGYjIvuXWSVJp2Y9X6$S2zeHbWAZaOJALq7Q0D2sCjUAk-rJM4J2mEDe2kvbjSmbtvtSU9v5q0ID3XD1WisaPvdcV4UaWtAD$SnPXRpfSf7bsQd22RD9U-kEvi8sAuWTvj$vhkhZbAkqwlXQwoeZYH+Ig3toi7LsapXe4sn2AqTD3lnZdnrJbB3P6Y9sKvz$IvXNRI2EbU+HbD6adGdiqbd2nJSOh1PmkzyzAlvJMwPwL2QHuvk9rPpafF3deIqJslv-vqs1SRoX4WcWISIYvWnsvfb5h0SvvsZub6XkbpgsYgiR7oNva0L4ZZ2O-mss79ptSe4gaoVm+DpTtXWDvwWLhzbiJa23cY1X+ABDIhfb80hQZiOsgQMLp$QH9UFJ3sHSjd1imBdc4TS9R8o0AvDv+APZ8zsRkQWukgp9Ns-qmWOAnF4vNoTqlLp3vr$IQXSEB8e0kAjoXTzi8RCpAtXI76fFXUPwhkUUSbMgHmS9a-tzmv2yvM0cZf$7UhImtXmREgs8j4e1+Dpk9vbkykUU-7WZ60NlsyOm2K2Gfk88Rms1ek1lHQsV8jMs1cqV7fEG0g7aftAspeOQhgrD9mqpgL7mr2vzDt0qWYUs+QMbwJH+fJ7W+fnFXhPoq1EZEbRSaZHZMCyPkApdw1bJSU0UrDrgMrzbivepkLaSCWgRXzba5Ahkf7vSRSron91fvIq6v52$0kpvIvKADZgfLVJC1ovEbPMRZHdCj1detveE6pIhdL8qgcSUfjOAqeLfaY4DJwU9$btyWf7PpWAMyjvtnU9q2Q6XAZXDa6B478vEEX2hvU6wj1TAPvdlBOz2h73fYRF8vASpRa9kuviOW3ID9Jsy2rD7d-dCwnc9+PIXXoi$kqC1wMAiQ0F09kwj+P733-cFMbrb91WyPzrA0Ld5dHUAGaeDPFLJKPGj91rWp3qtJ+Xt1A+PCDkvI3p9ei8LUVrHFKhC8WjfJPrWiXT8o6Eh7zy8D1Xvft3P6t9ArycFFbpO1mkCP2mUv-vKDKnst3gElA1JRuo+kCYV-LFWioMWKtyYV-$Rbao9EL1KYMvQFcpIDw0aNX3DinzcdpvqsB39vbUOoI7UlUNZVc7Qbs3jqGv63bfeFJs6c7ztyPdpofb4IDtXs7eTyFviFtAj1tyPWy8c1JGDvPP5QTDeAJcMAJSA8gNDVUX94eIdhP7FD4UPTBI42yOSlrTmrOApfckwyPDcuRbrAP6wvjgUoM1JDqLu7mjRZHUmqDOhvog4GF3mmqM3t48CYSyrv202pGpTvFongpcq+A4f7NWqfcAicdQ2H8neafwFTZmIwIPSjMqBm9JQP1bMJl4vvUQs+Qn6ULqwf8b-DIwagKcoEDaUi9mWJbMcjAfpUScdWHn76P08ZVsDLQ2m32ytDNX$$gW$ZEULFyrbZdVom9AdjpfwbI$V4ndwJvCSvFcm6qa6qS4+SMYubBI$SATD$nUspqEEoT$w$4QQFDLI+UvQJjN+cF-1XFUvSH4HfqML92OfzX0D+ffmUq+AjbjnG-8OF+Zm4zbp+2B86XvXYF5Ae4o88-Y1$TnriB4jwSeYFAUI4Kfdvl8cFnvhRUmscburcFlJhFWO7Gb9f3YMMJU1ztyZbqsve$R31tsdLevNYwlC4GpEA4er8Yn4IDUpAqvXDwF+ZwUCb5sb57Uu$fMVmkWRUZ8MbI3sgznsPsAgfm0T23WSdJP08SorfOhaOBhvhGLn9WX3sCyCY7ShdqzIDWAPOq9G3uRJCw1nUVsFrAnu0SDkS5uUgG6fpulVkm5AAey3Y10c$BcAgbjkWlKJ4FJm3SgIrXrcMig2QkgbXetuHXJmHS5IhwpEnVBsl2dU+3aGAbZfc44Hd73IflEEMKQjhRpn4GDpamgE7-tODPGankyv-fVXRaAeNvIaXUW4wcjX+b-wShEI7jklDDEnsdNpwaKdqovtneM6OHVKj3uDWSqHPbh1wyYEGiYoSLI2j9BoQyhFHHZ5JM42P0AtvnHGRdfTgqFG9-+HKD14EF4DMjm$I95Hj88olyH-iHKlJLtGZBGklGJ+udwd1$78a-XVVW4PE1jQfn-bVsW4wK$s18UlZc-TfTE3ZoS1lYbrInSYe138ulqM0YhN9B4UGu-E9WN1X3ildvZo3qS-Iz9R4BGGFVVP-lcdBoKypgbiC+pNBoAKD2-qMK4qTE5jbf6-qMcACwdLjbfF-ZaPAmhEbizZhUmauAowfpORfj-fDyA4PESofMLlus0-XH584BM$UZqQlIpE17JBa--si5nrGZL3MIRder5ISG2jdfW-eMGeo--gjLZAUIFXm2HKh41MuBupsrHwdlj$fCM7aTrCrGmOf8flyaYrIIGVDfBOFqMGr2R51afG+Ud4LCIQvZSZLABBRRkmnDdjEDEBfPeBAW2G4Q83UB$GkCg5vOgLKUHsb7Cg5blhLKUqaeyIhEpOIL29haFyJhTbOaGhYlPMSUZEj1zGNXX43-1Dts-XLqYUMdECT5DoWLDb8MQ5I053ZOL05$DV+rYREeLf+EqMK84yh9i28eY4VG8mH5wo78YBBMVGr2hPlEGV5W4GEIITwj680dGaQlI-TfOL84Ytminrpk44+LwYyhBGjdTHi3f0-H4-gHQ$dszq+lcbzqU9BKU8LC9jXNUvXMEQunavEs0hWmaVp6LIJXP3mATsIk07DpLHZSevA2vlv1bW$TBjFjKa6mEb4Ujm9+1gA1+LOORNY$BX87gh6TSpKpznAiHK$o5cH36LsW74AA15DXO2pe86HcGOlfm8SvdPhspvvv+A7EsqQpPlRb1mwpRIA4yiOYR9ZsuaprMr5hkS8rwEA2A8EyvuOAgt2R9$spoS0YLBpvvWYbvg9dtqhpptACbzZsp1wo5seJjs7oAqw98j1Xb3b9p5$WlWdr6eWCCmTjLbU2v6Aov1wbvArAv3Svv$bU-$VTvLrBMqPUdk9v9XeTeS4vUW$q6wbgT71IGd--H6yC-vgpAyGQvJ62SaTbvBSJ6yCqstiJdhk0J6Bm9vAv9bv--VVwCNVBaUpvQiRAovEgWto3RF0DXEbAZnmA7TbvrVBCeT6cZps1erXoSdI-bwrB0kKLNveP1HqP10vvAHHZfZ9Y-9AkvbfKJ8jTmvBVubOv$D9iRA4jr8p$HTbvSALidvRXeAsJvCXmUHsFpYRBU8zZ+FPXRXCZCcpU1+pEbYpomwKzrsSbnyHqadp04o93EQv8EZJuJEg3M7-SoSLH71lgUHAaQY+t3lhAvo5vg61O1Hv3zgA5Ajl+bFblN2Hkdev2whYRlvvbayOSvh+av9dAy5pvGeXv$v$vfbhbemranTaIMXFsEhEeSokwcHrIfEUppS$WFXZ4rWqkz6eRAbnbabzLOgA7WtvJzkHUR9IMfRQAivkHvPUMMCRH9+b$Pvvkhou6vYAkw035HmfwNLT7MQ-KVcC3uutlSvZA-6tvV$EEU9kGOVr4vsbfb1jdZ9CR9CBRUaaXAc2jvvvKRmHvv"}},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-out-s: rPprySsEvSmGeQ0adn+yMg==$QFtbTOvGMqs4Arg9oHqP/A==\r\nset-cookie: cf_clearance=EzKVtnRFJQZ9rIx_gcOrFFyDc_8PClf5EUV9rYJaK2I-1773740226-1.2.1.1-HSXvVg9_myIOr_.ydZx9xpv8k6KEpWh1T5GIOT5h.QdDzSluIroclitLNS0DCMp4t7S5_GJCOCmq6YUfApTmnnaRKEwDgrFJ50EczXbKHE.SFYb3LYLSkuJwHjUXxkGURBIf53WsgE.R9n3rW2f_DWUhS5dk0OPk44CQeoDw6eZntNGniuFL6uKd_vy3qgadK5Xd71axDykBdtOEQv54xd0hjWuJn97L5fxLTzErl5Q; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=savegame.pro; Expires=Wed, 17 Mar 2027 09:37:06 GMT\r\ntiming-allow-origin: https://savegame.pro\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\ncontent-length: 0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9ddb045eebe31806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/sbar.json?key=4a7e8505cb95ed24dea186cf1b52adb6\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /sbar.json?key=4a7e8505cb95ed24dea186cf1b52adb6\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:07 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 3106\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; expires=Tue, 24 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\nu_pl26620252=1; expires=Wed, 18 Mar 2026 09:37:07 GMT; path=/; secure; SameSite=None\nslec4a7e8505cb95ed24dea186cf1b52adb6=[6517247]; expires=Tue, 17 Mar 2026 09:37:12 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 95\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0f2d0f2d9cb956e23560063dcfc5ebca\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5215,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"cadc1e1e28e046d6b2527095d6070e48","sha1":"33762aa03f08c2ec7a793e7be34697208bed5b23","sha256":"773723d25198408e43a8eb161ad58bed0b074db6a05a8663cd7e12270d854b00","sha512":"b4116f5a88e4c539e9c71bdf4c3fc383ee595f7903346d0b8ad8d5d6e3d22d562dc69cc442e0189a288469c29e971cc71830222ce2156997438bd7d3005b433b","ssdeep":"96:9ziC6ItB+HXZLA/VaaR2vaWs97KuRfo7bzG9s20uH6ItB+HXZD/wbg:9ziO+HXZLA/VaaIK77Q7/G9s20DO+HXz","tlshash":"2fb16dfe310431445ae3ccc552c2dd698dd3f98fd85984969877a76f0a3f362b352045","first_seen":"2026-03-17T09:37:34.139526Z","last_seen":"2026-03-17T09:37:34.139526Z","times_seen":1,"resource_available":false,"data":null}},"time_used":876,"timings":{"blocked":341,"dns":53,"connect":93,"send":0,"wait":194,"receive":0,"ssl":190},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fandroid_bigsystem%2F2%2Findex.html\u0026l=1614\u0026fd=213","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-creative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fandroid_bigsystem%2F2%2Findex.html\u0026l=1614\u0026fd=213 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:07 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RSO2wcVRR9Y7ujQCEJVEhTpACJXb_57OxOUliK-DRgAwlKAUJ6v9m8eHbeZN7M7mYrhyBqQ4H4NOOzdtxECCSadGiXAskSUqbbIm6oqZBCQYPWXinKKe69T-cV555zvzqoTkkbFVt8-IGZ6DRlm502dd-4pTNpRtbdvul6tE2vubd0FoXX3PGyFMOrXhC26Zvue0rsmk2fepR61HPf1YVKzHjzjIXOH8VeO6bt0G97nRDj4sW3rRxY5kAOT8kr0LJ5-a_kU2gxQzb4-W1ld0uTv_XOoEpZaQoM5fEn2W5mRhkGz8ekcJBkx6vfMLYh5Ls1mOx4tQHM8HC5AbhuyNqrT8Gz45VM8OHRuVKeQmXg8iWMhjOodAbNZhDmAbR8QgAhsb2DbPBw2xQjdu-cZUu2IRvP_oEeNWTj6SVkg5-up3rs3jBpVWqTWYyTGno8g-7PkFdzlBMHejSHKL-Aln-SzWfvIxsc7tjUQMvFFdllXcW7qpV0At4Kw8hrMcb8FpWR6DC_E4goPrNIJzMwu4bKOqi0gypxUOUOBnLhhrQXCo8FURJL0aUhC0OpOI17PqUsFl1U4j603Ico9pAXe9jV-7C3a1i5Dls2xPloD0NZH8nU-rZ-KFNbcW_V_VUP6qkp-wfsyJR9lRGwYh-FrA91ftc-gCjXp5PEyqlZFsbLesq4rKdalmso7i6uUC8WCfe7rSROWKsbhazFZdJpRSKg1I-5T33_ID8lF5YmO996n2FXLdyQdVWvQzuCxx0l_VAq5vUikXi84zPJI1hdQ9s1MOtgohvy2r8ect2Qjf_-Bmdz2HQOoS-DVa-DjWqw2zUm2SPLhqrPBqqdFwbS1MjLDZT3nIP0lFycfnzz-m9nWYtiHUqcbM2DM0AUNfKixh39O0E_vf_LTl7qgZ6wZfg3SlaqdTD9ZP0bCN2Qy5-fnl1h79cLEPkebH6y9fj7JX6ANQQ8d5DqhgSX_kCqTrZ-vHjnKiEEjNew6oSsAP58PrBfol844Kkz5WnhHPK0SL8-F2r1wk0C5QtKe93IC3qJ8oJQiqTTC2MZMRoECqVt9GN3_n8AAAD__-xQ3psHBAAA","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSO2wcVRR9Y7ujQCEJVEhTpACJXb_57OxOUliK-DRgAwlKAUJ6v9m8eHbeZN7M7mYrhyBqQ4H4NOOzdtxECCSadGiXAskSUqbbIm6oqZBCQYPWXinKKe69T-cV555zvzqoTkkbFVt8-IGZ6DRlm502dd-4pTNpRtbdvul6tE2vubd0FoXX3PGyFMOrXhC26Zvue0rsmk2fepR61HPf1YVKzHjzjIXOH8VeO6bt0G97nRDj4sW3rRxY5kAOT8kr0LJ5-a_kU2gxQzb4-W1ld0uTv_XOoEpZaQoM5fEn2W5mRhkGz8ekcJBkx6vfMLYh5Ls1mOx4tQHM8HC5AbhuyNqrT8Gz45VM8OHRuVKeQmXg8iWMhjOodAbNZhDmAbR8QgAhsb2DbPBw2xQjdu-cZUu2IRvP_oEeNWTj6SVkg5-up3rs3jBpVWqTWYyTGno8g-7PkFdzlBMHejSHKL-Aln-SzWfvIxsc7tjUQMvFFdllXcW7qpV0At4Kw8hrMcb8FpWR6DC_E4goPrNIJzMwu4bKOqi0gypxUOUOBnLhhrQXCo8FURJL0aUhC0OpOI17PqUsFl1U4j603Ico9pAXe9jV-7C3a1i5Dls2xPloD0NZH8nU-rZ-KFNbcW_V_VUP6qkp-wfsyJR9lRGwYh-FrA91ftc-gCjXp5PEyqlZFsbLesq4rKdalmso7i6uUC8WCfe7rSROWKsbhazFZdJpRSKg1I-5T33_ID8lF5YmO996n2FXLdyQdVWvQzuCxx0l_VAq5vUikXi84zPJI1hdQ9s1MOtgohvy2r8ect2Qjf_-Bmdz2HQOoS-DVa-DjWqw2zUm2SPLhqrPBqqdFwbS1MjLDZT3nIP0lFycfnzz-m9nWYtiHUqcbM2DM0AUNfKixh39O0E_vf_LTl7qgZ6wZfg3SlaqdTD9ZP0bCN2Qy5-fnl1h79cLEPkebH6y9fj7JX6ANQQ8d5DqhgSX_kCqTrZ-vHjnKiEEjNew6oSsAP58PrBfol844Kkz5WnhHPK0SL8-F2r1wk0C5QtKe93IC3qJ8oJQiqTTC2MZMRoECqVt9GN3_n8AAAD__-xQ3psHBAAA HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:08 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_a+474d9791df5e132836fd529cf077a982=914; expires=Fri, 10 Apr 2026 09:37:08 GMT; path=/; secure; SameSite=None\niprc_a:914=1; expires=Fri, 10 Apr 2026 09:37:08 GMT; path=/; secure; SameSite=None\niprc_l+6e9b49576dfa9ed23d292425a33709b4=6517251; expires=Wed, 18 Mar 2026 09:37:08 GMT; path=/; secure; SameSite=None\niprc_l:6517251=1; expires=Wed, 18 Mar 2026 09:37:08 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 208\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 03b01190b4e3b2942842a9ed294f5fe0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":309,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":309,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/download-manager/assets/js/wpdm.min.js?ver=6.9.4","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/download-manager/assets/js/wpdm.min.js?ver=6.9.4 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"e56-69a9bd8f-9804652;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:29:51 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1127\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 435\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kkQz74kz4EFzoTiSrnpHXgJRxf22yb1ytcZK3yivSbNI3wMPX4MmexSevTdTVs8P4UXv19bjmgxk1vm86U50CDBoF2Rhd0NyzLaaEA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045359cf1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":3670,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (3670), with no line terminators","md5":"2d55006cf9d3b4d5bd82ebca073b6096","sha1":"0dab24a380f39ed58624be26a7b8b96d3d2b4a86","sha256":"6d6aa38b53d4a7a7aef17b73d5d88e446ffa06a2983f1d34b95aceafd3670bad","sha512":"fb9f73df5e000179dc0875784b6b8da0c2bf452cb8d235a69ba4774db9a513e841b5e8af312e34689ca7a6a18608bd6d420e959bf96b6742fccbd7f5dbaf3c5c","ssdeep":"","tlshash":"9d713118b9be219800ff6aab70276f14a5762d5ad8899529643188f11efdc81760373b","first_seen":"2025-12-23T13:01:14.709958Z","last_seen":"2026-06-18T21:20:41.411332Z","times_seen":1245,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.542Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:01:03 GMT","end":"Thu, 28 May 2026 00:01:02 GMT"},"fingerprint":{"sha1":"F1:AF:5D:36:35:F4:F3:93:55:9A:8D:70:8F:C7:F5:6B:E2:26:FB:8E","sha256":"D3:58:1D:7D:AD:70:61:0C:FF:96:A1:79:6D:1D:A0:CF:58:59:D3:71:56:63:92:64:9D:FF:B5:46:E7:65:17:11"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2572\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6a3d77ad43e43c72c40c07bca0e2d0c1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5119,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5119), with no line terminators","md5":"2f7f534aa475f2ab416f5768f5eb1abf","sha1":"0e264d3826ec4cea33eb1d05bc113200a9ca55b1","sha256":"18821fa5e86c1240947fc976e78c43d849789cda4360578383adcfbd873d133a","sha512":"c24f6cff97cb6e0cf363714e9073f5f0533cfd228d16665aa6be8fc2527f88f5f3fa156e6dff75bcd4f581a1a3e8f7e0e7242ce4eb3d98d5af950a497b98ee7d","ssdeep":"96:JPczm1siDwcWu0HAGMUJhSENesmRmTj8pdkZ:Bc0DwBLAGtvArmjZ","tlshash":"c2b1b79c3f40b0a017a2a0776f6f2429f1396c10ab6be894d527a1dc3f29d29c2b2755","first_seen":"2026-03-12T08:34:48.0486Z","last_seen":"2026-04-30T07:10:40.662541Z","times_seen":2445,"resource_available":true,"data":null}},"time_used":777,"timings":{"blocked":349,"dns":33,"connect":96,"send":0,"wait":103,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.219Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 01:24:35 GMT","end":"Thu, 28 May 2026 01:24:34 GMT"},"fingerprint":{"sha1":"66:45:2B:BB:A2:6D:D3:A2:B6:16:36:65:94:BA:4A:C6:5E:05:66:09","sha256":"A4:2E:A7:56:DB:44:FF:55:9A:FA:4D:EC:2A:78:CB:C5:02:CD:CF:B2:FB:A7:A7:75:77:EC:01:DB:19:71:C0:77"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 67e4dcf4579fcea78894b18daf6d924a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-19T01:58:21.865475Z","times_seen":19107,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/uploads/2021/07/cropped-savegamepro-icon-300x300.png","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/uploads/2021/07/cropped-savegamepro-icon-300x300.png HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nCookie: _ga_6QKNB8FJE0=GS2.1.s1773740225$o1$g0$t1773740225$j60$l0$h0; _ga=GA1.1.2071307227.1773740225; hu8935j4i9fq3hpuj9q39=true; s9ifs0idfjlwfie32dekl=0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1; cf_clearance=EzKVtnRFJQZ9rIx_gcOrFFyDc_8PClf5EUV9rYJaK2I-1773740226-1.2.1.1-HSXvVg9_myIOr_.ydZx9xpv8k6KEpWh1T5GIOT5h.QdDzSluIroclitLNS0DCMp4t7S5_GJCOCmq6YUfApTmnnaRKEwDgrFJ50EczXbKHE.SFYb3LYLSkuJwHjUXxkGURBIf53WsgE.R9n3rW2f_DWUhS5dk0OPk44CQeoDw6eZntNGniuFL6uKd_vy3qgadK5Xd71axDykBdtOEQv54xd0hjWuJn97L5fxLTzErl5Q\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 05 Feb 2026 19:41:47 GMT\r\netag: \"cff7-64f0e64c-1a81a8a;;;\"\r\nlast-modified: Thu, 31 Aug 2023 19:13:16 GMT\r\ncontent-type: image/png\r\ncontent-length: 53239\r\naccept-ranges: bytes\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=6,i=?0\r\nage: 352981\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TGIufr6kG1AORRIUDLo3hceUoroR6E%2FyL0YUFj8qHt%2BGz%2FDEhL%2FWqilCTdS1AmxaaZfUOKJaMKGdlTpuYOnyOG%2BbhqxSCsnJama2kA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045f1be71806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":53239,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced","md5":"7a4247bce8a45fd3bb17227e07c21a35","sha1":"504fac03dbd70d8524fdd005e9b397fe647e2fc9","sha256":"80cadce0e8dc364759ab3ca93004acf19b14d68e57e171d0f99dd6be97aa42b3","sha512":"83c90c26956957fcd4e65782da7a106d42ee41782180dfbf3fac83d5ea23cd3d3a4281dfcb868c0f484c49d5662988fda4ce1b7a0b79c0d87441481b7697cd2f","ssdeep":"1536:aQF5OkpXs3daVKxVPmCBBs0aTynr3+uD8C+LNOsg/mbeh:aOgkpXs3daVKzBW0aur35ACXh","tlshash":"3e3302b2b05ec6e44c9b10b390dee39b41091bda7a7e26fe8c12dc1b05a97bd4339705","first_seen":"2023-05-07T20:57:02Z","last_seen":"2026-06-06T01:08:44.49953Z","times_seen":53,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/cache/min/1/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=1773059685","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/cache/min/1/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=1773059685 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Mon, 16 Mar 2026 12:38:21 GMT\r\netag: \"3310-69aebe65-88000d9;br\"\r\nlast-modified: Mon, 09 Mar 2026 12:34:45 GMT\r\ncontent-type: text/css\r\ncontent-length: 2379\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 75256\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XhB%2FwmMZ2Fy5olh34jQmznf8izoEz%2BYe4IV4p1hw4UYk%2FCphmKW8WOUZsOnLzaGUNGdQVRGzKDkM9NUixMQPgpZ%2FtqgdOZ%2BX6qznCQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349ca1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13072,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13072), with no line terminators","md5":"338e3ed66169581dfa81512a0ac2ded6","sha1":"61dcc6454bd2fdc2388969b2436874b2331a8e05","sha256":"f1e70fd93c4bf41003ad16e5f7d83a50e1f1b77384e4a2438513e3b472fbc1eb","sha512":"ab547b064ef3e951cd38a9e2ed16d2010586808aa98ed5c9f3e7fb6dccda90d2ffa2632ddb67df1444cd29e3d4082d1236924a6235cbf2fb9c74df1eb2c324c0","ssdeep":"384:grnUlkLfs/nzoVQS5SeSaSWSUS+SZS+S6S2S0SvSVS6S2SySoSw:WUWLfs/zoVQS5SeSaSWSUS+SZS+S6S29","tlshash":"334212b5c06c21d66331c94bbf807b2867b5fb39ea805e48f11f6c2c1de666902c5f69","first_seen":"2023-05-28T14:42:07Z","last_seen":"2026-06-18T07:21:42.780242Z","times_seen":135,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/js/splide-init.min.js?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/js/splide-init.min.js?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"b77-69a9bbc9-c806d08;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1073\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 999\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c5jmjRTMgDU0q9pftoEJRDaP4s%2B1i0DfFMf%2BvgumjF3rzWBup6Y4NoXLtXZC6lNZuD0O573IYn8%2BBE5Los6zpmqWZmqVb6HRnK3uIg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045389eb1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2935,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (2935), with no line terminators","md5":"7033ea3a039c5b74a9baba6d3d35b0d7","sha1":"e87683310dc3c7285fa53fe3949325bc8af686da","sha256":"f4096397ab5971c1d4266e35f51b9f9fa0513c6878b06acbfd9ca05275458fd7","sha512":"f8675b0ef76aa8a722c6d0a8db218ef176acde8384fe45f781cff707360f3b22d2b6ec1100780f827cdb6f589b3d169bf951586dbb23643f696eb3b7a6a86bcb","ssdeep":"","tlshash":"4651112f340975732e2728e1d42ffa5258d1a37469024922c8cdd4e9facceef18366d9","first_seen":"2026-02-13T14:27:49.946317Z","last_seen":"2026-06-18T18:50:51.072203Z","times_seen":291,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wowrapidly.com/bdbf20116fc8d5cbc12e86158035c95d/invoke.js","fqdn":"wowrapidly.com","domain":"wowrapidly.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.420Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wowrapidly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 01:08:36 GMT","end":"Sun, 19 Apr 2026 01:08:35 GMT"},"fingerprint":{"sha1":"72:CB:7F:94:29:E1:C7:63:05:03:A9:0C:B9:94:26:06:36:53:84:54","sha256":"3F:E9:3B:EA:70:B2:3E:4B:47:EC:50:C8:84:DB:A7:32:45:3A:AF:B4:FD:B5:DB:FF:9A:3F:B8:07:47:36:F4:AB"}}},"request":{"raw":"GET /bdbf20116fc8d5cbc12e86158035c95d/invoke.js HTTP/1.1\r\nHost: wowrapidly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 20306\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: wowrapidly.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7b38daf54c38c97c4070eb9e581f9879\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":50541,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50541), with no line terminators","md5":"825ffd1903278a0f6ac8763aa4ead388","sha1":"af11b84cfe3b2bcf81b70bd31aa952b7da18a293","sha256":"8de90da6f56c6a9da5487e2c3f6b7273868c7cd84c3e380980377ce140dff52b","sha512":"fb62dda35e639b13fa975335f27a312756e000ddea551c0f2bcf81e7597e8e4dc2282c59cec8ab410c4395b3ad5011632f9e077d0ed049e51de03cd79cfabfc3","ssdeep":"768:d5iG1tdXFeQ0R8ODdBxVdx846oPEriX2dusSBctajNJ0CkUFBaGkVlfjAmOg+Gc/:3lPXODNDI5mn+ZfjeGI8v3BfDWL15h","tlshash":"8233a7dc3fc4f35c02ba2176236fa40ef5aa6e11618df5d8d117a0e82e6471ae83b754","first_seen":"2026-03-17T09:37:34.142485Z","last_seen":"2026-03-17T09:37:34.142485Z","times_seen":1,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1STO2wcRRjHd41FAQWCAGm3SEEQd57X7s6QLuLRQIJIUApEMU9n8N7uZmf3znGVEERBgVxCt_7OjpsoggaJBqEzHRISV3FF3FBTIKQgRIPucpJhpPke8x-Nft_MN58ddKfREDq5eO_das8XhdxKhyh55YYvTTUJyZXrCUZDdCm54cuMXUp2l6YZv44pG6KLydtW71RbBGGEMMLJW76xrtrdWqng6wcCDwUaMjLEKYPd5v956GIIMgYzPo1eAG_mz_3mPgSvZ1COvn7Dhp22ql97c9QVsq0aGJvjD8qdspqUMDoLXRODK4_Xu6EK8yj6cgOq8nhdAVTjw2UFoPw82nj5EajyeI0Janz0hFQVYEtQ5lmYjGdgixPwcga6ugfe_BIBaANXrkI5un-laiby9hNVLtV5tPn4T_CTebT56EUoRw8vF343uVYVXeurMsCu68HvzsBvz6DuTqDdi8FPTkC3n4A3P0dbj9-BcnR4NRQVeLO4QIkW1lk9EFKTAaOCDFRG5cBwo1OcuywX2eqKvJuBDDF0y-lj6FwMXR3DyCwShjjTWNLMCaNzxCRjxiokOEFICp1Dp--CN_ugmztQN3dgx-9DuLn41inKGTOMUEatpVhwhChjmBmNhJIKp0LKDLHMUGOEEhxz5BgzHDOeqZw5lRJqrZI2xRYLlWfIZBorjNJcUq6xo8gInqZMpSLVhhvCVCadTPM8I5w44jJGaWYd4pkSzGpMXCpM7ijNc46REZgQTAg3S5bUCq6NhmBiCG0EY9MfmSKQ0N83RegUXnuy9rSfVu32gTyq2m1bRiCbfWhMf-jrW-Ee6Pap6Z4LZlotjVRtP5XK9FNv2g1obi0uICy0UyQfuEzpQc4wGQjB0wGhGUtzolxm0EF9Gj2_6ou_LyrYsYvEqkyIPDWMYo4UzlGa54JLxhUVRCEEwffgw8bqNff8PDr_F4baz6PNf34HJU8gFCeg_Usgu_MgJ9OccJA3QSDYKx8EObbbcmSHdVOBqXqo201ob8cHxWl0bvr-9cs_rFg--vULsPqnaD1ANz3UTQ8f-x8j2C7ufnO1bv3I78ll015rZWufBunn0TN_fA7az6Nz33-1-j_pqw9B13cg1GdnhSoCVUdQ-AgKe7YuVQ_hP7k6iw_Cp7DdxKCKeKqKJjpURVPsQ_CLxFFLNEI8zzDlzmLKjHYpZ8JkElFqoQ1z_10y-zcAAP__ileKwLgEAAA=","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:35:17 GMT","end":"Thu, 28 May 2026 00:35:16 GMT"},"fingerprint":{"sha1":"17:4A:E8:7A:8D:4C:22:69:70:30:C3:3D:6A:72:7A:68:E9:D2:3C:83","sha256":"0D:06:FA:1C:4D:9B:7A:47:4C:58:29:3B:40:85:C2:D1:F6:2B:AE:C5:66:2E:53:32:27:48:B1:F2:5C:2C:A7:A1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1STO2wcRRjHd41FAQWCAGm3SEEQd57X7s6QLuLRQIJIUApEMU9n8N7uZmf3znGVEERBgVxCt_7OjpsoggaJBqEzHRISV3FF3FBTIKQgRIPucpJhpPke8x-Nft_MN58ddKfREDq5eO_das8XhdxKhyh55YYvTTUJyZXrCUZDdCm54cuMXUp2l6YZv44pG6KLydtW71RbBGGEMMLJW76xrtrdWqng6wcCDwUaMjLEKYPd5v956GIIMgYzPo1eAG_mz_3mPgSvZ1COvn7Dhp22ql97c9QVsq0aGJvjD8qdspqUMDoLXRODK4_Xu6EK8yj6cgOq8nhdAVTjw2UFoPw82nj5EajyeI0Janz0hFQVYEtQ5lmYjGdgixPwcga6ugfe_BIBaANXrkI5un-laiby9hNVLtV5tPn4T_CTebT56EUoRw8vF343uVYVXeurMsCu68HvzsBvz6DuTqDdi8FPTkC3n4A3P0dbj9-BcnR4NRQVeLO4QIkW1lk9EFKTAaOCDFRG5cBwo1OcuywX2eqKvJuBDDF0y-lj6FwMXR3DyCwShjjTWNLMCaNzxCRjxiokOEFICp1Dp--CN_ugmztQN3dgx-9DuLn41inKGTOMUEatpVhwhChjmBmNhJIKp0LKDLHMUGOEEhxz5BgzHDOeqZw5lRJqrZI2xRYLlWfIZBorjNJcUq6xo8gInqZMpSLVhhvCVCadTPM8I5w44jJGaWYd4pkSzGpMXCpM7ijNc46REZgQTAg3S5bUCq6NhmBiCG0EY9MfmSKQ0N83RegUXnuy9rSfVu32gTyq2m1bRiCbfWhMf-jrW-Ee6Pap6Z4LZlotjVRtP5XK9FNv2g1obi0uICy0UyQfuEzpQc4wGQjB0wGhGUtzolxm0EF9Gj2_6ou_LyrYsYvEqkyIPDWMYo4UzlGa54JLxhUVRCEEwffgw8bqNff8PDr_F4baz6PNf34HJU8gFCeg_Usgu_MgJ9OccJA3QSDYKx8EObbbcmSHdVOBqXqo201ob8cHxWl0bvr-9cs_rFg--vULsPqnaD1ANz3UTQ8f-x8j2C7ufnO1bv3I78ll015rZWufBunn0TN_fA7az6Nz33-1-j_pqw9B13cg1GdnhSoCVUdQ-AgKe7YuVQ_hP7k6iw_Cp7DdxKCKeKqKJjpURVPsQ_CLxFFLNEI8zzDlzmLKjHYpZ8JkElFqoQ1z_10y-zcAAP__ileKwLgEAAA= HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMyOTA1OCwiayI6ImViNjk5NzVkNDMxODBiMTcwNTc3OThhNDhiMzkyYjAwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoiYjF1NHRzdHAiLCJjcGtzIjp7IjI4IjoiMTU0NjRjZTUxOTQ2MjY3YmUyZGYxYzM3OTZlOGViOGEifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.8kD4fJQoVZ_9ltftzrHneh1EM5Yi-D3H1z5plQXL4f8; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl16333479=1; u_pl16329058=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 385fe0c06d27c51348d7e4d7b7cb89da\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/download-manager/assets/css/front-dark.min.css?ver=3.3.51","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.540Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/download-manager/assets/css/front-dark.min.css?ver=3.3.51 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 19 Mar 2026 17:29:15 GMT\r\netag: \"35ee-69a9bd8f-4001ec5;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:29:51 GMT\r\ncontent-type: text/css\r\ncontent-length: 1561\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 10617\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=neHsUxcCgf4XFy5Mb%2BWG83vI7uITp6qoViNHkGV1cTWWi7dEP2qsrrLDa2NW57uj%2BP33pXGsByvRYi44VhKfx2qNpRUt9BlU3OWapw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045339b51806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":13806,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (13806), with no line terminators","md5":"a8ba82b53a35b5d701960cb2db2d3979","sha1":"e1179c2b4fde9258e938b6d3d8b1615385a3090a","sha256":"5c4164c02df4bd497535de57ffd29a89962284fcb0a9416a0d2af3f9d31f89ea","sha512":"a8f0f1bf4066a7cd165a6c02ded0dbbc94679865fa6a71450d1784bce61fa0d4f7ac9bb39c8f1c73db28e65520b487c79c4c97537f527de9cedff37eb734ec72","ssdeep":"192:Zut3WO7rn5V3aLTPdbu0N5d5+F55w95tZnbsGN7d7+LH7w97KTCGkpfHuZgujzVy:Zu5rAkTCVuZgunHZ1jJps","tlshash":"6452bdc9b0f47bba2e77dabf2b2cec15872c2cc2dee05f61b138616444c6799d5a1901","first_seen":"2026-02-07T00:51:12.410904Z","last_seen":"2026-06-18T21:20:41.413296Z","times_seen":711,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/4a/7e/85/4a7e8505cb95ed24dea186cf1b52adb6.js","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:01:03 GMT","end":"Thu, 28 May 2026 00:01:02 GMT"},"fingerprint":{"sha1":"F1:AF:5D:36:35:F4:F3:93:55:9A:8D:70:8F:C7:F5:6B:E2:26:FB:8E","sha256":"D3:58:1D:7D:AD:70:61:0C:FF:96:A1:79:6D:1D:A0:CF:58:59:D3:71:56:63:92:64:9D:FF:B5:46:E7:65:17:11"}}},"request":{"raw":"GET /4a/7e/85/4a7e8505cb95ed24dea186cf1b52adb6.js HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 34684\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0ea36b8624e14219b2084c0f1550d1b9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":91794,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"8bf5809967f9206b75e9931f33a48c76","sha1":"905ea380b7879f971c397448c95839f6efbae9fc","sha256":"05e361cad40f7863b254ede5309b9a05e20c04d439f67bd0c56b9a934343d800","sha512":"e7af3af6f2ce766be653d8a3c92c835198acb49d4444f6bebe991e61fbf4ff3b0da8bd9e7111110c69e76b4e38272d5ad858371ef7b613c45da4046430c79cd2","ssdeep":"1536:1sgv0NC4Y5Tll1apjTHlxn0WuXEon8USxNKo4hRl+GdanrEf78:agvA25lIpZxn0WuXEon8pCTag78","tlshash":"6393e8887fb272ed4396307b362fb006f22a9d512498f4f4d586b4e52e7876da437704","first_seen":"2026-03-17T09:37:34.143726Z","last_seen":"2026-03-17T09:37:34.143726Z","times_seen":1,"resource_available":true,"data":null}},"time_used":990,"timings":{"blocked":413,"dns":80,"connect":95,"send":0,"wait":106,"receive":96,"ssl":196},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fsystem%2F3%2Fjs%2Fscript.js\u0026l=16087\u0026fd=686","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fsystem%2F3%2Fjs%2Fscript.js\u0026l=16087\u0026fd=686 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":101,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/uploads/2022/03/ghostwire-tokyo-cover.jpg","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/uploads/2022/03/ghostwire-tokyo-cover.jpg HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nCookie: _ga_6QKNB8FJE0=GS2.1.s1773740225$o1$g0$t1773740225$j60$l0$h0; _ga=GA1.1.2071307227.1773740225; hu8935j4i9fq3hpuj9q39=true; s9ifs0idfjlwfie32dekl=0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Tue, 24 Mar 2026 09:37:06 GMT\r\netag: \"6b41-64f0e662-600a3b9;;;\"\r\nlast-modified: Thu, 31 Aug 2023 19:13:38 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 27457\r\naccept-ranges: bytes\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=son%2B6YHtdJAtgQWYgQ1mpDCnUzHtyF0ddX4LxY6N9p%2Bq3W%2B2loAtVBp5oYWEKM6FHQBt0FIC4aWxOtoQ9C6HP%2BIOG%2Fxzj5BFc1%2F5NA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045dab951806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":27457,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x300, components 3","md5":"53839772b6441795d84101ae2d54e726","sha1":"579a6fb036c05a728fb5159ac2cbbacbfb5ec792","sha256":"f0a1858d264f733e89bb7985bc66ed29af93a51a18cbaddffeaff06e3b14d986","sha512":"6ebaf4b4d9f292d09f4c5ca9fef4a8e2ebbeb639cba0fadfb3596b639187416d1d9b80f456f1870010159c60ae45aea73f59d9af6f5c30981f076cbbe1e91781","ssdeep":"768:YpWGqtISAy46FAlZdUWrW4iFeULxWTBOc9:YpWtnOfdUWPiS","tlshash":"62c2f184bfd44ea3df41feb4eea95d0111149760371586be8a08c04e8f26eb3f28d2d9","first_seen":"2026-03-17T09:37:34.144492Z","last_seen":"2026-03-17T09:37:34.144492Z","times_seen":1,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/wp-content/cache/min/1/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=1773059685\r\nCookie: _ga_6QKNB8FJE0=GS2.1.s1773740225$o1$g0$t1773740225$j60$l0$h0; _ga=GA1.1.2071307227.1773740225; hu8935j4i9fq3hpuj9q39=true; s9ifs0idfjlwfie32dekl=0\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 19 Mar 2026 18:28:32 GMT\r\netag: \"13654-69b24da8-f00f0a8;;;\"\r\nlast-modified: Thu, 12 Mar 2026 05:22:48 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 79444\r\naccept-ranges: bytes\r\ndate: Tue, 17 Mar 2026 09:37:05 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 400112\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9J2m4yg4h77i9ttC%2FD9xqKYvupnlJ2eNGFlncJkMJRaEy0ibdtAJBS%2FrrAWiwMxE%2BblorCEUOohi%2FyJCs2Uu9bUciKaF4t2WjUCnyg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045a6b0b1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":79444,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 79444, version 331.524","md5":"b15db15f746f29ffa02638cb455b8ec0","sha1":"75a88815c47a249eadb5f0edc1675957f860cca7","sha256":"7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7","sha512":"84e621ac534c416cf13880059d76ce842fa74bb433a274aa5d106adbda20354fa5ed751ed1d13d0c393d54ceb37fe8dbd2f653e4cb791e9f9d3d2a50a250b05f","ssdeep":"1536:ogXevisOzyu5r4HjEIe9vyJFdiTCHnegAZ64RPmF17k+GbpJ0VxZrtbz:oTvissyu5eb0ciORAZ64Qrk+0Mzbz","tlshash":"6b7302c68d4ae504c87e0daa36b5a96651be9fc5720e4df6e8700cbcf1f12dc0266d19","first_seen":"2023-04-05T14:18:50Z","last_seen":"2026-06-19T00:50:26.007906Z","times_seen":26519,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.1320845841861.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:01:03 GMT","end":"Thu, 28 May 2026 00:01:02 GMT"},"fingerprint":{"sha1":"F1:AF:5D:36:35:F4:F3:93:55:9A:8D:70:8F:C7:F5:6B:E2:26:FB:8E","sha256":"D3:58:1D:7D:AD:70:61:0C:FF:96:A1:79:6D:1D:A0:CF:58:59:D3:71:56:63:92:64:9D:FF:B5:46:E7:65:17:11"}}},"request":{"raw":"GET /watch.1320845841861.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:05 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nlocation: https://sourshaped.com/watch.1320845841861.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\u0026shu=760fb0cdb0767d1af5537725f71a63cab7ac66dc67050e0ee898432ce056038a58b02c601e70c58893bda55ce57d7c4ab0e87f81f9b52a77cad099b6927388b2ddfcbdfdc09375f1b1222ecc23b864e0e60c0e044a9ff7c6304623\u0026pst=1773740285\u0026rmtc=t\u0026st1=8c3809a559586ff0c10bd9b07d1d6ea9\u0026ps1=1773740225\r\nset-cookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; expires=Tue, 24 Mar 2026 09:37:05 GMT; path=/; secure; SameSite=None\nain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMzMzQ3OSwiayI6ImJkYmYyMDExNmZjOGQ1Y2JjMTJlODYxNTgwMzVjOTVkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoia3VmNmk1bWEiLCJjcGtzIjp7IjI5IjoiNGE3ZTg1MDVjYjk1ZWQyNGRlYTE4NmNmMWI1MmFkYjYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.jHlE25U0Sq3_7Y5k7Kfxy1Li-GjFy896lJMZAeNOW6s; expires=Tue, 17 Mar 2026 09:38:05 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a916adfb333801de457566327565de08\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4298,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":483,"timings":{"blocked":197,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fandroid_bigsystem%2F2%2Fcss%2Fstyle.css\u0026l=4550\u0026fd=562","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fandroid_bigsystem%2F2%2Fcss%2Fstyle.css\u0026l=4550\u0026fd=562 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/cache/min/1/wp-content/plugins/download-manager/src/User/views/auth-forms.css?ver=1773059685","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/cache/min/1/wp-content/plugins/download-manager/src/User/views/auth-forms.css?ver=1773059685 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Mon, 16 Mar 2026 12:38:21 GMT\r\netag: \"4e6e-69aebe65-906c2d7;br\"\r\nlast-modified: Mon, 09 Mar 2026 12:34:45 GMT\r\ncontent-type: text/css\r\ncontent-length: 3537\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 75256\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YXubfaqwwsYRo52XefZCtW80vwqMCoWhEjhur64a2%2BuM%2BEsV60rvgn7txBtxzx3ubjdyPkvRGyfAkdh211EPdSISHXCJ%2BKSwi1DXKA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045379dd1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":20078,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (20078), with no line terminators","md5":"79fc9445ac458c241e16028762c49a80","sha1":"e9b5e5b31b112d92a65cd6fa494aeab293622725","sha256":"831fb023a73b3406532f8a9eefbcb2af17f63317454c57da185c6cf037928bee","sha512":"f64dfdc25ded5dc6a505669d4c72436c2fc841c96bfdb0eaa93bb27e674035a257185312baadde1b92e90149afb6aac720ce664b1a61e8166e5d70fca962856b","ssdeep":"192:InBfD/+Sfe+SfvFjs+NyGXH0TLJQEQukeGX7XXFqfF8dEoyqy6qId+H+vaxLIWR3:8ZD2ufQRo8hKctCL4cPTuGwPc","tlshash":"d692fe1178522d36ed37ef574968fe58e33a48c78de22f265431a43c8ecd7639721a42","first_seen":"2026-03-17T09:37:34.14587Z","last_seen":"2026-06-18T02:58:52.163562Z","times_seen":15,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1450688464585.js?key=eb69975d43180b17057798a48b392b00\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\u0026shu=fb3844d42343ee31980034414dc09bab159aa6046d3dd9b98180f44d81486b74fb523eebae51e19b760d6c1b1057a38c1f30d98554b595cd8d24b6afa5776282f2f64336ef086b94ec12f59d7f3377810d91221228db1595e98cdc\u0026pst=1773740286\u0026rmtc=t\u0026st1=7c03fd13dc7527aa69c707815e2deb94\u0026ps1=1773740226","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.76","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:35:17 GMT","end":"Thu, 28 May 2026 00:35:16 GMT"},"fingerprint":{"sha1":"17:4A:E8:7A:8D:4C:22:69:70:30:C3:3D:6A:72:7A:68:E9:D2:3C:83","sha256":"0D:06:FA:1C:4D:9B:7A:47:4C:58:29:3B:40:85:C2:D1:F6:2B:AE:C5:66:2E:53:32:27:48:B1:F2:5C:2C:A7:A1"}}},"request":{"raw":"GET /watch.1450688464585.js?key=eb69975d43180b17057798a48b392b00\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\u0026shu=fb3844d42343ee31980034414dc09bab159aa6046d3dd9b98180f44d81486b74fb523eebae51e19b760d6c1b1057a38c1f30d98554b595cd8d24b6afa5776282f2f64336ef086b94ec12f59d7f3377810d91221228db1595e98cdc\u0026pst=1773740286\u0026rmtc=t\u0026st1=7c03fd13dc7527aa69c707815e2deb94\u0026ps1=1773740226 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nReferer: https://savegame.pro/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMyOTA1OCwiayI6ImViNjk5NzVkNDMxODBiMTcwNTc3OThhNDhiMzkyYjAwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoiYjF1NHRzdHAiLCJjcGtzIjp7IjI4IjoiMTU0NjRjZTUxOTQ2MjY3YmUyZGYxYzM3OTZlOGViOGEifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.8kD4fJQoVZ_9ltftzrHneh1EM5Yi-D3H1z5plQXL4f8\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 2127\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; expires=Tue, 24 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nu_pl16329058=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 17\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a178bb58aabcf72962166868634a9106\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4302,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3426)","md5":"c98834241a69b95a4d693a7beeddbf2a","sha1":"775aa4d8e84763054a5f12e78947ee51734314e4","sha256":"a3fcdab24a9996b00989c7980a5109de6d718d5ab04d780df84333916a939717","sha512":"a79f3ac63120fa1f91eb899df52875334a5b47801dce22245d4ba5ace61032f2374a6ba05e34b0f0f55ab7d4f761812c835c447d25d7a39599ba72bb107d635f","ssdeep":"96:soz0qMA0lGCEdrpCafSipb0DZ0atk/YlGCEdrpCafSipb0DZ0bzw1ZDOCfMEDaH:lzLCEdroUd0DZVk3CEdroUd0DZizoVOv","tlshash":"a691fa65bcdd5404541778bd79aa94986c11820fcc84dec3383cde909f127eb4ede8d9","first_seen":"2026-03-17T09:37:34.146689Z","last_seen":"2026-03-17T09:37:34.146689Z","times_seen":1,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/impr.gif?sid=H4sIAAAAAAAC_1RTPWwcxRff9d9_CigQhI_2ihSAuPPMzuzHkC7io4EEkaAUCKE3b2adwXu7m53dO8dVQoCCyhWCbu-dY1NECBokGoTOdEhIXMUVcUNNgZCCEA2yY8kwxfv4_Uaj3xv93sez7igYUQerN9-odlxRwEY8YoPnrrnSVFM_uHR1wNmIXRhcc2UiLwy2j0MzeYkLOWLPD16zuFVtRIwzxhkfvOoam1fbGycsufqe4iPFRjIa8VjSdvPf3ncheQjJTI6CJ8mZ5eO_5u-QwwWV469etn6rreoXXxl3BbRVQxNz8Ha5VVbTksZnZd6ElJcHp7ep8ssg-GyNqvLgdAKqJnvHE5B2y2Dtmfuky4NTmaQndx8q1QXZkrR5jKaTBdnikBwsCKs75MzPAREaunSZyvH-paqZws2HLByzy2D9wR_kpstg_f5TVI6_vFi47cGVquhaV5WetvOe3PaC3OaC6u6Q2p2Q3PSQsP2AnPkp2HjwOpXjvcu-qMiZ1XmTQmp1aod5LPRQyoQPASAaMpNgDFEsMFEnX-TyBYFfo86H1LmQujykrg5pbFYDyTKJHESSK4MpkyClsZqpLGIMFKbU4W1yZpew-Wi_Ntfbrcle23R2ryvRz_gXD6FInID7x2AkZvxe915d8EQIIVM141Q3t2jL7ZK_vvpGoYyYyFSaaZEnKUY8QamM5phGFhRXKShEi9rEmqUWTJwnCQPUVhujY4yTHCPkGKeRlCJTlgNawESAABVbgyYziRFc2yyOOEe0KhaKA-MMmE0kxCC1FAg5QylSnkYit5yxnFmQWYKRxBhUFHHGda5jrvJEKEPehOTbgCamv2sKH_l-3xS-0_w0R6dZ9POq3ZzB3ardtGVA0OxSY_o9V9_wdwjb_813cm_m1XEA3fZz0KafO9OuUXNjdZ5xhbmO0mGeQjZMU2aGGYthqFiSJlJwDSyd1UfBEyeG-it-QFt2NUBMkUcZF0ImBhWiShUwY8EoFIYl5F1Pzq8R-JB23DJ49k9OtVsG63__RhoOyReHhO5pgu7_BNO5YIzg-jyKGe2U9zxM7CaM7ahuKjJVT3W7Tu3NcFYcBefmb129-P2JmHd_mZDFH4PTQ9j0VDc9ve9-CGizuP315bp1Y7cDx3a_0kJrHyFwy-DR3z8hdMvg3Hefn2xe_MKnhPUt8vXZW74KSNcBFS6gwp7hoHvy_-r1WT3zH9JmE5IuwrkummBPF02xS96tBrmwETKWpQkXWW65kAbzOJPKJMCEsNT6pft2sPgnAAD__4d9jKTyBAAA","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:01:03 GMT","end":"Thu, 28 May 2026 00:01:02 GMT"},"fingerprint":{"sha1":"F1:AF:5D:36:35:F4:F3:93:55:9A:8D:70:8F:C7:F5:6B:E2:26:FB:8E","sha256":"D3:58:1D:7D:AD:70:61:0C:FF:96:A1:79:6D:1D:A0:CF:58:59:D3:71:56:63:92:64:9D:FF:B5:46:E7:65:17:11"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTPWwcxRff9d9_CigQhI_2ihSAuPPMzuzHkC7io4EEkaAUCKE3b2adwXu7m53dO8dVQoCCyhWCbu-dY1NECBokGoTOdEhIXMUVcUNNgZCCEA2yY8kwxfv4_Uaj3xv93sez7igYUQerN9-odlxRwEY8YoPnrrnSVFM_uHR1wNmIXRhcc2UiLwy2j0MzeYkLOWLPD16zuFVtRIwzxhkfvOoam1fbGycsufqe4iPFRjIa8VjSdvPf3ncheQjJTI6CJ8mZ5eO_5u-QwwWV469etn6rreoXXxl3BbRVQxNz8Ha5VVbTksZnZd6ElJcHp7ep8ssg-GyNqvLgdAKqJnvHE5B2y2Dtmfuky4NTmaQndx8q1QXZkrR5jKaTBdnikBwsCKs75MzPAREaunSZyvH-paqZws2HLByzy2D9wR_kpstg_f5TVI6_vFi47cGVquhaV5WetvOe3PaC3OaC6u6Q2p2Q3PSQsP2AnPkp2HjwOpXjvcu-qMiZ1XmTQmp1aod5LPRQyoQPASAaMpNgDFEsMFEnX-TyBYFfo86H1LmQujykrg5pbFYDyTKJHESSK4MpkyClsZqpLGIMFKbU4W1yZpew-Wi_Ntfbrcle23R2ryvRz_gXD6FInID7x2AkZvxe915d8EQIIVM141Q3t2jL7ZK_vvpGoYyYyFSaaZEnKUY8QamM5phGFhRXKShEi9rEmqUWTJwnCQPUVhujY4yTHCPkGKeRlCJTlgNawESAABVbgyYziRFc2yyOOEe0KhaKA-MMmE0kxCC1FAg5QylSnkYit5yxnFmQWYKRxBhUFHHGda5jrvJEKEPehOTbgCamv2sKH_l-3xS-0_w0R6dZ9POq3ZzB3ardtGVA0OxSY_o9V9_wdwjb_813cm_m1XEA3fZz0KafO9OuUXNjdZ5xhbmO0mGeQjZMU2aGGYthqFiSJlJwDSyd1UfBEyeG-it-QFt2NUBMkUcZF0ImBhWiShUwY8EoFIYl5F1Pzq8R-JB23DJ49k9OtVsG63__RhoOyReHhO5pgu7_BNO5YIzg-jyKGe2U9zxM7CaM7ahuKjJVT3W7Tu3NcFYcBefmb129-P2JmHd_mZDFH4PTQ9j0VDc9ve9-CGizuP315bp1Y7cDx3a_0kJrHyFwy-DR3z8hdMvg3Hefn2xe_MKnhPUt8vXZW74KSNcBFS6gwp7hoHvy_-r1WT3zH9JmE5IuwrkummBPF02xS96tBrmwETKWpQkXWW65kAbzOJPKJMCEsNT6pft2sPgnAAD__4d9jKTyBAAA HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMzMjI3OCwiayI6ImNjN2MxMjgxMzM0NmRjOWNjOTc5YTBkZWFkOWMzZDA2Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJmcmptNmV5ZGgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjY2NTYxMTE1LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTM2OTI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEzNC4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiY3QiOnsiaWQiOjMxNDMyNDQsIm4iOiJPc2xvIn0sInJnIjp7ImlkIjoxODQ0LCJuIjoiT3NsbyBDb3VudHkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJpd2YiOnRydWUsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zYXZlZ2FtZS5wcm8vcGMtZ2hvc3R3aXJlLXRva3lvLXNhdmVnYW1lLyIsInR6IjoxLCJpZHQiOjIsImFyIjpbXX19.trmVf2wVquG7z9HkvB07B4rapFcYw6sKzXrYVbH2up0; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl16333479=1; pdhtkv5=true; uncs5=1; u_pl16332278=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8bc401c27efc9255ad32462dbdf9da62\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/system/3/img/confetti.gif","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/system/3/img/confetti.gif HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncontent-type: image/gif\r\ncontent-length: 206291\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 11:21:16 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"68b9762c-325d3\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 10168958\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JvJ74L%2BW7Boydivwry6Vvj6MWn2V6pUaDtz1OgHS2emL8Ej3aybf8oOAMldvCi21eZUdSgAjkv2voxX4aaOaEBtHn9IvWNLAcc8RLRzR4bk%3D\"}]}\r\ncf-ray: 9ddb04667dd3a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":206291,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 360","md5":"0b33face774f2203446507ce5f075538","sha1":"1dd3522529bce7739df0687f47f5bc84356698a0","sha256":"ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2","sha512":"58aa96c101e4a4cd0b2df5065639f0795b4ebb970f3a1e6c33a3a4566c3e8ae22038457f7eee59d70baaa03c63c369e9c8c88fc4dd7206c26fc6bfd602424f9d","ssdeep":"3072:uX7nWRsxeentKfdlIIn6vXDwyH005Z5JVaCFfXiceSPVUAV9FY7u:W7nWyee4fLII6vDFU8bfaivimlFYu","tlshash":"6c14e167d568498bca0931f02006167b6e79ecf57c78f87fb581b9825ebb42e35e1c02","first_seen":"2024-05-02T15:55:45Z","last_seen":"2026-06-18T22:56:50.68148Z","times_seen":2229,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fandroid_bigsystem%2F2%2Fjs%2Fscript.js\u0026l=8972\u0026fd=506","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fandroid_bigsystem%2F2%2Fjs%2Fscript.js\u0026l=8972\u0026fd=506 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/css/sidebar.min.css?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/css/sidebar.min.css?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 12 Mar 2026 17:23:12 GMT\r\netag: \"2d4-69a9bbc9-9008a99;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 212\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 403646\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U6FXUPrHajryViav%2BzU6kFsjtal%2FvfWjHavkDc2BfPmNOjSkbLg1xCoIIdqQZxSroTvpSQPgKm3fz4KhGWHKOJqHVQz6udkNbBsYOQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349bc1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":724,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (724), with no line terminators","md5":"4499ae1fbaca9548cb1438c9ada86f6f","sha1":"545db0199e9b289cac63da8a939ab9d4bf574e3f","sha256":"2d9c0ea317d0a1ffbcc1f9a8c3148d63c03eddbb83bd770a417d300d7402fb5c","sha512":"bce531d0e1057e5a2f4cf719da886e3568d1db4987cc8e3b08070f0238b56fa48122209d851f03b17ed1ecca654e70c145f71a2479ceaeead731d56e6c54d305","ssdeep":"","tlshash":"af01d8593f632d3c60671896c1f610785a992cdde6fb58cf840de90b2648bca80aa5e4","first_seen":"2025-08-31T23:23:27.869234Z","last_seen":"2026-06-18T18:50:51.066485Z","times_seen":802,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"63.182.194.222","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"statistics.it.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Wed, 18 Feb 2026 00:00:00 GMT","end":"Fri, 19 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"FF:73:E7:93:27:CB:4F:C3:84:85:D5:0E:06:52:E6:94:2D:2B:A5:C6","sha256":"09:27:72:13:57:CD:B4:25:3A:BE:58:AD:CC:13:D2:7D:D4:D4:F6:12:80:69:D9:B9:38:71:43:36:A9:56:FE:70"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:05 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://savegame.pro\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; expires=Fri, 14 Mar 2036 09:37:05 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"e0fb685d8d3a251bfc1e3cbb3c167bb5","sha1":"d6050cc834dff8de1c4e752f81ef0c21890ec0fc","sha256":"8f521d20412d7462b9cd6094f8cc439b312f3c90536e995126f0a3e0795b58a7","sha512":"14f101d969d13625679690baacf05601741dd8d3c2b79f10d4b0fa353ed556ea3bd38327fcee4f078724ae110961a376fd24c8b5be4642f8803b9014a605959c","ssdeep":"","tlshash":"999004d310351dd1710004f1554441f04054033d10c54334040170d0f577cd501d1c14","first_seen":"2026-03-17T09:37:34.148515Z","last_seen":"2026-03-17T09:37:34.148515Z","times_seen":1,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.442Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 01:24:35 GMT","end":"Thu, 28 May 2026 01:24:34 GMT"},"fingerprint":{"sha1":"66:45:2B:BB:A2:6D:D3:A2:B6:16:36:65:94:BA:4A:C6:5E:05:66:09","sha256":"A4:2E:A7:56:DB:44:FF:55:9A:FA:4D:EC:2A:78:CB:C5:02:CD:CF:B2:FB:A7:A7:75:77:EC:01:DB:19:71:C0:77"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 51c26d9a8c32d9af5ccb5415c961bd04\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-19T01:58:21.865475Z","times_seen":19107,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-16","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/impr.gif?sid=H4sIAAAAAAAC_1RTPYwcNRj1hBMFFAgCpJ0iBSB2zx7b45mki_hpIEEkKAWi8O_F3OzMZDyze9kqIYiCAl0J3dy3l1wTRdAg0SC0R4eExFZskWuoKRBSEKJBu1npwJK_Hz_Les9-_uygO0FD6OTyvXerqS8Kuc2HOH7lui9NNQnx5WsxwUN8Mb7uy5RdjPdWoRlfIJQN8avx21bvVtsJJhgTTOK3fGNdtbe9RsHXD3IyzPGQJUPCGew1_-9DF0GQEZjxCXoBvFk895v7ELyeQzn6-g0bdtuqfv3NUVfItmpgbI4-KHfLalLC6LR0TQSuPNrshiosEPryDFTl0UYBVOPDlQJQfoHOvPwIVHm0oQlqfO8JU1WALUGZZ2EynoMtjsHLOejqLnjzCwLQBi5fgXJ0_3LVTOStJ6hcoQu09fhP8JMF2nr0IpSjh5cKvxdfrYqu9VUZYM_14Pfm4HfmUHfH0E4j8JNj0O0n4M3PaPvxO1CODq-EogJvludponPrrB7kUicDRvNkoFIqByYzmhPhUpGn6yvybg4yRNCtpo-gcxF0dQQjs4wZzpgmkqYuN1pgJhkzVuE8SzCWuRbQ6TvgzT7o5jbUzW3Y9fsQbiy_JTQ3QrPMcMozySjmjquEp8pQZTIjMFacY6oZIzQXihuRKmdzS7DiMiEpZ9Tg3KQ5yXgiFHfYOi6o4rmU2AjHZGaNpJkUqbRZJrFWXNoUSyqwcto5hrk2KZaZSbRKHMNCOeJylzhqmGE8S4UzLiUWc4eZE1o4hiGYCEKLYGz6e6YISejvmyJ0imxyssm0n1XtzoG8V7U7tkQgm31oTH_o65vhLuj2qdnUBTOrVkGqtp9JZfqZNy2C5ubyPCa5dioRA5dKORAkFYPcYTnAnAoqhcWayoP6BD2_9sXfF45g1y5jZZRLMCGp05nhWmmS2CwlPMOU65wbCL4HH86sX3PqF-jcXwRqv0Bb__wOSh5DKI5B-5dAdudATmYiyUDegBzDtHwQ5NjuyJEd1k0FpuqhbregvRUdFCfo7Oz9a5d-WHP56NcvwOqf0GaAbnqomx4-9j8i2CnufHOlbv3IT-XKtFdb2dqnQfoFeuaPz0H7BTr7_Vfr_8Nfewi6vg2hPj0rVAhUjaDwCAp7ui5VD-E_vTqtD8KnsNNEoIpopooGHaqiKfYh-GXsqE00xplICc2cJZQZ7XjGcpNKTKmFNiz8d_H83wAAAP__dEHkTrgEAAA=","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:35:17 GMT","end":"Thu, 28 May 2026 00:35:16 GMT"},"fingerprint":{"sha1":"17:4A:E8:7A:8D:4C:22:69:70:30:C3:3D:6A:72:7A:68:E9:D2:3C:83","sha256":"0D:06:FA:1C:4D:9B:7A:47:4C:58:29:3B:40:85:C2:D1:F6:2B:AE:C5:66:2E:53:32:27:48:B1:F2:5C:2C:A7:A1"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTPYwcNRj1hBMFFAgCpJ0iBSB2zx7b45mki_hpIEEkKAWi8O_F3OzMZDyze9kqIYiCAl0J3dy3l1wTRdAg0SC0R4eExFZskWuoKRBSEKJBu1npwJK_Hz_Les9-_uygO0FD6OTyvXerqS8Kuc2HOH7lui9NNQnx5WsxwUN8Mb7uy5RdjPdWoRlfIJQN8avx21bvVtsJJhgTTOK3fGNdtbe9RsHXD3IyzPGQJUPCGew1_-9DF0GQEZjxCXoBvFk895v7ELyeQzn6-g0bdtuqfv3NUVfItmpgbI4-KHfLalLC6LR0TQSuPNrshiosEPryDFTl0UYBVOPDlQJQfoHOvPwIVHm0oQlqfO8JU1WALUGZZ2EynoMtjsHLOejqLnjzCwLQBi5fgXJ0_3LVTOStJ6hcoQu09fhP8JMF2nr0IpSjh5cKvxdfrYqu9VUZYM_14Pfm4HfmUHfH0E4j8JNj0O0n4M3PaPvxO1CODq-EogJvludponPrrB7kUicDRvNkoFIqByYzmhPhUpGn6yvybg4yRNCtpo-gcxF0dQQjs4wZzpgmkqYuN1pgJhkzVuE8SzCWuRbQ6TvgzT7o5jbUzW3Y9fsQbiy_JTQ3QrPMcMozySjmjquEp8pQZTIjMFacY6oZIzQXihuRKmdzS7DiMiEpZ9Tg3KQ5yXgiFHfYOi6o4rmU2AjHZGaNpJkUqbRZJrFWXNoUSyqwcto5hrk2KZaZSbRKHMNCOeJylzhqmGE8S4UzLiUWc4eZE1o4hiGYCEKLYGz6e6YISejvmyJ0imxyssm0n1XtzoG8V7U7tkQgm31oTH_o65vhLuj2qdnUBTOrVkGqtp9JZfqZNy2C5ubyPCa5dioRA5dKORAkFYPcYTnAnAoqhcWayoP6BD2_9sXfF45g1y5jZZRLMCGp05nhWmmS2CwlPMOU65wbCL4HH86sX3PqF-jcXwRqv0Bb__wOSh5DKI5B-5dAdudATmYiyUDegBzDtHwQ5NjuyJEd1k0FpuqhbregvRUdFCfo7Oz9a5d-WHP56NcvwOqf0GaAbnqomx4-9j8i2CnufHOlbv3IT-XKtFdb2dqnQfoFeuaPz0H7BTr7_Vfr_8Nfewi6vg2hPj0rVAhUjaDwCAp7ui5VD-E_vTqtD8KnsNNEoIpopooGHaqiKfYh-GXsqE00xplICc2cJZQZ7XjGcpNKTKmFNiz8d_H83wAAAP__dEHkTrgEAAA= HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMyOTA1OCwiayI6ImViNjk5NzVkNDMxODBiMTcwNTc3OThhNDhiMzkyYjAwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoiYjF1NHRzdHAiLCJjcGtzIjp7IjI4IjoiMTU0NjRjZTUxOTQ2MjY3YmUyZGYxYzM3OTZlOGViOGEifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.8kD4fJQoVZ_9ltftzrHneh1EM5Yi-D3H1z5plQXL4f8; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl16333479=1; u_pl16329058=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 812d1c1fa5b118fee5ceb8ddebcbb8bf\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/ren.gif?sid=H4sIAAAAAAAC_1RSO2wcVRR9Y7tDCEESqJCmSAESu37z30mKSBGfBmwgQSlASO83mxfPzoznzexutnIIojYUiE8zPmvHTYRAokmHdimQLCFlui3ihpoKKRQUoLVXijjFvffpvOLcc-4XB_Up6aJmi_ffyyc6Tdlm0KX2a7d0JvORsbdu2g7t0qv2LZ2F_lV7vCzl8Irj-V36uv2OEjv5pksdSh3q2G_rUiX5ePOMhS4exk43pl3f7TqBj3H5_7epLRhmQQ5PyUvQsn3hj-RjaDFDNvjxTWV2qrx4461BnbIqLzGUxx9lO1k-yjB4NialhSQ7Xv1GblpCvllDnh2vNkA-PFxuAK5bsvbyE_DseCUTfHh0rpSnUBm4fA6j4QwqnUGzGUR-H1o-JoCQ2NpGNniwlZcjdvecZUu2JRtP_4IetWTjyUVkgx-up3ps38jTutJ5ZjBOGujxDLo_Q1HPUU0s6NEcovoMWv5ONp--i2xwuG3SHFouLsuIRYpHqpMEHu_4fuh0GGNuh8pQBMwNPBHGZxbpZAZm1lAbC7W2UCcW6sLCQC5sn_Z84TAvTGIpIuoz35eK07jnUspiEaEW96DlPkS5h6Lcw47eh7ndwMh1mKol1gd7GMrmSKbGNc0DmZqaO6vurrrXTPOqf8CO8qqvMgJW7qOUzaEuds19iGp9OkmMnObLwnjVTBmXzVTLag3l7uIydWKRcDfqJLFinYj6UYcLSjtuQEMaRX7scv-gOCUvLk22vnY-wY5a2D6LVC-ggeBxoKTrS8WcXigShwcukzyE0Q20WQMzFia6Ja_87aDQLdn4509wNodJ5xD6Elj9KtioAbvdYJI9NGyo-mygukWZQ-YNimoD1V3rID0lF6Yf3rz-y1nWYvdfKHFybe6dAaJsUJQN7uhfCfrpvZ-2i0oP9IQtw79RsUqtg-nH619B6JZc-vT07Ap7Pz8PUezBFCfXHn27xHcwOQEvLKS6Jd7F35Cqk2vfX7hzhRACxhsYdUJWAH82H5jP0S8t8NSa8rS0Dnlapl-eCzV6YQcu98JeL1RJKBNPeq4n44Cq2Gdx6Md-gMq0-pE9_y8AAP__wjczjAcEAAA=","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSO2wcVRR9Y7tDCEESqJCmSAESu37z30mKSBGfBmwgQSlASO83mxfPzoznzexutnIIojYUiE8zPmvHTYRAokmHdimQLCFlui3ihpoKKRQUoLVXijjFvffpvOLcc-4XB_Up6aJmi_ffyyc6Tdlm0KX2a7d0JvORsbdu2g7t0qv2LZ2F_lV7vCzl8Irj-V36uv2OEjv5pksdSh3q2G_rUiX5ePOMhS4exk43pl3f7TqBj3H5_7epLRhmQQ5PyUvQsn3hj-RjaDFDNvjxTWV2qrx4461BnbIqLzGUxx9lO1k-yjB4NialhSQ7Xv1GblpCvllDnh2vNkA-PFxuAK5bsvbyE_DseCUTfHh0rpSnUBm4fA6j4QwqnUGzGUR-H1o-JoCQ2NpGNniwlZcjdvecZUu2JRtP_4IetWTjyUVkgx-up3ps38jTutJ5ZjBOGujxDLo_Q1HPUU0s6NEcovoMWv5ONp--i2xwuG3SHFouLsuIRYpHqpMEHu_4fuh0GGNuh8pQBMwNPBHGZxbpZAZm1lAbC7W2UCcW6sLCQC5sn_Z84TAvTGIpIuoz35eK07jnUspiEaEW96DlPkS5h6Lcw47eh7ndwMh1mKol1gd7GMrmSKbGNc0DmZqaO6vurrrXTPOqf8CO8qqvMgJW7qOUzaEuds19iGp9OkmMnObLwnjVTBmXzVTLag3l7uIydWKRcDfqJLFinYj6UYcLSjtuQEMaRX7scv-gOCUvLk22vnY-wY5a2D6LVC-ggeBxoKTrS8WcXigShwcukzyE0Q20WQMzFia6Ja_87aDQLdn4509wNodJ5xD6Elj9KtioAbvdYJI9NGyo-mygukWZQ-YNimoD1V3rID0lF6Yf3rz-y1nWYvdfKHFybe6dAaJsUJQN7uhfCfrpvZ-2i0oP9IQtw79RsUqtg-nH619B6JZc-vT07Ap7Pz8PUezBFCfXHn27xHcwOQEvLKS6Jd7F35Cqk2vfX7hzhRACxhsYdUJWAH82H5jP0S8t8NSa8rS0Dnlapl-eCzV6YQcu98JeL1RJKBNPeq4n44Cq2Gdx6Md-gMq0-pE9_y8AAP__wjczjAcEAAA= HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 5\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 553b33798cb43cf291726cfb883f44c0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/interstitial/sweep/default/system/3/index.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 03 Feb 2026 22:39:28 GMT","end":"Mon, 04 May 2026 23:38:03 GMT"},"fingerprint":{"sha1":"DE:44:B7:F9:65:9F:D2:6E:27:46:3E:12:7A:23:24:E9:D7:2B:16:7E","sha256":"E1:09:99:E2:19:59:48:E0:83:95:4C:4F:63:09:68:08:82:8E:16:17:8D:20:09:B6:93:1D:B5:84:B7:46:68:C1"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/system/3/index.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 11:21:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CwqWLnVPTXi2YAvcvnwz5DSVkKG6zCI3T%2Fer%2FCyMr5w2xacbsNf%2FxIceX00PS0JzCrngulwCjAdM9Klyh2cdXpX4rjab7V9HXS7Xhs8E9g%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ddb0464aa5048d0-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":2975,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"de8619bd77683ea7231763a9cc97a63a","sha1":"6ca12a67b206266c2e52870e4aab27bf0b66bd43","sha256":"8e123e2bc85662a9467f3e2118ddef73e0b12859efde3085c8a5d2929d6dcc64","sha512":"14c4e19bd3e61f43f2cd3b9246a17918a74c2acbb8e39725feb3fa007260381ca4e9261ee27db166de49cc1509d48845b4dfaa1b11ff663dec808a433118573a","ssdeep":"","tlshash":"f551395159f9c93720c2a0877b712f2a99d1a947ca4a550177fc0ac0cfdbf89d95b20b","first_seen":"2025-11-18T02:35:34.346746Z","last_seen":"2026-06-18T11:00:50.115769Z","times_seen":325,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":67,"dns":33,"connect":8,"send":0,"wait":120,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/android_bigsystem/2/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/android_bigsystem/2/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 12752\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:17:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa847c-31d0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 3385706\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lLuMdHXzfyfc8H8P2bRf6vSWPT0OLug20VAyitxxXn3wkV89dLEEBXq9m12Owj0nLssFxXn50Kk1AsTPwu%2FFK3e0ShAUBi2ievC4xziU5gk%3D\"}]}\r\ncf-ray: 9ddb0466ef4ba0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12752,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced","md5":"8e61cf3dccea6ab862bfb51e362a1516","sha1":"967f3b30680bd39126eeeb3b3c131833cb89ca51","sha256":"cead1002bb2a8ef60efc22804d0ef0596b9e19a7362d40cde2d5a3a7c6b83668","sha512":"eedef64b834cbfdfaad12608f2368e76d5cfe0f1c2cac49588cf228a3b4499a6bbb905c1caa8cc0a7b28580125b5684d0b418da7512fdc734b78ffd02557e1a6","ssdeep":"192:FEQvS5kknzHBDSBho9ANkiM1QLzJCjwbMA56C4cla4D7AdiYw+nDLnKQl3jbp:FraxnzhghoqNkiHMjq594WaE7M3BvL3B","tlshash":"0642bfcade035d84601a8b096ddff7a11f1367ee7a04e861deade8d386652b7a1041c3","first_seen":"2023-05-24T13:08:37Z","last_seen":"2026-06-18T13:18:55.496746Z","times_seen":1420,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/css/footer.min.css?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 12 Mar 2026 17:23:12 GMT\r\netag: \"4dd9-69a9bbc9-9008a8b;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 1662\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 403627\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=16pDASmyL4ko2FODuPNM%2FMNnuul8OS7SW6t3VAJKhlfQyuJxS9g2kCaWPOSmDKGuf%2FwCL5k7ha9Ykg9fSjKa4MhSB5PHX6dWsXjlnQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349c21806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":19929,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (19929), with no line terminators","md5":"7a20740c12ffaf755d39e4cb4ecaed53","sha1":"5fd1af235eb281375d75828dd99725402878c14a","sha256":"8e073c256cf3d2798bff270bb122c32a75fe5860e82200b5e1ace4bccf8084ac","sha512":"6ac00de63b29b31242b098ec69e41a5d174cab151c8a036b6ea07315c1102d464884391d5b49cc773549004e1a913179c95189154cb7b571c47669a7d02a0266","ssdeep":"384:3EulmfE1yQ91S/IluHHgfnqCH9ol377t7146pZW:hlmfE1yu1S/IluHHGnq+9o7719ZW","tlshash":"9a92027afd612aa462e6966bb2c23e85c431c42dc9861cf936ded32305d79c6097cd0f","first_seen":"2025-08-29T19:53:05.840023Z","last_seen":"2026-06-19T00:44:38.570504Z","times_seen":6232,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/css/kadence-splide.min.css?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/css/kadence-splide.min.css?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 12 Mar 2026 17:41:18 GMT\r\netag: \"2415-69a9bbc9-9008a91;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 1624\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 400918\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ohGdxoecesPXgsZuNHdRTfVY7l9A%2FvyJtFvl4NnQ6TYpxYBkK6tKnTQrF9jWcX%2FWq6ypuHyY9bOFNHewefZM4R2P1x5d31OqwK%2B49Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349c31806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9237,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (9237), with no line terminators","md5":"f97e777c71b5b6b444fbd5677ef6a83a","sha1":"f46e6bfd945ae6212d28673241ff0b4bc6f9d992","sha256":"a1bf979900017ac725efa9155a96afdd471c2724f227d821205257d03a923d71","sha512":"a98d56699862e3f33730a7c13d2889c7875a679c5aa7c58be4738b09d7d17c3f7163f33ed261d6ca0df96ac24ce8ec95ed7957aa3209a93364f8e25fc3528f6a","ssdeep":"192:uvMoFXcmusqYx0S64ctcbe5Qc0GGgnJqA:MqYmSdUgOQ/GGgnJqA","tlshash":"0912400ea2c51f8d140a6a3324aeca4ff0dc537246520735e6ff82a8468895717ededf","first_seen":"2025-08-31T23:23:27.89005Z","last_seen":"2026-06-19T00:15:21.356808Z","times_seen":914,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/cache/min/1/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=1773059684","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/cache/min/1/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=1773059684 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Mon, 16 Mar 2026 12:38:20 GMT\r\netag: \"42c8-69aebe64-7001272;br\"\r\nlast-modified: Mon, 09 Mar 2026 12:34:44 GMT\r\ncontent-type: text/css\r\ncontent-length: 3499\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 75256\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qNesOsUfG1Z1FIjS32W8Kl8bluSnu4b72r9IKqn4heQkq%2B%2FuUbrvpxApCA6%2F4eHyijqcM9fnpB6oe5S6o0xRUp0Amha034g2AZnE1g%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349c11806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":17096,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (17096), with no line terminators","md5":"0921e0075f4afbbdddc0ea1b3b5a24a2","sha1":"93eef197f74eb03f4ab47c45f6db0ee2aaab2600","sha256":"8f70fa61228c826d531af77e03a854dae7bc4ad51a21c9965a51d250640a2ff2","sha512":"e867b3044a66e0e09503830bc9469299f6fa7a17a8a9d1d857a9b3f1c279536310faf6cf0efdde3b70d3d5f41d3fb173f7cd5664e7702e57c31893cf60e99535","ssdeep":"192:niVA8j1E2s3ZiexEauBE57R9eyY52jKNOINO8NOo/+qrcWKOtYMne0Vctt1WNSh0:PxEaeE57uyYQKzRX/+qrcWKAU1WNSi/","tlshash":"e472757eabe0311ca2578537a2d35f6d31bcc112ba13097dda167f30c34aa9b26f514a","first_seen":"2025-06-27T11:26:40.231576Z","last_seen":"2026-06-18T23:46:50.724097Z","times_seen":184,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"579c-69a9bbc9-c806d02;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 5076\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 3414\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SEIDS0pKzxOf%2FDbJJtyv7YiqX%2FJW%2BT0rMF%2BXJCExLhO5mhBAmaCWVlS88H626VNL8PrL7HxbQjExoQgFf8YguAKEIIl64v44BM149A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045379e31806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22428,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (22428), with no line terminators","md5":"1223797af7c8f4afc5c0509331e9fd16","sha1":"0b6e4c455625f0dffcbba0534b74e1b895b2cdbf","sha256":"c778723bd7d4c338694dfb021c7a11a01e7a89f67cc90e923755852f0f079712","sha512":"0237e95096305651bf39dde64253d8095e7630c3e1b4885c98f8c37b0bd0286d88e4354359c8457ceed493b543dfa4cbb26d43c11ffe917203b434424bfe2b19","ssdeep":"384:FeKCj0sDS7jyUK9A2xzMhjuFjF0TQhzYJ6bmgbOpYHMJE3Yo7mHh3QkwWBcXDcFZ:oPj0s+7jyUK9A2xzMhjuFjF0TQhzYJ6Y","tlshash":"d8a288ae6204357700eb2fe3f2abb7c239756899f5464421126dcc0e656cec79062ff9","first_seen":"2026-02-13T01:52:58.750502Z","last_seen":"2026-06-18T22:16:19.773544Z","times_seen":2724,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/css/related-posts.min.css?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.556Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/css/related-posts.min.css?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 12 Mar 2026 17:41:18 GMT\r\netag: \"3e5-69a9bbc9-9008a97;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 303\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 400918\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wR%2BNmqXmGB2nnvltbV0kFAG9rIYnFqsh2PN4gEKi4bnhHhKpQyXElYseSp8O6XDwOZBgKqU3xttU%2FViXl4TX8a0ZS3Zl1fclphK6pg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349c01806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":997,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (997), with no line terminators","md5":"b0c6fb9e72c47fd1457d88716fe061de","sha1":"2bd670d0b341221db13130f87451886b858843b3","sha256":"5d60b2acc2a74b9241e03ec1343fad8e9c8ef01b5ac248a8f9f8223024f28a0d","sha512":"b7bd4f3cf2603e10583f660177e3555fced01f35e0e6ce8c265020a0e8c1320ad07d2c6b28a59f108e159c04af25086290a770bc0349d18cfd5fb9bee4258e23","ssdeep":"","tlshash":"68117ff7e9b11f181d7653e9c2be71274a281c06926f06fb4ec9b51069fd391419ce0c","first_seen":"2025-08-31T23:23:27.825787Z","last_seen":"2026-06-18T18:50:51.068231Z","times_seen":872,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/system/3/img/number.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.480Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/system/3/img/number.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:08 GMT\r\ncontent-type: image/png\r\ncontent-length: 1138\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 11:21:15 GMT\r\npriority: u=4,i=?0\r\netag: \"68b9762b-472\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 2185277\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4%2B2A4HbZcbbbeZ9YfVVFDDdkqLe5dfH9labT4DHB5Z45dL%2B1Dm71XeaORJ8uAPAsxQXuA9uIr0pGtoI9D%2Bt92TVKhCtim%2Bww7vwWuFWKXGE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb046c0fdf56f6-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1138,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced","md5":"9e4414e85c588bf7db195e49c02ab2bb","sha1":"09254e79b255f1b2dfe45adbbe44583a4b433782","sha256":"0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762","sha512":"07925dc4d8f6cc1b9b89d26f2c3a6aa3175279719a0999fd837a20e8b12f443eb521e23b3212227ac1b6dfa2ecfcdd94b7494dd67d9d8b046efdddd185bb9bfc","ssdeep":"","tlshash":"a121f90aeca21be0d7888f0214dc135095da07447f8e280a37b6aa599e1070614451fb","first_seen":"2023-04-09T12:43:14Z","last_seen":"2026-06-18T13:29:41.949982Z","times_seen":2903,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/no-right-click-images-plugin/js/no-right-click-images-frontend.js?ver=4.1","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/no-right-click-images-plugin/js/no-right-click-images-frontend.js?ver=4.1 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"70c-68fa6571-15002c35;br\"\r\nlast-modified: Thu, 23 Oct 2025 17:27:13 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 427\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 3414\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BemI62VIUGIwribYhG4ThAni5%2F7czkPXoWq7Syfiz0H7J34dCzp1i2UiPOUf2OQTB5SC0UmGd7I%2Fx5OQphH7NqRBNbmdpn5DMlaw4A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045389e81806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1804,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with CRLF line terminators","md5":"12c857147f85781daf5761b8fabfec0c","sha1":"88ee7c45270c6effccfc962bd70d8665a7a295c1","sha256":"80a5df71ef283aa1517018e5af8140a093d38dcaa1d7389b5ada7b2bc20dfb59","sha512":"41d199c239e442b8476a0bf729b97ca0fa7703cacdc07899900deb5483d919abeabe21a30fb90cfa1512f9791715bf2260ae421f36cd1808d5dd8bbba2876979","ssdeep":"","tlshash":"493168e1379e4cf952e9632e13744ee0fd7ecdf6525431b8d488be98702c9182390576","first_seen":"2024-01-16T22:27:56Z","last_seen":"2026-06-18T02:58:51.991903Z","times_seen":544,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/15/46/4c/15464ce51946267be2df1c3796e8eb8a.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.057Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:35:17 GMT","end":"Thu, 28 May 2026 00:35:16 GMT"},"fingerprint":{"sha1":"17:4A:E8:7A:8D:4C:22:69:70:30:C3:3D:6A:72:7A:68:E9:D2:3C:83","sha256":"0D:06:FA:1C:4D:9B:7A:47:4C:58:29:3B:40:85:C2:D1:F6:2B:AE:C5:66:2E:53:32:27:48:B1:F2:5C:2C:A7:A1"}}},"request":{"raw":"GET /15/46/4c/15464ce51946267be2df1c3796e8eb8a.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMzMzQ3OSwiayI6ImJkYmYyMDExNmZjOGQ1Y2JjMTJlODYxNTgwMzVjOTVkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoia3VmNmk1bWEiLCJjcGtzIjp7IjI5IjoiNGE3ZTg1MDVjYjk1ZWQyNGRlYTE4NmNmMWI1MmFkYjYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.jHlE25U0Sq3_7Y5k7Kfxy1Li-GjFy896lJMZAeNOW6s\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 34150\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 666258c78fcaa845e85a805dd3617700\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":93720,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4ed058ca50b4335d68c565986f860731","sha1":"e915a8b14ceb50c419809d5be8abcf6c610c7aea","sha256":"4896c06860b31a16b4536bdd0017af00381312c8cd98dbb58b7861c2b97cee59","sha512":"326c43819ec7bc015dcfb66fcc015ee954039f6268e8c40a1e4aae5fae8017bf43f418cbda7331038449c4dfd0b4395049a2a753a13b3c1e9e4edb4a769ef850","ssdeep":"1536:70QP7ZTem5Kvg/+UriOXwaHe4J+LxR8Xmj8sV:3Cv4WUR+1db9V","tlshash":"af93d78c3fc1f0a513a5203b222f714ef0994d95546ce468f783f5692f7ca4ae536b98","first_seen":"2026-03-17T09:37:34.154274Z","last_seen":"2026-03-17T09:37:34.154274Z","times_seen":1,"resource_available":true,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":97,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=2126\u0026rd=2126\u0026fd=203\u0026bv=26.3.5226\u0026tmpl=70","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 26 Feb 2026 23:39:43 GMT","end":"Wed, 27 May 2026 23:39:42 GMT"},"fingerprint":{"sha1":"2F:D0:7E:69:4A:D0:06:61:89:AF:78:09:0A:5A:F1:7B:F9:4A:B7:96","sha256":"24:55:49:F2:2C:E7:D7:3D:E6:6E:54:6C:64:30:D7:3C:F6:39:2F:A0:A7:A2:AA:25:93:8D:6B:C2:15:40:66:C2"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=2126\u0026rd=2126\u0026fd=203\u0026bv=26.3.5226\u0026tmpl=70 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":749,"timings":{"blocked":322,"dns":43,"connect":93,"send":0,"wait":97,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/comment-reply.min.js?ver=6.9.4","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-includes/js/comment-reply.min.js?ver=6.9.4 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"bd2-6735a3f8-7008be3;br\"\r\nlast-modified: Thu, 14 Nov 2024 07:17:12 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1248\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 3414\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wcB2ptC%2F8N8cv%2Fp7FQRoTaGcs%2B0vsyr9kTXO%2FRibqivqSHbtc%2BxEueHnUSF2XpQxIo3jSUfCFM6lA0tFt6Y9Hw3Y1gXotTIgiWyKhQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045379e21806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":3026,"size_decoded":0,"mime_type":"text/javascript","magic":"ASCII text, with very long lines (2991)","md5":"e4a49df71f8b98c1d9f9d8fce74d89e8","sha1":"b95fcda0c8c26305ad94e80343d0cfca8a048a10","sha256":"9d4687a19cab8f7442a3bda40c45be4d10e42488e091ddd706c3caed83c3ee1f","sha512":"42cd5f854779886f24c43ed14617380110c946d1b430b454060c3b391de6fbae6d0ed8ab7cdd7cfdc9726b2d6142a4e01c4448e36088dfcee7fdd00b60909f89","ssdeep":"","tlshash":"5051a7d437c95d762a83b3395efe930271712709a50805608826c86931bcfea63b67fe","first_seen":"2024-11-13T06:33:24.856382Z","last_seen":"2026-06-19T01:57:33.793438Z","times_seen":81987,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-regular-400.woff2","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/webfonts/fa-regular-400.woff2 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/wp-content/cache/min/1/wp-content/plugins/wpdiscuz/assets/third-party/font-awesome-5.13.0/css/fa.min.css?ver=1773059685\r\nCookie: _ga_6QKNB8FJE0=GS2.1.s1773740225$o1$g0$t1773740225$j60$l0$h0; _ga=GA1.1.2071307227.1773740225; hu8935j4i9fq3hpuj9q39=true; s9ifs0idfjlwfie32dekl=0\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Mon, 23 Mar 2026 07:32:32 GMT\r\netag: \"3510-69b24da8-f00d9f7;;;\"\r\nlast-modified: Thu, 12 Mar 2026 05:22:48 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 13584\r\naccept-ranges: bytes\r\ndate: Tue, 17 Mar 2026 09:37:05 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 93872\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UaGl%2Fan%2FoCTzFU737o0%2FaZU7QL6LTgx9JnD9XtFXziNpmIBMJ4YznW%2BPzm7eqP9yAjgb80JUQDdueY8tPaCR9Lp71iG9F9Y8oY%2BfCA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045a6b0a1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":13584,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13584, version 331.524","md5":"c20b5b7362d8d7bb7eddf94344ace33e","sha1":"260bb01acd44d88dcb7f501a238ab968f86bef9e","sha256":"6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65","sha512":"75d8799a172ae620eaa3ac889cb055fbea9a98d24eb471c826e6bb4c4de685ab3332e888853adb7a6725035edcfd3a29fe9713874c857f14b1c01825ce8164f6","ssdeep":"192:h9DS9gO2kGgdtTZjFBhJhg/5kykmeznSk5mAzH9Jpn8ShuKEzuIhvBu9vlYeT+/y:h9aOgFjHuv2IAZJprl99Ye62tN","tlshash":"9552c0e1b93d1d00aa7682ed8d59615a3642f15f9603f06dbe8fa3d0412bc3c30a771c","first_seen":"2023-04-06T22:39:57Z","last_seen":"2026-06-19T00:50:26.05642Z","times_seen":6839,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/uploads/2021/10/logo-sgp.jpg","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/uploads/2021/10/logo-sgp.jpg HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nCookie: _ga_6QKNB8FJE0=GS2.1.s1773740225$o1$g0$t1773740225$j60$l0$h0; _ga=GA1.1.2071307227.1773740225; hu8935j4i9fq3hpuj9q39=true; s9ifs0idfjlwfie32dekl=0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 23 Oct 2025 08:15:40 GMT\r\netag: \"3fbe-64f0e64e-305122f;;;\"\r\nlast-modified: Thu, 31 Aug 2023 19:13:18 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16318\r\naccept-ranges: bytes\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=4,i=?0\r\nage: 400113\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Q7yDPpyxpyxvxHjq%2Foz%2FUKnndhkYggDdBIFRqvwmvA9m2%2FtCnPK%2Fir8uibAl50ARP4jH%2B1waiwK1%2F5xt%2B0ggQ7enibQJZtN61nC50w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045dab961806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":16318,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 306x80, components 3","md5":"7d4d7b5254b7247ae69a2a381ea968d4","sha1":"3e31a0eec9df55938a57243c0024f2b0082a5faf","sha256":"31f937f8441c8b187675f143ab2474fccd61a757114765f55cf1b493f4cad719","sha512":"dcdac0e442bee107a2054c6fe5d8ff8c44bc9d30fcb4850d78b97e818ec2d43465262b33036c1716f61f58667d3a9e5bbd9996d7bcc129e704dbd35d942e5175","ssdeep":"384:P6tKDOOiTF04sBuuq2hKG8knOwCdFOXrVLgRJ9tkSB3eQht0/8vHbfVFC:SkDOO80jFxuFWr2RJjBOCaj","tlshash":"3c72c0638b5fa996f82c06b5c99447afc56817317907fe4d318b11cbe9461e254f0fb0","first_seen":"2023-05-07T20:57:02Z","last_seen":"2026-06-06T01:08:44.497008Z","times_seen":56,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/system/3/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/system/3/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:08 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 11:21:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"68b97627-13365\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=s2ZnSJPpHiIPi1xgKeirGWfXHifJMLXHL9k9xmhPx6xRDCdrt1qBZHjDSJQ95qQn8varxkuVxYMX%2FnmHwgErfhHd%2F9XCwvyNWy23ytBCESM%3D\"}]}\r\ncf-ray: 9ddb04665d80a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78693,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"5982c5377696d20476871062646b253f","sha1":"8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242","sha256":"4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4","sha512":"92592dac2a817293e8ec1d94bf99df639626a90d524420b01a12210398927c0650cc26fa8e730300096b29961563aa02efb707478c6d51ac8616bb1bde5a0cb2","ssdeep":"384:jvuAuF81dghu3uFlZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uhu7uNKwZiMUL6Vpaj7F","tlshash":"1d731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-02-12T20:28:38Z","last_seen":"2026-06-18T22:56:50.680521Z","times_seen":8382,"resource_available":false,"data":null}},"time_used":628,"timings":{"blocked":67,"dns":34,"connect":8,"send":0,"wait":489,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/android_bigsystem/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.690Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/android_bigsystem/2/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:17:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Fw%2FkKbBUMuSb58smrzFaQ%2FrXXkp3h0EwKO06rjztczJyRUejm2oowb7Vni%2FCCiKUy6xsjA%2FZ%2BQtdaLTGFmBLLkSdkwDN5MSM8%2FHL33rkp1g%3D\"}]}\r\nage: 3031116\r\ncf-cache-status: HIT\r\netag: W/\"65aa847c-149a0\"\r\ncontent-encoding: br\r\ncf-ray: 9ddb0466ef64a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-06-18T22:56:50.706117Z","times_seen":12181,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/css/comments.min.css?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/css/comments.min.css?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 12 Mar 2026 17:41:18 GMT\r\netag: \"1383-69a9bbc9-9008a85;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/css\r\ncontent-length: 1234\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 400918\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4Q%2FTLyxkE%2BSdOt6bHgRJu5DbFCf%2Fn256B9viknCDcTpulhzPTCS7QLC%2B10KONZ05rfGZWfXPYYuRefJfjF7CGg7cIAilH%2F%2F%2F7UZtvw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349bb1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4995,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (4995), with no line terminators","md5":"5bf6a526845e4b4627c3889ddfc2db20","sha1":"7c020e655af6c15f96c0ee9a337e80c37a300b21","sha256":"c35ba61bd6b06540fcbf248e18bc74b95d9c28c53e439e912b491abf3455b418","sha512":"4d33617d11f7fff72db0c835fc59a4b43958c156f587f89871d6016e0b66d682b5a87910451dd23b4199f38e17800bbdb269b0b189ab6f1f7a12dea2eded202c","ssdeep":"96:TPsDANtoTZdvUS/wVonw5Y4Ehkzgs62n31vl:LsatkZ2S/Tivl","tlshash":"c4a11fd45ad41d849027ba68bec8e5546729f722c557e1cfe23086108fc6fbb4633b8c","first_seen":"2025-09-04T12:43:30.734526Z","last_seen":"2026-06-18T02:58:52.074519Z","times_seen":651,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"3509-64f066d6-b00a8b1;br\"\r\nlast-modified: Thu, 31 Aug 2023 10:09:26 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 4679\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 3415\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YVUpomIkHoShhXTrSKUiFe2Ogu1ijtNaYnWEubhecia%2BwdcbGa50i20S8j%2B0Ojrc8sbvRjh3Occdo%2B%2FDMHYUzqKEFrOCZQmWBd5Kew%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045359cd1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-06-19T02:18:51.470398Z","times_seen":842237,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/system/3/img/close.svg","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/system/3/img/close.svg HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Thu, 04 Sep 2025 11:21:15 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HB0b0dCUazu23aOXSaUj1HW5VFue9JILWlRrHkZW5jBKnMfVQl%2BdFtHXXd5aAyOuHQNHK51Tu7wfbqFJx0RQk4ToFs%2FnFN00YFM%2FrDmIyyk%3D\"}]}\r\nage: 4847363\r\ncf-cache-status: HIT\r\netag: W/\"68b9762b-4ff\"\r\ncontent-encoding: br\r\ncf-ray: 9ddb04667dc6a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1279,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"369850b9873659adf0951d845f57dba1","sha1":"a64257186daa33b6b318943a457b6cf8d80b26b6","sha256":"9630c142a8c074cc1809ebf4109538cf29cc0baeb6c27726191f1cf5376e2e21","sha512":"6441b40e85c86e21362c7061a6b9610f52a5c801b274b246711546ad45c68c3e7f2f242f1621b90967eaeebf52709545d06283c2015d6b9ad7f6f7d37fb14a88","ssdeep":"","tlshash":"6821d8dc958f223ef324ff6189b316606ba423f6bb18c5bcb199a8157e1cb910c48e14","first_seen":"2023-04-07T22:39:47Z","last_seen":"2026-06-18T22:56:50.685219Z","times_seen":9532,"resource_available":false,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/interstitial/sweep/default/android_bigsystem/2/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 22 Feb 2026 22:50:15 GMT","end":"Sat, 23 May 2026 23:48:46 GMT"},"fingerprint":{"sha1":"E0:64:EB:B0:39:B0:1B:31:05:CE:A0:93:C8:74:E7:A4:DE:D1:B3:77","sha256":"6D:BC:A3:C7:8F:67:2C:FE:E1:7A:88:EA:6C:8E:07:D4:1D:1F:CA:FD:54:30:02:80:22:B2:74:B5:95:C4:99:75"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/android_bigsystem/2/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:08 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Fri, 05 Sep 2025 09:28:08 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FiXac9yY5rQyZWSDsGvp%2BdPRQdIwLk6UwtBMSe00%2B3YhgnVrjzqojTxb7iTrKK0Fcw8c9cu%2FPwHmR%2BI1qJfn7pUafZgoY5%2BFXarRgANN5to%3D\"}]}\r\ncf-cache-status: MISS\r\netag: W/\"68baad28-27f6\"\r\ncontent-encoding: br\r\ncf-ray: 9ddb0467c918a0cd-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10230,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"6b4e07a3cc5b172dbbcdb3707bfd1252","sha1":"60a83a238f4bb166e7420ef489d5660a36a9d5b1","sha256":"bc00a15c460076b9cea8e745edf351273ec496130abb23ff50f51255ff4485b2","sha512":"2ac4c2eeeff89b5d7ed39b26b08eb9050a2f03a158261b3905949589a220f62f00ba804ffbd3ce652bc82dfe2d66a2cc18e113103db33f52bdf9cdf7d576b6f8","ssdeep":"192:KWszk8T092KQk3U/OEDgXYL9GSSdRMxqK9uGlsDmVWmpwV45cS:KWsVe3aLKuQRuqgSKVWmrr","tlshash":"6d229b1808b8a461e0abba7e216ee551f3a608571d9d7fe63f0c11040f5c46f72b9a3f","first_seen":"2025-09-20T14:35:23.387753Z","last_seen":"2026-06-17T09:06:38.660442Z","times_seen":337,"resource_available":false,"data":null}},"time_used":502,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":502,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/download-manager/assets/css/front.min.css?ver=3.3.51","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.534Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/download-manager/assets/css/front.min.css?ver=3.3.51 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 19 Mar 2026 17:29:15 GMT\r\netag: \"da75-69a9bd8f-4001ec6;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:29:51 GMT\r\ncontent-type: text/css\r\ncontent-length: 9097\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 403668\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XKTlR46KOoFTTm2ArpjRFx%2FFeAmk%2Fe1E%2BNLB7aMh%2BzEoV3gLOLzhkvwIz%2B4FwVvQZTSeawXswkmO7EyJ0%2BUxGgLe4IGLkncnQSlg%2BA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045339b41806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":55925,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (55925), with no line terminators","md5":"2601ee8e39d51970e02d6255f1d4ccf8","sha1":"a24e5f6fed9244ffad876123093ce3dd39c4f1bd","sha256":"93767388e443d4e8ee13654277586d28dd89204537bbed2f9a52a09d224158fe","sha512":"d09752e96092a21efe9711baa38478b5dd1d062562fdcd19eebdc55fd6278dbcb643c0741b695946cdc9ffd1719075d97345eec0d1527305db8d685301bb9fe1","ssdeep":"768:NiTPPVuafM3ytNx90IF2B3Oft/CtzJfoHCGFPnl:k7PE0M3vA","tlshash":"fa432096f043107e687bcd2a5e54baac033e554fded22a5af436fe7046c63d30b62548","first_seen":"2026-02-17T08:01:51.16769Z","last_seen":"2026-06-18T21:20:41.410432Z","times_seen":864,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css?ver=6.9.4","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/wpdiscuz/assets/css/wpdiscuz-combo.min.css?ver=6.9.4 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Wed, 18 Mar 2026 17:50:12 GMT\r\netag: \"9092-69a9a8df-2002d81;br\"\r\nlast-modified: Thu, 05 Mar 2026 16:01:35 GMT\r\ncontent-type: text/css\r\ncontent-length: 6053\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 488812\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GSnNDSKd14nJ%2FN2X0DjBia%2BmZxskYzNpl9L16AIUliFKM4ZLKy7sWSWeGwxmc5BDZpHz3%2BaLWXAzku7RnC3a2nRosbvJuqkt1Ai95A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349cb1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":37010,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (22067)","md5":"eb71d6b027e872c8011e196fd6cef7c8","sha1":"be290cec51bdeaa598cd874185ee3aee72fd173e","sha256":"bf0239553a23641083d0486e27ee2754f5d486a9a094560192a581da886f8ffd","sha512":"3906243f0ae88afaf936045fcb3ae06955012e7534058a6018bd90e31ebe2eb1101b9d0668650a19f21cf34ec6d82e7f48981605f0a5f1ed5624739e0e9bf3ec","ssdeep":"768:3m5ABNHMlQbmSEld6GO/eeRBOtkWi6bNTOwF7X:qABW+bXBOt7i6b3","tlshash":"eff2962de95724bf913b943ed14422d42a8afb73f1e34baef091e65907dd1a8033661c","first_seen":"2025-02-27T21:13:19.574464Z","last_seen":"2026-06-17T13:01:24.830606Z","times_seen":1083,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/watch.1450688464585.js?key=eb69975d43180b17057798a48b392b00\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:35:17 GMT","end":"Thu, 28 May 2026 00:35:16 GMT"},"fingerprint":{"sha1":"17:4A:E8:7A:8D:4C:22:69:70:30:C3:3D:6A:72:7A:68:E9:D2:3C:83","sha256":"0D:06:FA:1C:4D:9B:7A:47:4C:58:29:3B:40:85:C2:D1:F6:2B:AE:C5:66:2E:53:32:27:48:B1:F2:5C:2C:A7:A1"}}},"request":{"raw":"GET /watch.1450688464585.js?key=eb69975d43180b17057798a48b392b00\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1 HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMzMzQ3OSwiayI6ImJkYmYyMDExNmZjOGQ1Y2JjMTJlODYxNTgwMzVjOTVkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoia3VmNmk1bWEiLCJjcGtzIjp7IjI5IjoiNGE3ZTg1MDVjYjk1ZWQyNGRlYTE4NmNmMWI1MmFkYjYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.jHlE25U0Sq3_7Y5k7Kfxy1Li-GjFy896lJMZAeNOW6s\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nlocation: https://wayfarerorthodox.com/watch.1450688464585.js?key=eb69975d43180b17057798a48b392b00\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\u0026shu=fb3844d42343ee31980034414dc09bab159aa6046d3dd9b98180f44d81486b74fb523eebae51e19b760d6c1b1057a38c1f30d98554b595cd8d24b6afa5776282f2f64336ef086b94ec12f59d7f3377810d91221228db1595e98cdc\u0026pst=1773740286\u0026rmtc=t\u0026st1=7c03fd13dc7527aa69c707815e2deb94\u0026ps1=1773740226\r\nset-cookie: uid_id2=32c9efec-9ac2-4392-b63a-d8dc517f6796:1:1; expires=Tue, 24 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMyOTA1OCwiayI6ImViNjk5NzVkNDMxODBiMTcwNTc3OThhNDhiMzkyYjAwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoiYjF1NHRzdHAiLCJjcGtzIjp7IjI4IjoiMTU0NjRjZTUxOTQ2MjY3YmUyZGYxYzM3OTZlOGViOGEifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.8kD4fJQoVZ_9ltftzrHneh1EM5Yi-D3H1z5plQXL4f8; expires=Tue, 17 Mar 2026 09:38:06 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9a242a39df003c0f37ce1ac74df11f28\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4302,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/ren.gif?sid=H4sIAAAAAAAC_1RSO2wcVRR9Y7ujQCEJVEhTpACJXb_57k5SWIr4NGADCUoBQnq_2bx4dt5k3szuZiuHIGpDgfg047N23EQIJJp0aJcCyRJSttsibqipkEJBg9ZeKcop7r1P5xXnnnO_OqhPSRs1W3z4gRnrLGObUZu6b9zSuTRD627fdD3aptfcWzqPw2vuaFnKwVUvCNv0Tfc9JXbNpk89Sj3que_qUqVmtHnGQhePEq-d0Hbot70oxKh88W1rB5Y5kINT8gq0nL_8V_optJgi7__8trK7lSneeqdfZ6wyJQby-JN8NzfDHP3nY1o6SPPj1W8YOyfkuzWY_Hi1AczgcLkBuJ6TtVefgufHK5ngg6NzpTyDysHlSxgOplDZFJpNIcwDaPmEAEJiewd5_-G2KYfs3jnLluycbDz7B3o4JxtPLyHv_3Q90yP3hsnqSpvcYpQ20KMpdG-Kop6hGjvQwxlE9QW0_JNsPnsfef9wx2YGWi6uyA7rKN5RrTQKeCsMY6_FGPNbVMYiYn4UiDg5s0inUzC7hto6qLWDOnVQFw76cuGGtBsKjwVxmkjRoSELQ6k4Tbo-pSwRHdTiPrTchyj3UJR72NX7sLcbWLkOW82J89EeBrI5kpn1bfNQZrbm3qr7qx40E1P1DtiRqXoqJ2DlPkrZHOrirn0AUa1PxqmVE7MsjFfNhHHZTLSs1lDeXVyhXiJS7ndaaZKyVicOWYvLNGrFIqDUT7hPff-gOCUXliY733qfYVct3JB1VDeikeBJpKQfSsW8bixSj0c-kzyG1Q20XQOzDsZ6Tl7710Oh52Tjv7_B2Qw2m0Hoy2D162DDBux2g3H-yLKB6rG-ahelgTQNimoD1T3nIDslFycf37z-21nWolyHEidbs-AMEGWDomxwR_9O0Mvu_7JTVLqvx2wZ_o2KVWodTD9Z_wZCz8nlz0_PrrD76wWIYg-2ONl6_P0SP8AaAl44yPScBJf-QKZOtn68eOcqIQSMN7DqhKwA_nw-sF-iVzrgmTPhWekc8qzMvj4XavXCjXwexN1urNJYpoEM_EAmEVVJyJI4TMIIlZ3rx-7s_wAAAP__EDhORQcEAAA=","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSO2wcVRR9Y7ujQCEJVEhTpACJXb_57k5SWIr4NGADCUoBQnq_2bx4dt5k3szuZiuHIGpDgfg047N23EQIJJp0aJcCyRJSttsibqipkEJBg9ZeKcop7r1P5xXnnnO_OqhPSRs1W3z4gRnrLGObUZu6b9zSuTRD627fdD3aptfcWzqPw2vuaFnKwVUvCNv0Tfc9JXbNpk89Sj3que_qUqVmtHnGQhePEq-d0Hbot70oxKh88W1rB5Y5kINT8gq0nL_8V_optJgi7__8trK7lSneeqdfZ6wyJQby-JN8NzfDHP3nY1o6SPPj1W8YOyfkuzWY_Hi1AczgcLkBuJ6TtVefgufHK5ngg6NzpTyDysHlSxgOplDZFJpNIcwDaPmEAEJiewd5_-G2KYfs3jnLluycbDz7B3o4JxtPLyHv_3Q90yP3hsnqSpvcYpQ20KMpdG-Kop6hGjvQwxlE9QW0_JNsPnsfef9wx2YGWi6uyA7rKN5RrTQKeCsMY6_FGPNbVMYiYn4UiDg5s0inUzC7hto6qLWDOnVQFw76cuGGtBsKjwVxmkjRoSELQ6k4Tbo-pSwRHdTiPrTchyj3UJR72NX7sLcbWLkOW82J89EeBrI5kpn1bfNQZrbm3qr7qx40E1P1DtiRqXoqJ2DlPkrZHOrirn0AUa1PxqmVE7MsjFfNhHHZTLSs1lDeXVyhXiJS7ndaaZKyVicOWYvLNGrFIqDUT7hPff-gOCUXliY733qfYVct3JB1VDeikeBJpKQfSsW8bixSj0c-kzyG1Q20XQOzDsZ6Tl7710Oh52Tjv7_B2Qw2m0Hoy2D162DDBux2g3H-yLKB6rG-ahelgTQNimoD1T3nIDslFycf37z-21nWolyHEidbs-AMEGWDomxwR_9O0Mvu_7JTVLqvx2wZ_o2KVWodTD9Z_wZCz8nlz0_PrrD76wWIYg-2ONl6_P0SP8AaAl44yPScBJf-QKZOtn68eOcqIQSMN7DqhKwA_nw-sF-iVzrgmTPhWekc8qzMvj4XavXCjXwexN1urNJYpoEM_EAmEVVJyJI4TMIIlZ3rx-7s_wAAAP__EDhORQcEAAA= HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:07 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3f215ab22fe1cb8375ef97af11a76cc0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/tablepress-combined.min.css?ver=31","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/tablepress-combined.min.css?ver=31 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Thu, 12 Mar 2026 16:10:51 GMT\r\netag: \"1fd8-69a9a8dc-10809afc;br\"\r\nlast-modified: Thu, 05 Mar 2026 16:01:32 GMT\r\ncontent-type: text/css\r\ncontent-length: 1586\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 407987\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rkFrrAbCsVXtzIP2012v3t0XXYbLWNeZp0CUNPZBtpiCMSy5EHG8VVhGu%2BcQpaYkJ03olBA7tVPw7KuIo2vYhWtYOX78HSVzMdsWdA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349c71806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":8152,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (8077)","md5":"2098cb232dc1bfca1cea6c4627541f5c","sha1":"c54402dc49f3f5063501072ccf77211aecad83f3","sha256":"0f872f397d26e46e0f2b819b5e9f49998621ef0ae7e109d087be807f6265792b","sha512":"7ab70ae32255743423f50c383f71000bf565302d78b6b00547eea5f9801e97adba250cd9a53572c0eab3fa74aaed6b4ebe8ff55fb86f0430bc19a804d1dbce4f","ssdeep":"192:iCc3qg4q2PcDnj2/ThGI5vMRVg0aw0u0b0d0l0b6a0f:i/w0B0u0b0d0l0b6a0f","tlshash":"8ff1eda2e7a437f9b2b3c11ab9f4bd5dba206ce1f5811afbf05181700689d535fa1c05","first_seen":"2026-02-04T22:42:55.235887Z","last_seen":"2026-03-18T01:43:59.504611Z","times_seen":11,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/cache/min/1/wp-content/plugins/wpdiscuz/themes/default/style.css?ver=1773059685","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/cache/min/1/wp-content/plugins/wpdiscuz/themes/default/style.css?ver=1773059685 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Mon, 16 Mar 2026 12:38:21 GMT\r\netag: \"1a594-69aebe65-80000e8;br\"\r\nlast-modified: Mon, 09 Mar 2026 12:34:45 GMT\r\ncontent-type: text/css\r\ncontent-length: 16169\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 75256\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yg34z43P82ffCclWkZX%2F4LJ9nN9FBH2Kzn%2BLECPObj%2BM%2Fn9azFHO9DQtPbSIlGphr8TOdUemGBH4rnflKZ5mKAGXVWVX0XxDiSGsJg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349c81806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":107924,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"f6182a037e12366d7ecd79a3aaa0e86b","sha1":"f5c6e6b56868d197fe83b7fc716aaba7c9cf092e","sha256":"59154f1858102101587719e14a3a3cc9e1133e4866bae3ac077cc0cabc9b2d1e","sha512":"0269686d1b644e1c4cc5e45975283e0a87302beedddee9449804cc64739324a15add00718d159f5562fdec015f1f4716cbe697522ab9dfbd015527c576f9f7d4","ssdeep":"1536:JzV71h+BQiuHchvEa1hjBbIrMHRkwpcX5YRVF80u50:JzHhCAH4ar3wpcXr0","tlshash":"f0b333216181111bfc3b9a16d868f6f9a9365e72db520f5e80d7262d8764bbd323330f","first_seen":"2025-07-05T22:41:39.999473Z","last_seen":"2026-06-18T02:58:51.905729Z","times_seen":102,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/c6/03/e8/c603e83fb40b46b58dbb360dc1747e11/1756656826.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 02:33:25 GMT","end":"Fri, 05 Jun 2026 02:33:24 GMT"},"fingerprint":{"sha1":"4A:66:11:51:1F:1F:F3:84:B6:E4:4F:81:C1:03:83:9F:01:17:7E:82","sha256":"DA:55:E3:02:D5:3C:4E:3A:51:ED:21:0D:F4:32:52:C2:C5:31:87:50:DC:AB:13:D9:93:4A:15:0C:D9:8C:D6:4F"}}},"request":{"raw":"GET /cti/c6/03/e8/c603e83fb40b46b58dbb360dc1747e11/1756656826.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 53571\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:13:46 GMT\r\netag: \"68b474ba-d143\"\r\nexpires: Thu, 19 Mar 2026 09:37:06 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":53571,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:43:28], progressive, precision 8, 728x90, components 3","md5":"e2a3f96684fe29f60b2f3641ac5133b5","sha1":"19067bc7d9210709212cd32db05b55aefc422bea","sha256":"68a37280ff695ace386f3aabbbd8b75b36edce98355533b33bdf0788a7e8e8ce","sha512":"2811fce581695ab109a3788a4b0537b399804d0614cb04c0bd5f6e054f2ce6fa7dbff1385d3b222bbe7725a4489b3efbc3c1781d9f1d37688c160e2cd9dde8e2","ssdeep":"1536:GlRHx8xHqHTbzDnzmr0vCqxt3O82BAhjE:yHmKzfDzfvp2Gh4","tlshash":"f233f1078fe18d92fae48475f8f2d791d22259d5e7b316603e5cf91837b1892dd4d202","first_seen":"2025-09-02T22:57:47.7902Z","last_seen":"2026-05-18T15:28:38.148595Z","times_seen":737,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fsystem%2F3%2Findex.html\u0026l=2975\u0026fd=202","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.485Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fsystem%2F3%2Findex.html\u0026l=2975\u0026fd=202 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:07 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 17 Mar 2026 09:37:07 GMT\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"1936a90eef3ebd4c6b40eb59d72e164d","sha1":"4c698f8dc97e2e6186d46215e209aca1b1194a5d","sha256":"412d98c2f4410a048131a7d9362fb38456ce2ff67cd4731ea411708a7996a021","sha512":"07ad2431175e5566ae435738d94d4da3e96e4856a1fe1d5917c52474cab28808cd940fec0e8f75eb2f3d573e6fe8497fc12636ef4738d1b67e9144725192b580","ssdeep":"384:p9f59g9P9r9yU9/qY4+949Y9p9fM919W969yh9/qY4X9N9t949fd9k9D939yQ9/O:pDS99YURRuWDyjooYhREHPWP2ZZYQRVs","tlshash":"48721091041704009b834ce223cebf35fe1f52117142d0b5abfd9b6b9ddbca6526939d","first_seen":"2026-02-19T22:28:01.752187Z","last_seen":"2026-06-19T01:58:22.013657Z","times_seen":7618,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/ajax-search-lite/js/min/plugin/merged/asl.min.js?ver=4781","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.639Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/ajax-search-lite/js/min/plugin/merged/asl.min.js?ver=4781 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"12c5f-69a9af5e-14001924;br\"\r\nlast-modified: Thu, 05 Mar 2026 16:29:18 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 20829\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 3414\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fGQt7WNgIT8te6mp1sYNoP%2BxNnq3%2FqO1oBLUhBlZ2dHkrlBqToovUPBT%2FVZDTywyk0jcNCZeMLKOZjhZPU%2Fw16SRfLxXkPxi%2BK%2FPqA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045379e51806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":76895,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (60495)","md5":"c3f551fe057f2a9a9b288bf7cc9fb40a","sha1":"b46de633b6cb22310242d2c393a99da19fdfd593","sha256":"c1254104a05d11257ba25dd168f5d039406b9d71591568c32003505abed841e4","sha512":"a4979cd66f600152e0942171f2c71723206b2b4c6f907efbc653369afb45e8c528606cd999ee3f3227557ab174f05a907f98544676aa66e1178489638a6857f2","ssdeep":"1536:EGMw7ld7tY4YmZDibici5ViYaTivniISMXnIiI6f6wwwGmbYCoaozjL7TMc7:b9SMXIAf6wwwGmbYCoaoY8","tlshash":"4d73e98c7291387742bf60b6a07b6509733358ad640a40b8b26cccf36db5f4615a7fb9","first_seen":"2025-09-26T20:48:43.934707Z","last_seen":"2026-06-18T10:08:48.214953Z","times_seen":1871,"resource_available":true,"data":null}},"time_used":17,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wowrapidly.com/cc7c12813346dc9cc979a0dead9c3d06/invoke.js","fqdn":"wowrapidly.com","domain":"wowrapidly.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wowrapidly.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 19 Jan 2026 01:08:36 GMT","end":"Sun, 19 Apr 2026 01:08:35 GMT"},"fingerprint":{"sha1":"72:CB:7F:94:29:E1:C7:63:05:03:A9:0C:B9:94:26:06:36:53:84:54","sha256":"3F:E9:3B:EA:70:B2:3E:4B:47:EC:50:C8:84:DB:A7:32:45:3A:AF:B4:FD:B5:DB:FF:9A:3F:B8:07:47:36:F4:AB"}}},"request":{"raw":"GET /cc7c12813346dc9cc979a0dead9c3d06/invoke.js HTTP/1.1\r\nHost: wowrapidly.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 20288\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: wowrapidly.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e991e68c3b16f720bfd2fd3c3d89808e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":50520,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (50520), with no line terminators","md5":"ba30f9b3b8b5fe85923e56093115baf4","sha1":"b40b91f850c576f9234b819dc871d3a7d404123f","sha256":"26180651225f491d9615d119ce03a1825878390f9a273c3666bc71cdeb13a947","sha512":"f0f2ebdc0e39613cea7640f8ee7d276d39e6e339f2ff16fbd73869f246c4c8e300d09b801cf387353465565896bfac088536a1c2f1beb2df270412b02de5f93a","ssdeep":"768:d5iG1tdXFeQ0R8ODdBxVdx846oPEriX2dusSBctajNJ0CkUFBaGkVlfjAmOg+Gc6:3lPXODNDI5mn+ZfjeGI8v3BfDWL1rq","tlshash":"1833a7dc3fc4f35c02ba2176236fa40ef5aa6e11618df5d8d117a0e82e6470ae83b754","first_seen":"2026-03-17T09:37:34.162626Z","last_seen":"2026-03-17T09:37:34.162626Z","times_seen":1,"resource_available":true,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wowrapidly.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v44/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/opensans/v44/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18640\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 19:50:51 GMT\r\nexpires: Tue, 16 Mar 2027 19:50:51 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 16:29:38 GMT\r\ncontent-type: font/woff2\r\nage: 49574\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18640,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18640, version 1.0","md5":"289ab8c3689e58c84c061039efc15d3a","sha1":"9432c99c4915ea17dea97eec0bbd0f2fa6ff0943","sha256":"0e44026ad31376af1b56593cd4acb4f353f8e8789c51759e18f64578e4ef296a","sha512":"4c0ea3fe4daefcd63f7337e7a8e86d169c0f4ce3543b12a69f9980a5bb598987521138454ad4df4474a1edb0fef0c38cfd2de312cb355c9c2665ea3445586787","ssdeep":"384:UubNl0SziXg7u9lPk6A/BViMAf2zAeyrmYAUXKb+cu5E0GW6o6:dbj0S2XjRk6A+MAf2UeGIUEbM4WZ6","tlshash":"9182d1454a3d7753f235a6425daef8cac2b5d42d56978c103be2541a3dff28e33109d8","first_seen":"2025-09-17T00:02:10.421759Z","last_seen":"2026-06-19T02:20:47.743787Z","times_seen":39867,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":101,"dns":1,"connect":20,"send":0,"wait":29,"receive":5,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fsystem%2F3%2Fcss%2Fstyle.css\u0026l=6267\u0026fd=589","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.244","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Feb 2026 22:53:11 GMT","end":"Sun, 24 May 2026 22:53:10 GMT"},"fingerprint":{"sha1":"ED:51:C6:32:50:BE:DC:21:A3:AD:D6:A1:DB:98:F0:08:AD:BF:E7:A2","sha256":"56:84:BB:23:CE:A6:AD:BA:2E:8A:D0:F9:92:4F:17:BF:64:9A:7D:1C:AC:77:10:4A:32:94:E4:15:91:57:B1:A8"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fsystem%2F3%2Fcss%2Fstyle.css\u0026l=6267\u0026fd=589 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl26620252=1; slec4a7e8505cb95ed24dea186cf1b52adb6=[6517251]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:08 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T02:20:22.620014Z","times_seen":16531012,"resource_available":true,"data":null}},"time_used":98,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-includes/js/dist/hooks.min.js?ver=dd5603f07f9220ed27f1 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"161d-69a9af04-880afd9;br\"\r\nlast-modified: Thu, 05 Mar 2026 16:27:48 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 1855\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 3414\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6%2Fc1iI9pbFZ5uHQVSXCBpWS4Y1ifoZCN0F8Z4YK27BcsoudYE8DK9EgaoS%2B%2B6H3PkBQJO3ocalnluzv4PEQsguNyYzfrkcRFVO8HNQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045379de1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5661,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (5626)","md5":"90e932bd9e62583fc494c00498cfe7f5","sha1":"4f57e11bff609f90f49174187a0b5a6ba847ad28","sha256":"87cee5f49ba0d3017efc409579fc58b91a717f8f14751f7d804447ac9bcbaf4b","sha512":"ed9c129faf972ddfa705f05c3207884e5e9cd175baa45d49ce9d42bc0d01e4e8f36e627731bdd97214b1e2400fdd5012262a42f9800cd4f5565dbf183ba58507","ssdeep":"96:wXDE/3s/0EBM6ZUUCRTH+zl4NsBjcEmDtrGV2C2yics6w1RfGdzsvqZTq:wzg3kBFZYH+zhjngRw2cLzw1RfGdzsvx","tlshash":"56c153847983b970b2337057f0ff48d561baeba575298081964ec4a05d7388ee0a7abd","first_seen":"2025-10-27T08:47:54.273294Z","last_seen":"2026-06-19T02:07:59.028746Z","times_seen":196369,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-includes/js/dist/i18n.min.js?ver=c26c3dc7bed366793375 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"14c2-69a9af04-880afdd;br\"\r\nlast-modified: Thu, 05 Mar 2026 16:27:48 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 2117\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 3133\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pLswmg4plc%2BmkKKPjiJGxFHP9OABiuTMFIUIG3l0%2FSDLW8NnqflwyoFWundyRRJF9awd5qP1L5jwisNhI1v53azdsiwBqscAVYulGA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045379df1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":5314,"size_decoded":0,"mime_type":"text/javascript","magic":"data","md5":"3a5838d1182eb0b11f5a58bfe26e2529","sha1":"920b2291e65d62eb55c1958911768540abaff5cf","sha256":"d4efe709c65438ae90dff385486421fea45762880f21fc4e0dca3fa96210f428","sha512":"bc41d50cd2e5c17c75ba737c303f2f498cc94e2c3fe402b2f15c5f10531e53633598093da98579b2dee65733dce0f763d77380ae35a9591d8bf91f975b7c6845","ssdeep":"96:L9emIWL7lnv93ssmAeGejQVnmggoC7arVCG0GXF730IQRDdlZq+SxSD3LmD:8mIWZVszMuinmg3rQ8Xd30DDdlZq+Sx3","tlshash":"2bb157dcb9d57022235121a0597fb409f3357d6470ebb8006ba9c4a47eb15cfb1a2fad","first_seen":"2025-10-27T08:47:54.280246Z","last_seen":"2026-06-19T02:07:59.022835Z","times_seen":193485,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"3e69-64349486-b00a8b4;br\"\r\nlast-modified: Mon, 10 Apr 2023 22:58:14 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 5684\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 3133\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I2sRSrBNvW7OF%2BCxeixJ4IaTP6PaAaKbNVBIaiJI1%2FIimK%2BYr8ZX2WuUszmEzksct5Zeq9z%2FLJqBcR8SaHGY2bGnXhLzqF5KP2Tegw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045379e11806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":15977,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (15977), with no line terminators","md5":"ee858e15db40066634ae2d7c3959fbf0","sha1":"82d919c1c636bbad55ae555ce661f9c34a3a7cfc","sha256":"dc869996cbc8f47cab9aeb9523f81a7f420207a2601cce9ba45e9b7e0e261452","sha512":"740ca0251429d605d84e91af1f06b496b7653cb9d0b3847f03b0bafdd1fac848df2b98f0e6e82f743659997e9ee40fa398b1be87b093a9a33c9703d71910822e","ssdeep":"384:8ron3hNZqWPgKQMsD2PNh7ydeAUKILk76ZuoWmyDOgLSttFe6s/fdq/7:UKy2Nh+dexI6SmyDOgmttp","tlshash":"4772f8f532c030722fa624e5987f864761327c295849d491ba58d8f51dbce8ae073fb9","first_seen":"2023-04-01T10:28:26Z","last_seen":"2026-06-18T23:38:37.219188Z","times_seen":12699,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-creative1.com/sb/interstitial/sweep/default/android_bigsystem/2/index.html","fqdn":"cdn.show-creative1.com","domain":"show-creative1.com","tld":"com"},"ip":{"addr":"172.67.208.42","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:07.250Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-creative1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 22:00:04 GMT","end":"Sun, 03 May 2026 22:58:27 GMT"},"fingerprint":{"sha1":"FA:63:AA:B4:65:DE:EB:50:F5:A0:F4:25:77:0E:E1:56:4B:9C:C5:1A","sha256":"00:CF:18:86:D3:98:19:21:01:C5:18:5F:25:57:AA:F6:D3:DA:44:53:A5:D9:94:57:ED:F3:B1:AA:3A:3D:38:9C"}}},"request":{"raw":"GET /sb/interstitial/sweep/default/android_bigsystem/2/index.html HTTP/1.1\r\nHost: cdn.show-creative1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:07 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:17:32 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nYjFsum0VZ0MXz2ppVm4gZEm6o2fAwMoi8rIauGZt5JU8uTY7q28ffQCg0faP%2FEuLpQ53xJlv6syB27fcB0gjOQSuBPn6OYv0gLZaFku9G%2Fp6XS5TZ8%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ddb0464be882382-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":1614,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"c34a8419e551c1ae567127b49563a900","sha1":"479149a21f4cf642e729b25400bfc61820617835","sha256":"06b34e2b405cd668fa285bd75fff14adeb4d8ed5c8c61bc6528360e381bcfd51","sha512":"4975b856500c262b2472074cc133df40993d355e3eb78d2d1035ae1e11bd5623e777aa61f7b85201870f14fa0cd7c5d7e991b65755594110f7813f4a1436522e","ssdeep":"","tlshash":"1a315e161ef8c97720c59080bb703f7be8d1a9cb8956240172fc4694cbd6a88c9e7a17","first_seen":"2025-08-23T20:32:05.879827Z","last_seen":"2026-06-17T09:06:38.611198Z","times_seen":354,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":63,"dns":34,"connect":8,"send":0,"wait":140,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/plugins/download-manager/assets/js/front.min.js?ver=3.3.51","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/plugins/download-manager/assets/js/front.min.js?ver=3.3.51 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"83b5-69a9bd8f-98000a5;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:29:51 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 10370\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 3134\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B932qqLOQBuHnNOrzekGLHg9ERMCdxyzSpZWK684UvmZgeVw5goiyRu0ldT4toP0LJGHVQAEF42zHVQVuMPNK%2FpG%2B49FwamCy5tTfA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045359d51806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":33717,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (26601)","md5":"1731c5a027ce4ef4cfa5515a1b612aab","sha1":"b177c499935a6376c58810476e09fa5446e209ea","sha256":"0ede5fb0b0ff02ed0ae707fe1c51b95980426dc6f723b86ea2b376633bb2b5d9","sha512":"a50d2fbbdc0fa89e3c5d4a37cce2fc944621cd65b12d13835547cefd2c4b6ce4d9bbb14d001f4380bc6565e41953d37a5ac426533e0485479cb8b14933c2326b","ssdeep":"768:6IuIxmrR/TqCcp38u+GMC0zTY72Y6f9Ue8AEhNW:6X0pD56ehNW","tlshash":"13e2f939b930727616ff219b701b770a7833586bd6069a00b43cf1e41bbce465667b2b","first_seen":"2026-02-17T08:01:51.120284Z","last_seen":"2026-06-18T18:58:55.683857Z","times_seen":830,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/themes/kadence/assets/js/splide.min.js?ver=1.4.5","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/themes/kadence/assets/js/splide.min.js?ver=1.4.5 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"7443-69a9bbc9-c806d09;br\"\r\nlast-modified: Thu, 05 Mar 2026 17:22:17 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 12574\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-powered-by: CyberPanel-OLS/2.4.4\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=3,i=?0\r\nage: 3413\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BO9znwda3aD10pIdoNcoBEJk9OFqHF6YLTnISTDy66aQM4ANSDCtz6TUUv6eHB%2Bx1LHvXau1YwC6ZENel%2FmbscOARB9aN5dg1LGtCg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045389e91806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":29763,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29400)","md5":"dab7fc9d3a0fe3216703ada0b424b01d","sha1":"f0cc6b8c11b09195e3675338da9761f2fe6d272c","sha256":"f915b9eb6a60a2a0dda355aceaf19b00b44ba8a2429ac7c1dc0a8059e486736d","sha512":"dba0f3234d8a455f0d045968c3e7f57b6b1a67d2fa90ed2f0c58ca574a9c42462f005ac9f693d42b6b58b22d1bcb8e3dcbed4c0aee31cff5f925c18771741d28","ssdeep":"768:xveaVfq2uGhc6eIRE2yNQ4iyHuqpp0L0pvj8vCwF3CH:x5VfqpGvPqZWyNf0L0pvjWCwF3M","tlshash":"d8d2d68c72c1b42a279364f3a1af044ba27b29455c0e5510e4eaf8f47c786bd936bddc","first_seen":"2023-10-30T11:59:40Z","last_seen":"2026-06-18T18:50:51.085359Z","times_seen":696,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wayfarerorthodox.com/4a/7e/85/4a7e8505cb95ed24dea186cf1b52adb6.js","fqdn":"wayfarerorthodox.com","domain":"wayfarerorthodox.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.401Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"wayfarerorthodox.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:35:17 GMT","end":"Thu, 28 May 2026 00:35:16 GMT"},"fingerprint":{"sha1":"17:4A:E8:7A:8D:4C:22:69:70:30:C3:3D:6A:72:7A:68:E9:D2:3C:83","sha256":"0D:06:FA:1C:4D:9B:7A:47:4C:58:29:3B:40:85:C2:D1:F6:2B:AE:C5:66:2E:53:32:27:48:B1:F2:5C:2C:A7:A1"}}},"request":{"raw":"GET /4a/7e/85/4a7e8505cb95ed24dea186cf1b52adb6.js HTTP/1.1\r\nHost: wayfarerorthodox.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 34690\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: wayfarerorthodox.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 94e35d2e8e010c01f6f1274724741972\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":91800,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"bbe64f0cccef223f45d4d969c9ed5698","sha1":"9b8df8eb713efa8978d28e9aec39fbce4a053548","sha256":"7f65ea30cba0445eff4455f54fff9ffbde3b923633bfbc5938877baf5218a1f7","sha512":"85a7f406a1d71f522273e30ebbffff553ba140a97b3cd29ee547f9ebaf4be3d2973eff95661318c58f2141132ead53b3beecd6fc3af6e202f67bb47e757f4d44","ssdeep":"1536:1sgv0NC4Y5Tll1apjTHlxn0WuXEon8USxNKo4hRl+GdanrEf74:agvA25lIpZxn0WuXEon8pCTag74","tlshash":"7493e8887fb272ed4396307b362fb006f22a9d512498f4f4d586b8e52e7876da437704","first_seen":"2026-03-17T09:37:34.167176Z","last_seen":"2026-03-17T09:37:34.167176Z","times_seen":1,"resource_available":true,"data":null}},"time_used":795,"timings":{"blocked":308,"dns":0,"connect":95,"send":0,"wait":103,"receive":95,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"wayfarerorthodox.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sourshaped.com/watch.1320845841861.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\u0026shu=760fb0cdb0767d1af5537725f71a63cab7ac66dc67050e0ee898432ce056038a58b02c601e70c58893bda55ce57d7c4ab0e87f81f9b52a77cad099b6927388b2ddfcbdfdc09375f1b1222ecc23b864e0e60c0e044a9ff7c6304623\u0026pst=1773740285\u0026rmtc=t\u0026st1=8c3809a559586ff0c10bd9b07d1d6ea9\u0026ps1=1773740225","fqdn":"sourshaped.com","domain":"sourshaped.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:05.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"sourshaped.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 27 Feb 2026 00:01:03 GMT","end":"Thu, 28 May 2026 00:01:02 GMT"},"fingerprint":{"sha1":"F1:AF:5D:36:35:F4:F3:93:55:9A:8D:70:8F:C7:F5:6B:E2:26:FB:8E","sha256":"D3:58:1D:7D:AD:70:61:0C:FF:96:A1:79:6D:1D:A0:CF:58:59:D3:71:56:63:92:64:9D:FF:B5:46:E7:65:17:11"}}},"request":{"raw":"GET /watch.1320845841861.js?key=bdbf20116fc8d5cbc12e86158035c95d\u0026kw=%5B%22pc%22%2C%22-%22%2C%22ghostwire%22%2C%22tokyo%22%2C%22savegame%22%5D\u0026refer=https%3A%2F%2Fsavegame.pro%2Fpc-ghostwire-tokyo-savegame%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69%3A2%3A1\u0026shu=760fb0cdb0767d1af5537725f71a63cab7ac66dc67050e0ee898432ce056038a58b02c601e70c58893bda55ce57d7c4ab0e87f81f9b52a77cad099b6927388b2ddfcbdfdc09375f1b1222ecc23b864e0e60c0e044a9ff7c6304623\u0026pst=1773740285\u0026rmtc=t\u0026st1=8c3809a559586ff0c10bd9b07d1d6ea9\u0026ps1=1773740225 HTTP/1.1\r\nHost: sourshaped.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://savegame.pro\r\nReferer: https://savegame.pro/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNjMzMzQ3OSwiayI6ImJkYmYyMDExNmZjOGQ1Y2JjMTJlODYxNTgwMzVjOTVkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTcwNjA5LCJwaWQiOjMyNjYzNywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjoyMywicHQiOjQsInBrIjoia3VmNmk1bWEiLCJjcGtzIjp7IjI5IjoiNGE3ZTg1MDVjYjk1ZWQyNGRlYTE4NmNmMWI1MmFkYjYifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImN0Ijp7ImlkIjozMTQzMjQ0LCJuIjoiT3NsbyJ9LCJyZyI6eyJpZCI6MTg0NCwibiI6Ik9zbG8gQ291bnR5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwiaXdmIjp0cnVlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vc2F2ZWdhbWUucHJvL3BjLWdob3N0d2lyZS10b2t5by1zYXZlZ2FtZS8iLCJ0eiI6MSwiaWR0IjoyLCJhciI6W119fQ.jHlE25U0Sq3_7Y5k7Kfxy1Li-GjFy896lJMZAeNOW6s\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Tue, 17 Mar 2026 09:37:06 GMT\r\nContent-Type: text/html\r\nContent-Length: 2118\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://savegame.pro\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=d7a7eb7e-f53b-4461-aaa2-0d6c5a253c69:2:1; expires=Tue, 24 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\nu_pl16333479=1; expires=Wed, 18 Mar 2026 09:37:06 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 20\r\nHost: sourshaped.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 85a6c8901f156a42fafadd6a9c266942\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4298,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3422)","md5":"c5cac825c17d58e786dc3ed52b91aefa","sha1":"1fc09754fb92b6cab33e0af61cecc806317d633b","sha256":"abfaf88d7e0f3a5c0908c2bc1dd3bb0b1a57100009a4923b86bd5293c3f08266","sha512":"a4be95398417f40abaa462ab37205c343155e9c8af3814ac7906439ba8d5af2bf1871584db4a913dd4d66fc488f4e3695459f9309c319c76a36417c22932f845","ssdeep":"96:vozzjY5RBNStUhSyN4INrHk/kRBNStUhSyN4INX1ZDaQACfMEDaH:wzkjSryTHk0jSryNVaQACkCaH","tlshash":"bf910a3d6c8da6bf6b0c0297217afc1c2c21930a2a04d5d6fe4eca84af00719097de89","first_seen":"2026-03-17T09:37:34.168063Z","last_seen":"2026-03-17T09:37:34.168063Z","times_seen":1,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":115,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"sourshaped.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:08.483Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://savegame.pro\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 16 Mar 2026 19:50:51 GMT\r\nexpires: Tue, 16 Mar 2027 19:50:51 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nage: 49577\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-06-19T02:15:57.575743Z","times_seen":193331,"resource_available":false,"data":null}},"time_used":39,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":22,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-content/cache/min/1/wp-content/plugins/download-manager/assets/wpdm-iconfont/css/wpdm-icons.css?ver=1773059684","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-content/cache/min/1/wp-content/plugins/download-manager/assets/wpdm-iconfont/css/wpdm-icons.css?ver=1773059684 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=16070400\r\nexpires: Mon, 16 Mar 2026 12:38:20 GMT\r\netag: \"88b-69aebe64-68138f5;br\"\r\nlast-modified: Mon, 09 Mar 2026 12:34:44 GMT\r\ncontent-type: text/css\r\ncontent-length: 554\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 75257\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WNCiQ%2B95TsrlPFpqdD62YVdnAv2PiDCUgyqhRBMtpY0zuglQ4mUHt05KCF7VpcR6RgK2L8w8XXA0xEcNJlRGVI8chbMdxuTj6tfiyg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045339b31806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2187,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (2187), with no line terminators","md5":"9834b7fc475f1c19502991825b897fe2","sha1":"dfc1566cbbd8b2123e288726e9bba59b1bae2531","sha256":"a90d9165e474f4abfb2e518c74c60f23bd182cdef1830935533118aaf9384c80","sha512":"01026d0711a60e1bd51ae19bc69d1d2011ef2d98979e2b86760fdf87f891eeafb46e7a5ff2bab58a25b50d236221646a6654b9a9cce0a4c7c04c367ac5648f1e","ssdeep":"","tlshash":"1441d2b1f13934d727f6d663a3e62f07a6167a21b740cf25e02e293c6dda7442181b39","first_seen":"2025-05-07T11:35:29.876748Z","last_seen":"2026-06-18T02:58:52.071451Z","times_seen":125,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"savegame.pro/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"savegame.pro","domain":"savegame.pro","tld":"pro"},"ip":{"addr":"104.21.38.142","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:04.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"savegame.pro","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Mar 2026 04:22:09 GMT","end":"Mon, 08 Jun 2026 05:18:11 GMT"},"fingerprint":{"sha1":"D9:D5:9F:EB:ED:04:C5:D1:EC:68:BC:51:01:4E:FD:11:26:CA:67:2B","sha256":"42:3F:DB:E8:69:DD:09:91:12:B6:2C:BD:E8:72:58:53:36:98:07:A8:19:67:C6:D9:68:E9:30:01:CF:4C:85:91"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: savegame.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://savegame.pro/pc-ghostwire-tokyo-savegame/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\netag: \"15601-65c8e7da-b00a8b9;br\"\r\nlast-modified: Sun, 11 Feb 2024 15:29:30 GMT\r\ncontent-type: text/javascript\r\ncontent-length: 29597\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Tue, 17 Mar 2026 09:37:04 GMT\r\nserver: cloudflare\r\nx-turbo-charged-by: LiteSpeed\r\npriority: u=2,i=?0\r\nage: 3134\r\ncache-control: max-age=16070400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sBVglOxDyeLUxK281qLoxmFxVKHfKw876KIEb2jzA0WOEWXrHwy82h7dwPcLMlUFgHShop9iih43L0fPN2RaqomdtoIcuWRBNf3aDQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ddb045349cc1806-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-06-19T02:18:51.469853Z","times_seen":914794,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-17","alert":"Sinkholed","trigger":"savegame.pro","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/6c/7d/80/6c7d8051aa19f2f3e631e0fe383ba962/1756656863.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 02:33:25 GMT","end":"Fri, 05 Jun 2026 02:33:24 GMT"},"fingerprint":{"sha1":"4A:66:11:51:1F:1F:F3:84:B6:E4:4F:81:C1:03:83:9F:01:17:7E:82","sha256":"DA:55:E3:02:D5:3C:4E:3A:51:ED:21:0D:F4:32:52:C2:C5:31:87:50:DC:AB:13:D9:93:4A:15:0C:D9:8C:D6:4F"}}},"request":{"raw":"GET /cti/6c/7d/80/6c7d8051aa19f2f3e631e0fe383ba962/1756656863.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66898\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:14:23 GMT\r\netag: \"68b474df-10552\"\r\nexpires: Thu, 19 Mar 2026 09:37:06 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66898,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 11:35:12], progressive, precision 8, 728x90, components 3","md5":"e580467987c1c30c4ffb17f7ae11f3c0","sha1":"610b07f423750aa257acca2366c4eb17a73c5505","sha256":"2e86c96ad78da3f4820110f2ce0a383d60e49982673d7ebed82f5043c1586d7b","sha512":"6d995ed6eaf343a2c706a3bf86055ab4ad7b885060e5c8621110de3501bf494197511e2111d9e99e49afd8888e0b4af6a2e811c0114885c93f034045a1a5559a","ssdeep":"768:3igBYyTIoQh9x8pLcbxvnd+n5OtUhs1NmyQv8brypNoQD2Gsa2xP/lfGOp+BtrEs:bBUhj8a855hs2Ivyp+m26clTp+BEc","tlshash":"7b63f189eb52cd23eed11e349cc1e5e24152cd60a2a3626578adfe407fb63f59d0c20b","first_seen":"2025-09-02T14:53:06.163646Z","last_seen":"2026-05-18T07:54:07.798636Z","times_seen":701,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":128,"dns":78,"connect":19,"send":0,"wait":19,"receive":45,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://savegame.pro/pc-ghostwire-tokyo-savegame/","date":"2026-03-17T09:37:06.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 07 Mar 2026 02:33:25 GMT","end":"Fri, 05 Jun 2026 02:33:24 GMT"},"fingerprint":{"sha1":"4A:66:11:51:1F:1F:F3:84:B6:E4:4F:81:C1:03:83:9F:01:17:7E:82","sha256":"DA:55:E3:02:D5:3C:4E:3A:51:ED:21:0D:F4:32:52:C2:C5:31:87:50:DC:AB:13:D9:93:4A:15:0C:D9:8C:D6:4F"}}},"request":{"raw":"GET /cti/8d/07/7a/8d077a03bf40c94dc34ac4b8af9a446c/1756656412.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 17 Mar 2026 09:37:06 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 77354\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:06:52 GMT\r\netag: \"68b4731c-12e2a\"\r\nexpires: Thu, 19 Mar 2026 09:37:06 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77354,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:29 18:18:22], progressive, precision 8, 300x250, components 3","md5":"e4267b78fbfd9ec2cb935ff9d689393f","sha1":"80ad53e77eff7c9e2e2ec2aa782e2406bc133c72","sha256":"16b434f519fdf956da056ae83d2a8847179c3fccc2a88d1e80d886cec82ba164","sha512":"58faf0e02cf388518ee515a9b1ff2d3ec1dc9d048d4ca2b0c95ec3f66c7966f2151a8839e367b58d3b70fde29bbfaf2add06de0ad8ae2561556b1770d9f0f1cc","ssdeep":"1536:GB6pzB6p2ZYp69CExL6kGcjhulQrdcP8VXW4I+USZjGM5ndwRmxvD:GB6tB6GYp63Zjhlr71Wv/SdGuiM","tlshash":"8f73e03ffbe5af41f5d092b9bce2c243729eaf805a232b957d1c62097752190ad0d11b","first_seen":"2025-09-02T18:53:07.782432Z","last_seen":"2026-05-17T22:22:09.9686Z","times_seen":1080,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}