{"report_id":"69e26a1b-a8a4-43bf-a0d5-1cf0bf1fece6","version":6,"status":"done","tags":[],"date":"2026-01-03T13:48:28Z","url":{"schema":"http","addr":"get.newcircle.club/","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"get.newcircle.club/","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"title":"Newcircle Companion","dom":{"size":961,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (961), with no line terminators","md5":"617ac7ae40891f8ee8cee1dc8e47b93d","sha1":"754a9277f950e70a52721e2235cc5f42feaf621c","sha256":"7d1c97f8c9a08b74415fc321fae799be9ff919654ea347a2f0f6ad62e6fba916","sha512":"cf8475d247c8ce89400b4959d862f89a8a64ae1892d0323f389593613cb0f0cf44f048635f2f2d568b5b0cad088cba54472411627eb7734bb3567a65d05c0833","ssdeep":"","tlshash":"701104963dc85a38423d4712b6abb70d321697279874ec108416dcac7fb4cdbd9537c2","dom_hash":"domhash5349785f06b413655580aaf4418cc763","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"get.newcircle.club/","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":0,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T13:48:28Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-01-03","alert":"Hunting_JS_WebAssembly","trigger":"get.newcircle.club/assets/index-Df-NkMDK.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"get.newcircle.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-12-28T22:17:36.419718Z","alert_count":0,"request_count":3,"received_data":1230395,"sent_data":1354,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2025-12-28T22:22:58.360429Z","alert_count":0,"request_count":1,"received_data":852,"sent_data":1001,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-28T22:17:10.032556Z","alert_count":0,"request_count":1,"received_data":3241,"sent_data":470,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-28T22:14:05.525046Z","alert_count":0,"request_count":1,"received_data":49367,"sent_data":558,"comment":"","tags":null,"fingerprints":null},{"fqdn":"mp.rw.mt","ip":{"addr":"5.161.84.106","port":443,"asn":213230,"as":"Hetzner Online GmbH","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":2,"received_data":1445,"sent_data":974,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"get.newcircle.club","ip":{"addr":"34.21.15.74","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":5,"request_count":4,"received_data":2253004,"sent_data":2779,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"js.stripe.com","ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"1995-09-12","domain_rank":7985,"first_seen":"2012-09-30T12:39:23Z","last_seen":"2025-12-28T23:38:23.675296Z","alert_count":0,"request_count":3,"received_data":918090,"sent_data":1498,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Stripe","description":"Stripe offers online payment processing for internet businesses as well as fraud prevention, invoicing and subscription management.","website":"https://stripe.com","common_platform_enumeration":"","icon":"Stripe.svg","categories":["Payment processors"]}]},{"fqdn":"runwayer.ams3.cdn.digitaloceanspaces.com","ip":{"addr":"104.18.42.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":5,"received_data":269377,"sent_data":2408,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"m.stripe.network","ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2017-03-16","domain_rank":9008,"first_seen":"2017-05-17T15:53:13Z","last_seen":"2025-12-29T00:10:48.803628Z","alert_count":0,"request_count":2,"received_data":91638,"sent_data":956,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}]},{"fqdn":"www.google.com","ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-12-28T22:22:31.188277Z","alert_count":0,"request_count":2,"received_data":1007,"sent_data":1842,"comment":"","tags":null,"fingerprints":null},{"fqdn":"m.stripe.com","ip":{"addr":"44.225.118.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"1995-09-12","domain_rank":7920,"first_seen":"2017-01-30T13:42:51Z","last_seen":"2025-12-29T02:08:40.426138Z","alert_count":0,"request_count":1,"received_data":762,"sent_data":496,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.google.no","ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2025-12-28T22:19:36.894477Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":802,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17685758205\u0026cx=c\u0026gtm=4e5cb0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c23150971a634612254d1dfde675959b","sha1":"403221b3a2bf00559983df0c08c1275ed8e4699b","sha256":"d04e0a59c408636bd5a57d4ad1ecc77fcc66f8b2273b7df5caed7fd67dd08324","sha512":"7759b665ffeb71fa7031d5df96deeb90bfb3aefde1db53634698960cc61f060ba3f07513dd956606355ddcf57173d92534d40f0542430ac65b9191c3d5cc2846","ssdeep":"6144:f7nRtObujKYKw1U95/YeSfDHHYOyQFzfnsdRlTjQWVSACiwpN:DGbuN71cqFnsd/kWwiy","tlshash":"768429cd73c674269396a478403f118ba57b29e2b44ccc95f189cce42e74aaa4277f7c","size":389838,"data":"","first_seen":"2026-01-03T13:48:39.49906Z","last_seen":"2026-01-03T13:48:39.49906Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js","fqdn":"js.stripe.com","domain":"stripe.com","tld":"com"},"ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d96c709017743c0759cf3853d1806ba5","sha1":"72e21587610c49c8305a55e71f73fa88ed618205","sha256":"ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652","sha512":"974e260ed8bd1d99628fc3248f07179f6ea228e37a6b9d3ef906dba57571f2df54d73f93d1f3460902d28a90bd4793bca35477b2ef8fbf424b9112147f04bccf","ssdeep":"","tlshash":"13f0507a75620d7c819e844173df7b00767bd86944057e01865da8c4b760dcbe257bc9","size":526,"data":"","first_seen":"2023-03-07T01:03:26Z","last_seen":"2026-04-26T08:07:32.602193Z","times_seen":89663,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.stripe.network/inner.html#url=https%3A%2F%2Fget.newcircle.club%2F\u0026title=Newcircle%20Companion\u0026referrer=\u0026muid=NA\u0026sid=NA\u0026version=6\u0026preview=false\u0026__shared_params__[version]=basil","fqdn":"m.stripe.network","domain":"stripe.network","tld":"network"},"ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e506dfc98f2f03233432035bf6b3d475","sha1":"d31e6f0cb9c18d57a4b3d02709f090b7bdc39d64","sha256":"7b7e7b9f53f1089f1dd37fd009229a1c59871752400f2bd21dd49fb21c4ce3de","sha512":"83bb528b4e6c9d58c9904da7e9cdc9d581f4a1117cc126a097d2c4f193c3145383d91737f907ebb2f6c00b78b309833fe87db4acae5175230c077f98968361ca","ssdeep":"","tlshash":"0101fd963ac86e34423e4712b26fb706322257239834fc508006dca8bbb0c9be4237c2","size":809,"data":"","first_seen":"2025-09-10T21:19:46.140106Z","last_seen":"2026-04-26T08:07:32.708913Z","times_seen":67468,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.newcircle.club/assets/index-Df-NkMDK.js","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e46f440a0e853fae46bd43b42388c48","sha1":"83f148051df4f30a3f5cd2beeda3389e7747e12b","sha256":"d2425238fff005dd0f6cfbf2cd046573c7c204034c0136b744b32949de4bd7dd","sha512":"bcf50e1015500483b5eb29042cf5fd2f2fc18cac8f8b5a3597ddd85cdd54185443beae5ded40092537d4ecf74b872de09976290818fb06c35133dc84f1a0efec","ssdeep":"49152:NnC/HbcL4+Du/PHWt2fhsA0+2hn/kzXSpwpYywI8wWM1nRimS/xr8Jox52kNLnxU:N+rg9YN","tlshash":"33a56bcdb1a5b626639755e0803f410bf33d2915681d84a0f0ebdce63a78509a37bfb9","size":2192392,"data":"","first_seen":"2026-01-03T13:48:39.554499Z","last_seen":"2026-01-03T13:48:39.554499Z","times_seen":1,"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-01-03","alert":"Hunting_JS_WebAssembly","trigger":"get.newcircle.club/assets/index-Df-NkMDK.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"get.newcircle.club/","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"acbc24b1e7c8968d2eb1dd157643233f","sha1":"4a91daf8b6dfe2bb351e395e14c27f502f06a7d1","sha256":"b53a17b34d7c1044c215f37a64ef5f0fd6335c3d5fdb4e61a61f01ca39001f9c","sha512":"3eb7c2778120ad589346d4ff3e33bf75343c9296fa832dd4176b4bb9bf832147bdb4cdbce5e263eaf05cdc601b26fc7c521d38386270294b4bce86905b8e8032","ssdeep":"","tlshash":"67f09e9a2c53a45637fa2539c327a6662762070364c2d909ba0dc4152fe4a961c4198e","size":564,"data":"","first_seen":"2026-01-03T13:48:39.560057Z","last_seen":"2026-04-19T17:50:37.484339Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.newcircle.club/","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c73afc7ee0c8fdd68ca65c9a45dd72a","sha1":"ca7c47306a2ea3d49bce6a1787620500aca53cb4","sha256":"8b5db766f28afb350edfc24d1c0ffdc3fc238fd380e630fb704a41c0e7a572a8","sha512":"92636c7b5c7d9a6fcab4cd71f00dfd973d648400fc999d62fafb967c0bc972fcb8263410a0b16576f0b598b85d737c516562b722d0a6bdca25d42fe5a396f0a3","ssdeep":"","tlshash":"f3e0c0db7412187162ef85ba23f5a1297153360e780d1823fdfd88242f58a87586359c","size":410,"data":"","first_seen":"2026-01-03T13:48:39.563597Z","last_seen":"2026-04-19T17:50:37.485511Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.newcircle.club/","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f919abaa4598ad33525338c737fa327","sha1":"f3cf250f91bfd50594f573647cd1619bb161b183","sha256":"0a1d77bc462dea17479a2c94c36645a92a9965e2cd0d88df51f2cbe60045368b","sha512":"8e96358516b1acbe7fcbd073e2320ddd571a2cabdc68e8010bbb758d90577f8103b4572116fb7aed25a2fa35b6b1f8bd1ad4e92de87c8ffbd9a3f3a831bedd2f","ssdeep":"","tlshash":"f911656838fd54ac46a692af363fdb4c926d91174c81cc48d50ec0192935e7bc491ebb","size":1049,"data":"","first_seen":"2026-01-03T13:48:39.56877Z","last_seen":"2026-04-19T17:50:37.483132Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-M95WMVK3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6cdb37d24fec8f3e73c3bfdc6833e8b9","sha1":"fd4f6d80fbc83f76940df6d94f71b27432d7fad1","sha256":"14f28c1fa69224f6ac7061a7da38a4dd8b54fe664de66ab251deaaa798741476","sha512":"78e5df048f6cc3947182076adf7b2ce06533ee22aa0bb53bf21532799367c763f270248e0f97e9b683f97246b1b83e706763754d2873040dedb60c16e1f10c44","ssdeep":"6144:/7nRJObujKYKw1U95/YeSfDHHYOyQFzfns8ejWVS3pRZu:jWbuN71cqFns/WSp2","tlshash":"968429cdb3c6746683a2a478503f114ba17b69d2f44cc895f186cce42e74aaa0277f7d","size":386586,"data":"","first_seen":"2026-01-03T13:48:39.494921Z","last_seen":"2026-01-03T13:48:39.494921Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-NCN7V952ZY\u0026cx=c\u0026gtm=4e5cb0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a52ef6dba460860974c733a08c33b377","sha1":"9d5bb4acced2b8a3ce49d18c25507ec313802541","sha256":"a4e1ee60cc7e1db73a207a6f0da46f72067005bcd6e48eed4b4e94c6b964f7b7","sha512":"36d225b9151390e790e679e1fba1da6eb576f9de4da2c15529ad856b859e3270e6fabd63f8ed7fe5cb38339a4a65c13fc664291f1b8e0ff05e3c6b42c333ef12","ssdeep":"6144:Tu7nTmlObujKYKb1U95/YeSfDHHYOyQFzvnsGOb7WVSzyjaJd/EPD5i:ITpbuNm1cqVnspW6PEU","tlshash":"e7a4088e73c670269396f478503f11cba9bb29e2a45cc89ab1c9ccf02d7459a4167f7c","size":452107,"data":"","first_seen":"2026-01-03T13:48:39.537049Z","last_seen":"2026-01-03T13:48:39.537049Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.stripe.network/out-4.5.45.js","fqdn":"m.stripe.network","domain":"stripe.network","tld":"network"},"ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f4d61b273ea36d2e71ce1a601ab0caa2","sha1":"832e652c884863f3a56a13a6a0a43fd56b5e2c85","sha256":"f2a8a36c74c59cfbe7a73d441cfd180ca6e6a9942a74ef9b240191d1c6056a59","sha512":"fe3c3e033551f745e0a8528d0afc239baf3b1045a0442aff9483a8b796ce332310de2230b6803483bd64d7cc6a0a3f420f12b95651822f7ef7687ff311845391","ssdeep":"1536:2sHx8vawlWXGzbS1iSc6q1jboAmKum7EqI47d+/:2sHx8vzWX8O1iSg1jboAmKum7Eq3p+/","tlshash":"608353c97aa6f45942f368ba802f610bf23f9d15044da041f6a1d8e17c791ed8273f6e","size":88737,"data":"","first_seen":"2025-09-10T21:19:46.014301Z","last_seen":"2026-04-26T08:07:32.640632Z","times_seen":67982,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.stripe.com/basil/stripe.js","fqdn":"js.stripe.com","domain":"stripe.com","tld":"com"},"ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dede697bfa7a7146baef52bb7a0def78","sha1":"da700b3213d51444ec97aacb485adfb9d316e4d8","sha256":"bace41e156f26c3a1514e28970a8c836ec4aaf862e29e2bad8889189c6c0cda9","sha512":"a73f09d1742551f693436e34529bb5a4b91edbd37210e24dd8da7824a61c9007d307186ec4dfe2a3c04e688cf0388eec6f82aa6fead988451b87f971b700c0d5","ssdeep":"12288:XoMNQ6c1objdULvSYQaEXQxZRzFsuSjLBX+D+JiP93JcIdhDRbvHadD+UA4DWs0C:XoQbdwvSlB/Jdid/ttYXG4oGBJ","tlshash":"ed152a8db5e6b02143dbb1a9607b620eb3369900250d4410f956ced92dbeedbe133f6d","size":914552,"data":"","first_seen":"2025-12-25T03:58:21.030236Z","last_seen":"2026-01-05T17:33:08.05099Z","times_seen":180,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"m.stripe.com/6","fqdn":"m.stripe.com","domain":"stripe.com","tld":"com"},"ip":{"addr":"44.225.118.50","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://m.stripe.network/inner.html#url=https%3A%2F%2Fget.newcircle.club%2F\u0026title=Newcircle%20Companion\u0026referrer=\u0026muid=NA\u0026sid=NA\u0026version=6\u0026preview=false\u0026__shared_params__[version]=basil","date":"2026-01-03T13:48:04.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"m.stripe.com","organization":"Stripe, Inc"},"issuer":{"commonName":"DigiCert TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 30 Oct 2025 00:00:00 GMT","end":"Thu, 19 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"59:3B:75:3A:E7:D8:5D:53:BF:20:D7:94:4F:33:F6:D4:49:C0:5B:B9","sha256":"FB:03:20:5F:62:12:9C:B4:D8:70:10:90:57:6F:BA:63:B4:36:6F:83:45:DB:34:C3:FD:D5:0F:18:8B:25:C1:15"}}},"request":{"raw":"POST /6 HTTP/1.1\r\nHost: m.stripe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 3096\r\nOrigin: https://m.stripe.network\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.stripe.network/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":3096,"data":"JTdCJTIydjIlMjIlM0ExJTJDJTIyaWQlMjIlM0ElMjJhZDRiZDY2MThlMTc0NzU0MWQwNzZjNzFiMGIxMDQ2NyUyMiUyQyUyMnQlMjIlM0E1MjklMkMlMjJ0YWclMjIlM0ElMjIlMjRucG1fcGFja2FnZV92ZXJzaW9uJTIyJTJDJTIyc3JjJTIyJTNBJTIyanMlMjIlMkMlMjJhJTIyJTNBJTdCJTIyYSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJ0cnVlJTIyJTJDJTIydCUyMiUzQTAlN0QlMkMlMjJiJTIyJTNBJTdCJTIydiUyMiUzQSUyMnRydWUlMjIlMkMlMjJ0JTIyJTNBMCU3RCUyQyUyMmMlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyZW4tVVMlMkNlbiUyMiUyQyUyMnQlMjIlM0EwJTdEJTJDJTIyZCUyMiUzQSU3QiUyMnYlMjIlM0ElMjJXaW4zMiUyMiUyQyUyMnQlMjIlM0EwJTdEJTJDJTIyZSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJQREYlMjBWaWV3ZXIlMkNpbnRlcm5hbC1wZGYtdmlld2VyJTJDYXBwbGljYXRpb24lMkZwZGYlMkNwZGYlMkIlMkJ0ZXh0JTJGcGRmJTJDcGRmJTJDJTIwQ2hyb21lJTIwUERGJTIwVmlld2VyJTJDaW50ZXJuYWwtcGRmLXZpZXdlciUyQ2FwcGxpY2F0aW9uJTJGcGRmJTJDcGRmJTJCJTJCdGV4dCUyRnBkZiUyQ3BkZiUyQyUyMENocm9taXVtJTIwUERGJTIwVmlld2VyJTJDaW50ZXJuYWwtcGRmLXZpZXdlciUyQ2FwcGxpY2F0aW9uJTJGcGRmJTJDcGRmJTJCJTJCdGV4dCUyRnBkZiUyQ3BkZiUyQyUyME1pY3Jvc29mdCUyMEVkZ2UlMjBQREYlMjBWaWV3ZXIlMkNpbnRlcm5hbC1wZGYtdmlld2VyJTJDYXBwbGljYXRpb24lMkZwZGYlMkNwZGYlMkIlMkJ0ZXh0JTJGcGRmJTJDcGRmJTJDJTIwV2ViS2l0JTIwYnVpbHQtaW4lMjBQREYlMkNpbnRlcm5hbC1wZGYtdmlld2VyJTJDYXBwbGljYXRpb24lMkZwZGYlMkNwZGYlMkIlMkJ0ZXh0JTJGcGRmJTJDcGRmJTIyJTJDJTIydCUyMiUzQTAlN0QlMkMlMjJmJTIyJTNBJTdCJTIydiUyMiUzQSUyMjEyODB3XzEwMjRoXzI0ZF8xciUyMiUyQyUyMnQlMjIlM0EwJTdEJTJDJTIyZyUyMiUzQSU3QiUyMnYlMjIlM0ElMjIwJTIyJTJDJTIydCUyMiUzQTElN0QlMkMlMjJoJTIyJTNBJTdCJTIydiUyMiUzQSUyMmZhbHNlJTIyJTJDJTIydCUyMiUzQTAlN0QlMkMlMjJpJTIyJTNBJTdCJTIydiUyMiUzQSUyMnNlc3Npb25TdG9yYWdlLWVuYWJsZWQlMkMlMjBsb2NhbFN0b3JhZ2UtZW5hYmxlZCUyMiUyQyUyMnQlMjIlM0EyJTdEJTJDJTIyaiUyMiUzQSU3QiUyMnYlMjIlM0ElMjIwMDAwMDAwMDAwMTAwMDExMDAwMDEwMDAxMDAwMDAwMDAwMDAwMDAwMDExMDAwMDAwMDEwMDAwJTIyJTJDJTIydCUyMiUzQTUyMCUyQyUyMmF0JTIyJTNBNTklN0QlMkMlMjJrJTIyJTNBJTdCJTIydiUyMiUzQSUyMiUyMiUyQyUyMnQlMjIlM0EwJTdEJTJDJTIybCUyMiUzQSU3QiUyMnYlMjIlM0ElMjJNb3ppbGxhJTJGNS4wJTIwKFdpbmRvd3MlMjBOVCUyMDEwLjAlM0IlMjBXaW42NCUzQiUyMHg2NCUzQiUyMHJ2JTNBMTM0LjApJTIwR2Vja28lMkYyMDEwMDEwMSUyMEZpcmVmb3glMkYxMzQuMCUyMiUyQyUyMnQlMjIlM0EwJTdEJTJDJTIybSUyMiUzQSU3QiUyMnYlMjIlM0ElMjIlMjIlMkMlMjJ0JTIyJTNBMSU3RCUyQyUyMm4lMjIlM0ElN0IlMjJ2JTIyJTNBJTIyZmFsc2UlMjIlMkMlMjJ0JTIyJTNBNDY0JTJDJTIyYXQlMjIlM0EzJTdEJTJDJTIybyUyMiUzQSU3QiUyMnYlMjIlM0ElMjI5YzE5YTBiNTk5NDVjNWI4ZGZkNWE4N2EwMjZkMTgxNSUyMiUyQyUyMnQlMjIlM0E0MTclN0QlN0QlMkMlMjJiJTIyJTNBJTdCJTIyYSUyMiUzQSUyMiUyMiUyQyUyMmIlMjIlM0ElMjJodHRwcyUzQSUyRiUyRk13bGhrNHBqRVlkcUhfN0ZvNjc4dnM1MXR6ZEFkVE14QW9iU2NwZUVVY1UuX0VGUlhnZ0NHVmdqNlgtVzk3YnFDd2tMRkZDejBWbXNBMnAtd0NKZUpTVS4wYnItUC1VVzRyOWJVTGtOWHZFc0dEYVI0dXZLQ2JpNGZtaHRnR1kxdVlnJTJGJTIyJTJDJTIyYyUyMiUzQSUyMkExZmJYOG50TF9ISGc3WmxWeHFBeHBEd0FOVkhNOXJFUS1lNzA2U3Z3eXMlMjIlMkMlMjJkJTIyJTNBJTIyTkElMjIlMkMlMjJlJTIyJTNBJTIyTkElMjIlMkMlMjJmJTIyJTNBZmFsc2UlMkMlMjJnJTIyJTNBdHJ1ZSUyQyUyMmglMjIlM0F0cnVlJTJDJTIyaSUyMiUzQSU1QiUyMmxvY2F0aW9uJTIyJTVEJTJDJTIyaiUyMiUzQSU1QiU1RCUyQyUyMm4lMjIlM0EyMzElMkMlMjJ1JTIyJTNBJTIyZ2V0Lm5ld2NpcmNsZS5jbHViJTIyJTJDJTIydyUyMiUzQSUyMjE3Njc0NDgwODQxMzMlM0EwYTg5MzhmZDRhZjI1ZTBlMWQ1MjNmMmZhZTllOWE2ZjA4NTcxNTY2ZjM5YTNiNzczOGVkOTQzM2U5MmVkYmZmJTIyJTdEJTJDJTIyaCUyMiUzQSUyMmMwYTYwYmU3MmVmMzc0NzdjMzA2JTIyJTdE"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 03 Jan 2026 13:48:04 GMT\r\ncontent-length: 156\r\nset-cookie: m=a7725e55-67fc-467c-bc08-04c6c6adb232393f50;Expires=Mon, 03-Jan-2028 13:48:04 GMT;Secure;HttpOnly; SameSite=None\r\nx-content-type-options: nosniff\r\nx-stripe-proxy-response: upstream\r\nx-stripe-server-rpc-duration-micros: 2204\r\naccess-control-allow-origin: https://m.stripe.network\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\ncontent-type: application/json;charset=utf-8\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":156,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"7c4a5761281e2e26ae79832a9e676e83","sha1":"f9c892bb6f9b933f1f431b650f291e65633e7947","sha256":"f4d6e1f0c445ace6f37cc6b967817115cc89c666953038d8c10e5e88bd6a2cc3","sha512":"38dca6308dc1875fb3eb446fa899077a60aea5c6f81fc184394eb55cfd9eb223b100c53e288b889be84d8a79c367d226567e4b5bafd4b8d028c346ee30b72b4f","ssdeep":"","tlshash":"b0c02b05f856bc80e32d97c3a06328d006ebc3a4c0131ffc0a930c0d9499301f0fa606","first_seen":"2026-01-03T13:48:39.456408Z","last_seen":"2026-01-03T13:48:39.456408Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1227,"timings":{"blocked":527,"dns":14,"connect":169,"send":0,"wait":172,"receive":0,"ssl":341},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-NCN7V952ZY\u0026cid=828117441.1767448083\u0026gtm=45je5cb0h2v9224957089z89224923955za20gzb9224923955zd9224923955\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938468~116184927~116184929~116251938~116251940~116682877\u0026z=1659148279","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.251.38.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:03.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:59:22 GMT","end":"Wed, 25 Feb 2026 15:59:21 GMT"},"fingerprint":{"sha1":"E3:8A:B3:9D:E4:8B:53:E7:04:0F:DC:F1:FF:B6:DA:2F:A5:13:E7:D1","sha256":"3D:CC:25:A1:DF:57:5C:E5:5E:62:8C:3E:4C:9E:BF:21:67:03:6E:09:DE:4F:C1:38:17:4D:91:E4:81:A1:1D:6E"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-NCN7V952ZY\u0026cid=828117441.1767448083\u0026gtm=45je5cb0h2v9224957089z89224923955za20gzb9224923955zd9224923955\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938468~116184927~116184929~116251938~116251940~116682877\u0026z=1659148279 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sat, 03 Jan 2026 13:48:03 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-26T08:03:16.379Z","times_seen":821174,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":68,"dns":1,"connect":7,"send":0,"wait":21,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.newcircle.club/api/v1/onboards/configs","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:01.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"get.newcircle.club","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 11:20:34 GMT","end":"Mon, 16 Feb 2026 11:20:33 GMT"},"fingerprint":{"sha1":"73:F9:8F:7B:A7:B4:CF:5C:11:9C:05:AA:DD:62:E8:17:BA:B1:E0:C5","sha256":"12:F4:3A:6B:EA:9D:9A:F1:9E:F6:BF:49:47:7E:1D:DF:F5:6E:74:DE:F8:C1:B9:39:B2:66:75:E6:9A:65:55:3B"}}},"request":{"raw":"GET /api/v1/onboards/configs HTTP/1.1\r\nHost: get.newcircle.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://get.newcircle.club/\r\nContent-Type: application/json\r\nx-request-id: 0d2d7d37-8ef0-4264-900f-23132a9a27f6\r\nx-session-id: bf00711e-c227-441c-9b13-48afad7525d0\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: rw-user-id=3b985fc7-5279-46d0-a1f8-5345d5107af3; mp_f8c2282d45751a6d33bb7d8c49bd085c_mixpanel=%7B%22distinct_id%22%3A%22%24device%3A3b985fc7-5279-46d0-a1f8-5345d5107af3%22%2C%22%24device_id%22%3A%223b985fc7-5279-46d0-a1f8-5345d5107af3%22%7D; _dd_s=logs=1\u0026id=bf00711e-c227-441c-9b13-48afad7525d0\u0026created=1767448081792\u0026expire=1767448981792\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sat, 03 Jan 2026 13:48:01 GMT\r\nContent-Type: application/json; charset=utf-8\r\nContent-Length: 4413\r\nConnection: keep-alive\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\nset-cookie: rw-user-id=3b985fc7-5279-46d0-a1f8-5345d5107af3; Path=/; Expires=Tue, 01 Jan 2036 13:48:01 GMT; HttpOnly; Secure; SameSite=None\r\netag: W/\"113d-EYFXiYEy9x6+0lINMN0WToF2HSc\"\r\nx-cloud-trace-context: 43418d23e16751145c632503cadff906\r\nExpires: Sat, 03 Jan 2026 13:48:01 GMT\r\nCache-Control: private\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4413,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"b2b9d1ae43ffc564013fdd52d3b81ced","sha1":"118157898132f71ebed2520d30dd164e81761d27","sha256":"08d4d74e6692f2fe65d78f19bab954fb876417f660f650c170853da858ee162a","sha512":"63cc2fbb0746e0f35bae8119f8e247feb7c08d02777b1b520e3b839d8073f38dc85417e9df120d4ca972cd36fab2f82c6e5d5f7ef7824ad304a68f388995a742","ssdeep":"96:OwfibHtfTiy/GDcby9RFRUK/SRFRar/AoZL0c6luGRFR07L5RL:0biU8cAFLFL0cj","tlshash":"5391c6c6b5086c359baf42416ccf7e04e4ba729b72ea9d60eccdc93402b45d7903624b","first_seen":"2026-01-03T13:48:39.465937Z","last_seen":"2026-01-03T13:48:39.465937Z","times_seen":1,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"get.newcircle.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js","fqdn":"js.stripe.com","domain":"stripe.com","tld":"com"},"ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fget.newcircle.club%2F\u0026title=Newcircle%20Companion\u0026referrer=\u0026muid=NA\u0026sid=NA\u0026version=6\u0026preview=false\u0026__shared_params__[version]=basil","date":"2026-01-03T13:48:03.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.stripecdn.com","organization":"Stripe, Inc"},"issuer":{"commonName":"DigiCert SHA2 Extended Validation Server CA","organization":"DigiCert Inc"},"validity":{"start":"Wed, 12 Nov 2025 00:00:00 GMT","end":"Thu, 19 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F8:3C:C3:2C:74:4E:F5:15:E6:A1:CC:F9:DE:C4:32:B7:C2:6A:86:3D","sha256":"02:06:F1:39:10:46:EE:4A:33:2F:40:73:F1:F1:40:F7:0A:E6:7A:CE:1A:11:EC:48:C4:96:EC:FC:05:E4:71:7C"}}},"request":{"raw":"GET /v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js HTTP/1.1\r\nHost: js.stripe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 315\r\nlast-modified: Fri, 11 Nov 2022 20:25:36 GMT\r\netag: \"d96c709017743c0759cf3853d1806ba5\"\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: Fastly\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 13:48:03 GMT\r\nvia: 1.1 varnish\r\nage: 3837228\r\nx-request-id: c983f0e8-dc28-4f9c-9902-6b66f28e8ced\r\nx-served-by: cache-hel1410031-HEL\r\nx-cache: HIT\r\nx-cache-hits: 375738\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":526,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (526), with no line terminators","md5":"d96c709017743c0759cf3853d1806ba5","sha1":"72e21587610c49c8305a55e71f73fa88ed618205","sha256":"ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652","sha512":"974e260ed8bd1d99628fc3248f07179f6ea228e37a6b9d3ef906dba57571f2df54d73f93d1f3460902d28a90bd4793bca35477b2ef8fbf424b9112147f04bccf","ssdeep":"","tlshash":"13f0507a75620d7c819e844173df7b00767bd86944057e01865da8c4b760dcbe257bc9","first_seen":"2023-03-07T01:03:26Z","last_seen":"2026-04-26T08:07:32.602193Z","times_seen":89663,"resource_available":true,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"runwayer.ams3.cdn.digitaloceanspaces.com/images/Newcircle/logo.png","fqdn":"runwayer.ams3.cdn.digitaloceanspaces.com","domain":"ams3.cdn.digitaloceanspaces.com","tld":"cdn.digitaloceanspaces.com"},"ip":{"addr":"104.18.42.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ams3.cdn.digitaloceanspaces.com","organization":"DigitalOcean, LLC"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 23 Apr 2025 00:00:00 GMT","end":"Sat, 09 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:4B:DE:6C:17:96:2C:B9:1D:74:BE:4A:75:68:14:BD:01:62:61:1E","sha256":"19:BC:83:28:5B:69:9B:38:61:88:D1:40:B2:49:57:22:C1:24:E1:84:EA:DD:6D:B0:19:E4:93:AB:2B:5D:0C:B1"}}},"request":{"raw":"GET /images/Newcircle/logo.png HTTP/1.1\r\nHost: runwayer.ams3.cdn.digitaloceanspaces.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 73976\r\ncf-ray: 9b82f393f8105ebd-OSL\r\nlast-modified: Wed, 27 Aug 2025 11:07:24 GMT\r\nx-rgw-object-type: Normal\r\netag: \"6640229bb909aa1ff1fed28c1780181b\"\r\nx-amz-request-id: tx0000000138859046b3674-0068aee6fb-ae51fe12-ams3c\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-do-cdn-uuid: be0a6ef8-cc8a-4bb5-a5ae-4ea0ea4016e1\r\ncache-control: max-age=3600\r\ncf-cache-status: HIT\r\nage: 0\r\naccept-ranges: bytes\r\nset-cookie: __cf_bm=MV2pg8QJz58F5ug6cmDg3QpP01m06C9IAJbRcZpbIDc-1767448082-1.0.1.1-u5UHOKsD5.o7CnaJQcha_LbUWRaL6eaXCE3JCFnU.PCB2HFUBOeQYFgl0aBs_9YPbdrBcVau5u7mdegos0MR0eDftkE2evF0I2YLgMPrGos; path=/; expires=Sat, 03-Jan-26 14:18:02 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":73976,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 573 x 548, 8-bit/color RGBA, non-interlaced","md5":"6640229bb909aa1ff1fed28c1780181b","sha1":"cd98a22a2e5bf5fd56303b8de374a70f116d490a","sha256":"52283e42d01c3171a6cacf4771ac7169495d1b0454e883bf3c41f814b996a96a","sha512":"f5ec28556576c49af62b2ab6c880cb3d34dd1f85df02fcc71984209a8b71594b80873fffa7b902427f3f6db2cef3ebe6aa6f1711a48c8bb8e7b6f456d477f44a","ssdeep":"1536:z/8RG4874vVig2SudTC3ygwqT977CDhbXMyIit89qLBWgqB1md8nSHf:oRG4874vV321dO3ygwqJ7khbXMnYLBWU","tlshash":"af73027a795e5d3bfe2cc9baee4ef44ecdd4105e44cf967fcba04b59882a0398528010","first_seen":"2026-01-03T13:48:39.475471Z","last_seen":"2026-04-19T17:50:37.458127Z","times_seen":2,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.newcircle.club/","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T13:47:59.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"get.newcircle.club","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 11:20:34 GMT","end":"Mon, 16 Feb 2026 11:20:33 GMT"},"fingerprint":{"sha1":"73:F9:8F:7B:A7:B4:CF:5C:11:9C:05:AA:DD:62:E8:17:BA:B1:E0:C5","sha256":"12:F4:3A:6B:EA:9D:9A:F1:9E:F6:BF:49:47:7E:1D:DF:F5:6E:74:DE:F8:C1:B9:39:B2:66:75:E6:9A:65:55:3B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: get.newcircle.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sat, 03 Jan 2026 13:48:00 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 724\r\nConnection: keep-alive\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\nset-cookie: rw-user-id=3b985fc7-5279-46d0-a1f8-5345d5107af3; Path=/; Expires=Tue, 01 Jan 2036 13:48:00 GMT; HttpOnly; Secure; SameSite=None\nmp_f8c2282d45751a6d33bb7d8c49bd085c_mixpanel=%7B%22distinct_id%22%3A%22%24device%3A3b985fc7-5279-46d0-a1f8-5345d5107af3%22%2C%22%24device_id%22%3A%223b985fc7-5279-46d0-a1f8-5345d5107af3%22%7D; Path=/; Expires=Sun, 03 Jan 2027 13:48:00 GMT\r\netag: W/\"2d4-Shr6l3YSSIr5QKXD9do4o4w5CJA\"\r\nx-cloud-trace-context: 91957761c65643be9f485cf35922d574\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":724,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"c987042245c63cb2bf0d34ab4eed34fb","sha1":"4a1afa977612488af940a5c3f5da38a38c390890","sha256":"5152c3ff6ba796839b24d48f4ac1100eb785812375ca579b6848efbf6500aea6","sha512":"b2452c8c2051365c4cfad9e68677399fb9c1eabfff2a8f1a4fd2562e9152250b28028799adb8a39419eba02c2ab511571712d49fea09e447c01cf879a837ef5d","ssdeep":"","tlshash":"a0010242c8d64d14421082513ac0f9c69d97d68b478ddd9426bab03cabcd3c1cccfa6c","first_seen":"2026-01-03T13:48:39.479101Z","last_seen":"2026-01-03T13:48:39.479101Z","times_seen":1,"resource_available":false,"data":null}},"time_used":721,"timings":{"blocked":290,"dns":64,"connect":106,"send":0,"wait":141,"receive":0,"ssl":117},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"get.newcircle.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"m.stripe.network/inner.html#url=https%3A%2F%2Fget.newcircle.club%2F\u0026title=Newcircle%20Companion\u0026referrer=\u0026muid=NA\u0026sid=NA\u0026version=6\u0026preview=false\u0026__shared_params__[version]=basil","fqdn":"m.stripe.network","domain":"stripe.network","tld":"network"},"ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fget.newcircle.club%2F\u0026title=Newcircle%20Companion\u0026referrer=\u0026muid=NA\u0026sid=NA\u0026version=6\u0026preview=false\u0026__shared_params__[version]=basil","date":"2026-01-03T13:48:03.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.stripecdn.com","organization":"Stripe, Inc"},"issuer":{"commonName":"DigiCert SHA2 Extended Validation Server CA","organization":"DigiCert Inc"},"validity":{"start":"Wed, 12 Nov 2025 00:00:00 GMT","end":"Thu, 19 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F8:3C:C3:2C:74:4E:F5:15:E6:A1:CC:F9:DE:C4:32:B7:C2:6A:86:3D","sha256":"02:06:F1:39:10:46:EE:4A:33:2F:40:73:F1:F1:40:F7:0A:E6:7A:CE:1A:11:EC:48:C4:96:EC:FC:05:E4:71:7C"}}},"request":{"raw":"GET /inner.html HTTP/1.1\r\nHost: m.stripe.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://js.stripe.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 438\r\nlast-modified: Wed, 10 Sep 2025 21:05:01 GMT\r\netag: \"441070f07f0e89a26ecd81c9afcab8ed\"\r\ncache-control: max-age=300, public\r\ncontent-type: text/html; charset=utf-8\r\ncontent-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e357n1PxCJ8d03/QCSKaHFmHF1JADyvSHdSfshxM494=' 'sha256-5DA+a07wxWmEka9IdoWjSPVHb17Cp5284/lJzfbl8KA=' 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nvia: 1.1 varnish, 1.1 varnish\r\nserver: Fastly\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 13:48:03 GMT\r\nage: 165\r\nx-request-id: 7b6511a9-ebef-4984-b372-47e05a454c01\r\nx-served-by: cache-chi-klot8100092-CHI, cache-hel1410031-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 570, 202\r\nx-timer: S1767448083.444486,VS0,VE0\r\nvary: Accept-Encoding, Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":930,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (930), with no line terminators","md5":"441070f07f0e89a26ecd81c9afcab8ed","sha1":"4fe0f929d48c96ee4e78a1f0ce331eda37edfc60","sha256":"92844e6b1ad5890a9e5e4b9dfb7abdb37dca64e8ca7365052c9d2fc8103c349d","sha512":"464029faf1c59e1f8c6f82c4f0bce314a98b0f3574f764ec067d4bd8cbe6d2016b83357bf242df348f1fb6173485372c2cc9601bc65ca1c99d57809c79cefb27","ssdeep":"","tlshash":"db11049639c85a3442394712a6abb309321657275874ec108406dca87fb4c9bd8637c2","first_seen":"2025-09-10T21:19:46.090509Z","last_seen":"2026-04-26T08:07:32.66705Z","times_seen":67829,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":65,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.newcircle.club/assets/index-Df-NkMDK.js","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:00.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"get.newcircle.club","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 11:20:34 GMT","end":"Mon, 16 Feb 2026 11:20:33 GMT"},"fingerprint":{"sha1":"73:F9:8F:7B:A7:B4:CF:5C:11:9C:05:AA:DD:62:E8:17:BA:B1:E0:C5","sha256":"12:F4:3A:6B:EA:9D:9A:F1:9E:F6:BF:49:47:7E:1D:DF:F5:6E:74:DE:F8:C1:B9:39:B2:66:75:E6:9A:65:55:3B"}}},"request":{"raw":"GET /assets/index-Df-NkMDK.js HTTP/1.1\r\nHost: get.newcircle.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nCookie: rw-user-id=3b985fc7-5279-46d0-a1f8-5345d5107af3; mp_f8c2282d45751a6d33bb7d8c49bd085c_mixpanel=%7B%22distinct_id%22%3A%22%24device%3A3b985fc7-5279-46d0-a1f8-5345d5107af3%22%2C%22%24device_id%22%3A%223b985fc7-5279-46d0-a1f8-5345d5107af3%22%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sat, 03 Jan 2026 13:48:00 GMT\r\nContent-Type: application/javascript; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0\r\nlast-modified: Tue, 30 Dec 2025 15:58:15 GMT\r\netag: W/\"217408-19b6ffb3dd8\"\r\nx-cloud-trace-context: f66500f832d3d8aa41051ec0ef2c944d\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2192392,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (38362)","md5":"962fe66384004c73979d588d4e023811","sha1":"6f992cb66e7eefc7b0dd897d0c99e8a71ff544b7","sha256":"d21d0f22040c778905908f8358f2d63818b4c63550a1537c1fdf209c449a3c46","sha512":"6fe7675e2106e74e8c8ba1aa36ee0da6cb3dfd426285db2951a7b3361d0bedfa3f7d72e60f1d57fb0de5ea5b77dfcf201033e846290c03c841bc4bc8a471f577","ssdeep":"24576:kqnC/HbcL4+Du/PHWt2fhsA0+2hn/83nzXSpwpYywI8wWM1X:NnC/HbcL4+Du/PHWt2fhsA0+2hn/kzXP","tlshash":"5c256bd97191b62547db05e2d07f010bf3392a15641e80a0f1aecde63ab9409a37bfbd","first_seen":"2026-01-03T13:48:39.490313Z","last_seen":"2026-01-03T13:48:39.490313Z","times_seen":1,"resource_available":false,"data":null}},"time_used":709,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":458,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-01-03","alert":"Hunting_JS_WebAssembly","trigger":"get.newcircle.club/assets/index-Df-NkMDK.js","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"get.newcircle.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-M95WMVK3","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.195Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtm.js?id=GTM-M95WMVK3 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\nexpires: Sat, 03 Jan 2026 13:48:02 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sat, 03 Jan 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 131019\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":386586,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7441)","md5":"6cdb37d24fec8f3e73c3bfdc6833e8b9","sha1":"fd4f6d80fbc83f76940df6d94f71b27432d7fad1","sha256":"14f28c1fa69224f6ac7061a7da38a4dd8b54fe664de66ab251deaaa798741476","sha512":"78e5df048f6cc3947182076adf7b2ce06533ee22aa0bb53bf21532799367c763f270248e0f97e9b683f97246b1b83e706763754d2873040dedb60c16e1f10c44","ssdeep":"6144:/7nRJObujKYKw1U95/YeSfDHHYOyQFzfns8ejWVS3pRZu:jWbuN71cqFns/WSp2","tlshash":"968429cdb3c6746683a2a478503f114ba17b69d2f44cc895f186cce42e74aaa0277f7d","first_seen":"2026-01-03T13:48:39.494921Z","last_seen":"2026-01-03T13:48:39.494921Z","times_seen":1,"resource_available":true,"data":null}},"time_used":437,"timings":{"blocked":188,"dns":9,"connect":7,"send":0,"wait":28,"receive":25,"ssl":176},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"runwayer.ams3.cdn.digitaloceanspaces.com/images/Newcircle/logo.png","fqdn":"runwayer.ams3.cdn.digitaloceanspaces.com","domain":"ams3.cdn.digitaloceanspaces.com","tld":"cdn.digitaloceanspaces.com"},"ip":{"addr":"104.18.42.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ams3.cdn.digitaloceanspaces.com","organization":"DigitalOcean, LLC"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 23 Apr 2025 00:00:00 GMT","end":"Sat, 09 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:4B:DE:6C:17:96:2C:B9:1D:74:BE:4A:75:68:14:BD:01:62:61:1E","sha256":"19:BC:83:28:5B:69:9B:38:61:88:D1:40:B2:49:57:22:C1:24:E1:84:EA:DD:6D:B0:19:E4:93:AB:2B:5D:0C:B1"}}},"request":{"raw":"GET /images/Newcircle/logo.png HTTP/1.1\r\nHost: runwayer.ams3.cdn.digitaloceanspaces.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 73976\r\ncf-ray: 9b82f39408245ebd-OSL\r\nlast-modified: Wed, 27 Aug 2025 11:07:24 GMT\r\nx-rgw-object-type: Normal\r\netag: \"6640229bb909aa1ff1fed28c1780181b\"\r\nx-amz-request-id: tx0000000138859046b3674-0068aee6fb-ae51fe12-ams3c\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-do-cdn-uuid: be0a6ef8-cc8a-4bb5-a5ae-4ea0ea4016e1\r\ncache-control: max-age=3600\r\ncf-cache-status: HIT\r\nage: 0\r\naccept-ranges: bytes\r\nset-cookie: __cf_bm=e.Sz_NQi70XXCTwJaiY0aXXr_BlXpxWJcJz26EA9LTk-1767448082-1.0.1.1-bQRTLlQhFiwXzpudFMtmVblKf9i98aHsadKaPyIR_pIAQ.1EpScmNe2z9ONeu8y9uhSOEyCBfwDH4K8JI_adM8Sf7jcqpNDlfnHWjGLHnvU; path=/; expires=Sat, 03-Jan-26 14:18:02 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":73976,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 573 x 548, 8-bit/color RGBA, non-interlaced","md5":"6640229bb909aa1ff1fed28c1780181b","sha1":"cd98a22a2e5bf5fd56303b8de374a70f116d490a","sha256":"52283e42d01c3171a6cacf4771ac7169495d1b0454e883bf3c41f814b996a96a","sha512":"f5ec28556576c49af62b2ab6c880cb3d34dd1f85df02fcc71984209a8b71594b80873fffa7b902427f3f6db2cef3ebe6aa6f1711a48c8bb8e7b6f456d477f44a","ssdeep":"1536:z/8RG4874vVig2SudTC3ygwqT977CDhbXMyIit89qLBWgqB1md8nSHf:oRG4874vV321dO3ygwqJ7khbXMnYLBWU","tlshash":"af73027a795e5d3bfe2cc9baee4ef44ecdd4105e44cf967fcba04b59882a0398528010","first_seen":"2026-01-03T13:48:39.475471Z","last_seen":"2026-04-19T17:50:37.458127Z","times_seen":2,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=AW-17685758205\u0026cx=c\u0026gtm=4e5cb0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.636Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id=AW-17685758205\u0026cx=c\u0026gtm=4e5cb0h2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\nexpires: Sat, 03 Jan 2026 13:48:02 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sat, 03 Jan 2026 12:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 131826\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":389838,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5911)","md5":"c23150971a634612254d1dfde675959b","sha1":"403221b3a2bf00559983df0c08c1275ed8e4699b","sha256":"d04e0a59c408636bd5a57d4ad1ecc77fcc66f8b2273b7df5caed7fd67dd08324","sha512":"7759b665ffeb71fa7031d5df96deeb90bfb3aefde1db53634698960cc61f060ba3f07513dd956606355ddcf57173d92534d40f0542430ac65b9191c3d5cc2846","ssdeep":"6144:f7nRtObujKYKw1U95/YeSfDHHYOyQFzfnsdRlTjQWVSACiwpN:DGbuN71cqFnsd/kWwiy","tlshash":"768429cd73c674269396a478403f118ba57b29e2b44ccc95f189cce42e74aaa4277f7c","first_seen":"2026-01-03T13:48:39.49906Z","last_seen":"2026-01-03T13:48:39.49906Z","times_seen":1,"resource_available":true,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fget.newcircle.club%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1820105640.1767448083\u0026dt=Newcircle%20Companion\u0026auid=47489981.1767448083\u0026navt=n\u0026npa=1\u0026gtm=45He5cb0h2v9224923955za200zd9224923955xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682877\u0026tft=1767448082716\u0026tfd=2815\u0026apve=1\u0026apvf=f\u0026img=1","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.925Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:31 GMT","end":"Wed, 25 Feb 2026 15:57:30 GMT"},"fingerprint":{"sha1":"68:80:26:07:1C:4F:AC:C8:FF:32:F4:DD:86:41:D6:6E:85:27:90:D4","sha256":"6D:27:81:39:F2:6D:26:4E:B8:CE:4F:0B:02:95:B6:5D:C4:E2:58:C9:A9:A0:80:1D:02:70:91:FB:E9:98:E6:8B"}}},"request":{"raw":"GET /ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fget.newcircle.club%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1820105640.1767448083\u0026dt=Newcircle%20Companion\u0026auid=47489981.1767448083\u0026navt=n\u0026npa=1\u0026gtm=45He5cb0h2v9224923955za200zd9224923955xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682877\u0026tft=1767448082716\u0026tfd=2815\u0026apve=1\u0026apvf=f\u0026img=1 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncontent-type: text/plain\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T08:03:11.41038Z","times_seen":14216150,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"m.stripe.network/out-4.5.45.js","fqdn":"m.stripe.network","domain":"stripe.network","tld":"network"},"ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://m.stripe.network/inner.html#url=https%3A%2F%2Fget.newcircle.club%2F\u0026title=Newcircle%20Companion\u0026referrer=\u0026muid=NA\u0026sid=NA\u0026version=6\u0026preview=false\u0026__shared_params__[version]=basil","date":"2026-01-03T13:48:03.541Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.stripecdn.com","organization":"Stripe, Inc"},"issuer":{"commonName":"DigiCert SHA2 Extended Validation Server CA","organization":"DigiCert Inc"},"validity":{"start":"Wed, 12 Nov 2025 00:00:00 GMT","end":"Thu, 19 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F8:3C:C3:2C:74:4E:F5:15:E6:A1:CC:F9:DE:C4:32:B7:C2:6A:86:3D","sha256":"02:06:F1:39:10:46:EE:4A:33:2F:40:73:F1:F1:40:F7:0A:E6:7A:CE:1A:11:EC:48:C4:96:EC:FC:05:E4:71:7C"}}},"request":{"raw":"GET /out-4.5.45.js HTTP/1.1\r\nHost: m.stripe.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://m.stripe.network/inner.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 14184\r\nlast-modified: Wed, 10 Sep 2025 21:05:01 GMT\r\netag: \"f4d61b273ea36d2e71ce1a601ab0caa2\"\r\ncache-control: max-age=300, public\r\ncontent-type: text/javascript; charset=utf-8\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\nvia: 1.1 varnish, 1.1 varnish\r\nserver: Fastly\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 13:48:03 GMT\r\nage: 157\r\nx-request-id: f18182c8-1c79-4def-b294-77a68b9f09f8\r\nx-served-by: cache-chi-klot8100134-CHI, cache-hel1410031-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 485361, 195\r\nx-timer: S1767448084.547423,VS0,VE0\r\nvary: Accept-Encoding, Origin\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":88737,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"f4d61b273ea36d2e71ce1a601ab0caa2","sha1":"832e652c884863f3a56a13a6a0a43fd56b5e2c85","sha256":"f2a8a36c74c59cfbe7a73d441cfd180ca6e6a9942a74ef9b240191d1c6056a59","sha512":"fe3c3e033551f745e0a8528d0afc239baf3b1045a0442aff9483a8b796ce332310de2230b6803483bd64d7cc6a0a3f420f12b95651822f7ef7687ff311845391","ssdeep":"1536:2sHx8vawlWXGzbS1iSc6q1jboAmKum7EqI47d+/:2sHx8vzWX8O1iSg1jboAmKum7Eq3p+/","tlshash":"608353c97aa6f45942f368ba802f610bf23f9d15044da041f6a1d8e17c791ed8273f6e","first_seen":"2025-09-10T21:19:46.014301Z","last_seen":"2026-04-26T08:07:32.640632Z","times_seen":67982,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-NCN7V952ZY\u0026gtm=45je5cb0h2v9224957089z89224923955za20gzb9224923955zd9224923955\u0026_p=1767448082121\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=828117441.1767448083\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938468~116184927~116184929~116251938~116251940~116682877\u0026sid=1767448082\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fget.newcircle.club%2F\u0026dt=Newcircle%20Companion\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=3105","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:03.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-NCN7V952ZY\u0026gtm=45je5cb0h2v9224957089z89224923955za20gzb9224923955zd9224923955\u0026_p=1767448082121\u0026_gaz=1\u0026gcd=13l3l3l2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=828117441.1767448083\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_s=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391253~115583767~115938466~115938468~116184927~116184929~116251938~116251940~116682877\u0026sid=1767448082\u0026sct=1\u0026seg=0\u0026dl=https%3A%2F%2Fget.newcircle.club%2F\u0026dt=Newcircle%20Companion\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026tfd=3105 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://get.newcircle.club/\r\nOrigin: https://get.newcircle.club\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://get.newcircle.club\r\ndate: Sat, 03 Jan 2026 13:48:03 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:170:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:170:0\r\nreport-to: {\"group\":\"ascnsrsggc:170:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:170:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T08:03:11.41038Z","times_seen":14216150,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":65,"dns":0,"connect":21,"send":0,"wait":33,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@100..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:00.642Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /css2?family=Inter:wght@100..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 03 Jan 2026 13:48:00 GMT\r\ndate: Sat, 03 Jan 2026 13:48:00 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2555,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"3fcf63d91b46adf99bd3db1a56530254","sha1":"62f7d93d0b191e1e8464958268f225f51dd1752d","sha256":"63867a7c4bb197935b85ada1c4bcbc95951598dfb736b24132f0a43e5e5e365c","sha512":"16d25c5cc841006ca8e86ef334efb051054257e6990275a3a0d1e25f9adc6c665b65ff9083dfc9c409d84b69365a26eb9ba875431ca75765743b70902e684d14","ssdeep":"","tlshash":"0451ab92002ba404ab931dc233cf7f3aaece50856085d2b96ffd1dc65cead66436875d","first_seen":"2025-09-10T17:57:06.167004Z","last_seen":"2026-04-26T06:31:16.164143Z","times_seen":25834,"resource_available":false,"data":null}},"time_used":327,"timings":{"blocked":138,"dns":1,"connect":27,"send":0,"wait":48,"receive":0,"ssl":110},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"get.newcircle.club/assets/index-ChrIqppa.css","fqdn":"get.newcircle.club","domain":"newcircle.club","tld":"club"},"ip":{"addr":"34.21.15.74","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:00.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"get.newcircle.club","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 18 Nov 2025 11:20:34 GMT","end":"Mon, 16 Feb 2026 11:20:33 GMT"},"fingerprint":{"sha1":"73:F9:8F:7B:A7:B4:CF:5C:11:9C:05:AA:DD:62:E8:17:BA:B1:E0:C5","sha256":"12:F4:3A:6B:EA:9D:9A:F1:9E:F6:BF:49:47:7E:1D:DF:F5:6E:74:DE:F8:C1:B9:39:B2:66:75:E6:9A:65:55:3B"}}},"request":{"raw":"GET /assets/index-ChrIqppa.css HTTP/1.1\r\nHost: get.newcircle.club\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nCookie: rw-user-id=3b985fc7-5279-46d0-a1f8-5345d5107af3; mp_f8c2282d45751a6d33bb7d8c49bd085c_mixpanel=%7B%22distinct_id%22%3A%22%24device%3A3b985fc7-5279-46d0-a1f8-5345d5107af3%22%2C%22%24device_id%22%3A%223b985fc7-5279-46d0-a1f8-5345d5107af3%22%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.22.1\r\nDate: Sat, 03 Jan 2026 13:48:00 GMT\r\nContent-Type: text/css; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0\r\nlast-modified: Tue, 30 Dec 2025 15:58:15 GMT\r\netag: W/\"d05a-19b6ffb3dd8\"\r\nx-cloud-trace-context: 2d33132a44c6b74957adf0594fc1e8ad\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Google Cloud Trace","description":"Google Cloud Trace is a distributed tracing system that collects latency data from applications and displays it in the Google Cloud Console.","website":"https://cloud.google.com/trace","common_platform_enumeration":"","icon":"google-cloud-trace.svg","categories":["Performance"]}],"data":{"size":53338,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (53337)","md5":"686bd3a50c719d283dcd350c6444f2cc","sha1":"869af8c936d54adea552dc2e9ddd375b2f5860ae","sha256":"4bb419dc73cd84bba94833bf647a65cf93e9659f518d6cf5b3ef7e5bd1c7ad73","sha512":"f06bd26ce927e5365d3606504a5f5c87102a47f33e4c4c405b005aa8be3d084c9c5db8fb92d1748558854f8ee7fb26a3892292de5f4c725e74b48bb746b5805e","ssdeep":"768:mVn39NfgVECfRBrlKJarfL7r8azIxxE/P4XJFLDVZpbA:mVn39NfgVPBrlKQL7r6xxE/2ZpbA","tlshash":"0a33a519ba19513f3c2795f5d3d8b9ed6209f0c0df3b09bafd8651209ac23f50ea6618","first_seen":"2026-01-03T13:48:39.511814Z","last_seen":"2026-01-03T13:48:39.511814Z","times_seen":1,"resource_available":false,"data":null}},"time_used":664,"timings":{"blocked":223,"dns":1,"connect":106,"send":0,"wait":212,"receive":1,"ssl":117},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"get.newcircle.club","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"js.stripe.com/basil/stripe.js","fqdn":"js.stripe.com","domain":"stripe.com","tld":"com"},"ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:01.809Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.stripecdn.com","organization":"Stripe, Inc"},"issuer":{"commonName":"DigiCert SHA2 Extended Validation Server CA","organization":"DigiCert Inc"},"validity":{"start":"Wed, 12 Nov 2025 00:00:00 GMT","end":"Thu, 19 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F8:3C:C3:2C:74:4E:F5:15:E6:A1:CC:F9:DE:C4:32:B7:C2:6A:86:3D","sha256":"02:06:F1:39:10:46:EE:4A:33:2F:40:73:F1:F1:40:F7:0A:E6:7A:CE:1A:11:EC:48:C4:96:EC:FC:05:E4:71:7C"}}},"request":{"raw":"GET /basil/stripe.js HTTP/1.1\r\nHost: js.stripe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 25 Dec 2025 01:57:11 GMT\r\netag: \"dede697bfa7a7146baef52bb7a0def78\"\r\ncontent-type: text/javascript; charset=utf-8\r\nserver: Fastly\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 13:48:01 GMT\r\nvia: 1.1 varnish\r\nage: 28\r\nx-request-id: f1e4cbe0-011a-4389-aa2c-6d2cf7809389\r\nx-served-by: cache-hel1410033-HEL\r\nx-cache: HIT\r\nx-cache-hits: 142427\r\naccess-control-allow-origin: *\r\ncache-control: max-age=120\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 212013\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":914552,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"dede697bfa7a7146baef52bb7a0def78","sha1":"da700b3213d51444ec97aacb485adfb9d316e4d8","sha256":"bace41e156f26c3a1514e28970a8c836ec4aaf862e29e2bad8889189c6c0cda9","sha512":"a73f09d1742551f693436e34529bb5a4b91edbd37210e24dd8da7824a61c9007d307186ec4dfe2a3c04e688cf0388eec6f82aa6fead988451b87f971b700c0d5","ssdeep":"12288:XoMNQ6c1objdULvSYQaEXQxZRzFsuSjLBX+D+JiP93JcIdhDRbvHadD+UA4DWs0C:XoQbdwvSlB/Jdid/ttYXG4oGBJ","tlshash":"ed152a8db5e6b02143dbb1a9607b620eb3369900250d4410f956ced92dbeedbe133f6d","first_seen":"2025-12-25T03:58:21.030236Z","last_seen":"2026-01-05T17:33:08.05099Z","times_seen":180,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":88,"dns":47,"connect":13,"send":0,"wait":14,"receive":39,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:01.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://get.newcircle.club\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 30 Dec 2025 23:36:38 GMT\r\nexpires: Wed, 30 Dec 2026 23:36:38 GMT\r\ncache-control: public, max-age=31536000\r\nage: 310284\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-04-26T08:02:51.162729Z","times_seen":155284,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":171,"dns":1,"connect":20,"send":0,"wait":24,"receive":26,"ssl":152},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp.rw.mt/lib.min.js","fqdn":"mp.rw.mt","domain":"rw.mt","tld":"mt"},"ip":{"addr":"5.161.84.106","port":443,"asn":213230,"as":"Hetzner Online GmbH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mp.rw.mt","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 14 Nov 2025 03:55:40 GMT","end":"Thu, 12 Feb 2026 03:55:39 GMT"},"fingerprint":{"sha1":"C2:67:F4:60:D1:3A:73:2A:5A:D9:19:13:1A:80:9A:D8:C3:BA:DA:87","sha256":"89:9E:F1:21:A2:FE:90:44:7A:73:1B:BE:D4:A7:54:1D:47:D3:5A:F3:20:4D:19:F5:16:5E:EF:2B:49:F9:3D:29"}}},"request":{"raw":"HEAD /lib.min.js HTTP/1.1\r\nHost: mp.rw.mt\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://get.newcircle.club/\r\nOrigin: https://get.newcircle.club\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"HEAD"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Sat, 03 Jan 2026 13:48:02 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 29341\r\nConnection: keep-alive\r\nX-GUploader-UploadID: AHVrFxMznuAsv3P_X355O13AwPKRuMbUB9cGjqp7oam1GsT6fSL1X2SqGTIktiXd1brED6b0\r\nx-goog-generation: 1766520304351021\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: gzip\r\nx-goog-stored-content-length: 29341\r\nContent-Encoding: gzip\r\nx-goog-hash: crc32c=87Ly3g==, md5=aLJTtwlewwcERc7g6p3vhw==\r\nx-goog-storage-class: MULTI_REGIONAL\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nExpires: Sat, 03 Jan 2026 13:57:32 GMT\r\nCache-Control: public,max-age=600\r\nAge: 30\r\nLast-Modified: Tue, 23 Dec 2025 20:05:04 GMT\r\nETag: \"68b253b7095ec3070445cee0ea9def87\"\r\nVary: Accept-Encoding\r\nAlt-Svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T08:03:11.41038Z","times_seen":14216150,"resource_available":true,"data":null}},"time_used":617,"timings":{"blocked":253,"dns":58,"connect":91,"send":0,"wait":106,"receive":0,"ssl":103},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mp.rw.mt/track/?ip=1\u0026_=1767448082153","fqdn":"mp.rw.mt","domain":"rw.mt","tld":"mt"},"ip":{"addr":"5.161.84.106","port":443,"asn":213230,"as":"Hetzner Online GmbH","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.187Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"mp.rw.mt","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Fri, 14 Nov 2025 03:55:40 GMT","end":"Thu, 12 Feb 2026 03:55:39 GMT"},"fingerprint":{"sha1":"C2:67:F4:60:D1:3A:73:2A:5A:D9:19:13:1A:80:9A:D8:C3:BA:DA:87","sha256":"89:9E:F1:21:A2:FE:90:44:7A:73:1B:BE:D4:A7:54:1D:47:D3:5A:F3:20:4D:19:F5:16:5E:EF:2B:49:F9:3D:29"}}},"request":{"raw":"POST /track/?ip=1\u0026_=1767448082153 HTTP/1.1\r\nHost: mp.rw.mt\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 1261\r\nOrigin: https://get.newcircle.club\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1261,"data":"data=%7B%22event%22%3A%20%22OnboardPageViewed%22%2C%22properties%22%3A%20%7B%22%24os%22%3A%20%22Windows%22%2C%22%24browser%22%3A%20%22Firefox%22%2C%22%24current_url%22%3A%20%22https%3A%2F%2Fget.newcircle.club%2F%22%2C%22%24browser_version%22%3A%20134%2C%22%24screen_height%22%3A%201024%2C%22%24screen_width%22%3A%201280%2C%22mp_lib%22%3A%20%22web%22%2C%22%24lib_version%22%3A%20%222.55.1%22%2C%22%24insert_id%22%3A%20%22j69hqbmpr3b2nblt%22%2C%22time%22%3A%201767448082.151%2C%22distinct_id%22%3A%20%22%24device%3A3b985fc7-5279-46d0-a1f8-5345d5107af3%22%2C%22%24device_id%22%3A%20%223b985fc7-5279-46d0-a1f8-5345d5107af3%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22appId%22%3A%20%22eda57eee-9eaa-4f4d-a73c-8496aa49cf29%22%2C%22appName%22%3A%20%22Newcircle%20Companion%22%2C%22flowId%22%3A%20%22642a571a-a93d-4546-a997-d453e44e0775%22%2C%22flowSlug%22%3A%20%22newcircle-companion-ccdc5%22%2C%22configId%22%3A%20%223ce613e9-1041-4a2b-9d33-460c144c4c4d%22%2C%22configSlug%22%3A%20%22newcircle-companion-ce91a%22%2C%22pageNumber%22%3A%201%2C%22pageStepIndex%22%3A%201%2C%22pageScreenIndex%22%3A%201%2C%22pageScreenCopyIndex%22%3A%200%2C%22token%22%3A%20%22f8c2282d45751a6d33bb7d8c49bd085c%22%7D%7D"}},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Sat, 03 Jan 2026 13:48:02 GMT\r\nContent-Type: application/json\r\nContent-Length: 1\r\nConnection: keep-alive\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: X-Requested-With, Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: https://get.newcircle.club\r\naccess-control-expose-headers: X-MP-CE-Backoff\r\naccess-control-max-age: 1728000\r\ncache-control: no-cache, no-store\r\nstrict-transport-security: max-age=604800; includeSubDomains\r\nx-envoy-upstream-service-time: 32\r\nVia: 1.1 google\r\nAlt-Svc: clear\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":1,"size_decoded":0,"mime_type":"application/json","magic":"very short file (no magic)","md5":"c4ca4238a0b923820dcc509a6f75849b","sha1":"356a192b7913b04c54574d18c28d46e6395428ab","sha256":"6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b","sha512":"4dff4ea340f0a823f15d3f4f01ab62eae0e5da579ccb851f8db9dfe84c58b2b37b89903a740e1ee172da793a6e79d560e5f7f9bd058a12a280433ed6fa46510a","ssdeep":"","tlshash":"c70000000c000000c00000300000000000000000000000000000000000000000000030","first_seen":"2023-03-07T01:10:09Z","last_seen":"2026-04-26T07:59:59.205289Z","times_seen":107561,"resource_available":true,"data":null}},"time_used":570,"timings":{"blocked":205,"dns":2,"connect":93,"send":0,"wait":160,"receive":0,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"runwayer.ams3.cdn.digitaloceanspaces.com/images/Newcircle/female%20icon.webp","fqdn":"runwayer.ams3.cdn.digitaloceanspaces.com","domain":"ams3.cdn.digitaloceanspaces.com","tld":"cdn.digitaloceanspaces.com"},"ip":{"addr":"104.18.42.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ams3.cdn.digitaloceanspaces.com","organization":"DigitalOcean, LLC"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 23 Apr 2025 00:00:00 GMT","end":"Sat, 09 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:4B:DE:6C:17:96:2C:B9:1D:74:BE:4A:75:68:14:BD:01:62:61:1E","sha256":"19:BC:83:28:5B:69:9B:38:61:88:D1:40:B2:49:57:22:C1:24:E1:84:EA:DD:6D:B0:19:E4:93:AB:2B:5D:0C:B1"}}},"request":{"raw":"GET /images/Newcircle/female%20icon.webp HTTP/1.1\r\nHost: runwayer.ams3.cdn.digitaloceanspaces.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21334\r\ncf-ray: 9b82f391b97e5ebd-OSL\r\naccept-ranges: bytes\r\nlast-modified: Tue, 14 Oct 2025 09:43:06 GMT\r\nx-rgw-object-type: Normal\r\netag: \"98add4abdda6034a2482b2e708ce9bb6\"\r\nx-amz-request-id: tx00000448a1680796f8f8b-00690d0d69-b7d03800-ams3c\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-do-cdn-uuid: be0a6ef8-cc8a-4bb5-a5ae-4ea0ea4016e1\r\ncache-control: max-age=3600\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=l8Lual9S.Af9pQGGSGZAIV6QRF6LMXuIN7Kz95g5PH8-1767448082-1.0.1.1-AKOO1zRKxMQSKaV1v5Y2IJwTF07t_QbEy2H7fpnaYdjIj.OQTzD0i2qrH5yAJgguEWA7KyGi8OqG1KgEK830Rao2p6ZqGrY6PqQvD9clLSI; path=/; expires=Sat, 03-Jan-26 14:18:02 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21334,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"98add4abdda6034a2482b2e708ce9bb6","sha1":"80de81a2466bafd826fcfbfb2850654c30790961","sha256":"f4516d79812c2b870849649faaa5fd9591438cb5ff74676adb3d6ff9fa149275","sha512":"3a6602137322102e519b5590b5c590f1af70be8e6a31325714d76f51ea8822027da0a8b631ad4dfb1d4414906b09579a96fc7509753b4d314340f2ab473ec525","ssdeep":"384:BGFah5X7IeQyKv2cUuVUxI274Jt37JQgDY2KIDtLiSiEc76ygIN6DWtppT7HrU:YFazIeQyRQUC274739QgEvKfu6Lqp1Y","tlshash":"4da2e11f242e583e5741fa2e9010e7ff0e9addcf8e16ab762e08004899545e0da77b36","first_seen":"2026-01-03T13:48:39.531728Z","last_seen":"2026-04-19T17:50:37.47308Z","times_seen":2,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":41,"dns":27,"connect":4,"send":0,"wait":60,"receive":2,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-NCN7V952ZY\u0026cx=c\u0026gtm=4e5cb0h2","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id=G-NCN7V952ZY\u0026cx=c\u0026gtm=4e5cb0h2 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\nexpires: Sat, 03 Jan 2026 13:48:02 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 148876\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":452107,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"a52ef6dba460860974c733a08c33b377","sha1":"9d5bb4acced2b8a3ce49d18c25507ec313802541","sha256":"a4e1ee60cc7e1db73a207a6f0da46f72067005bcd6e48eed4b4e94c6b964f7b7","sha512":"36d225b9151390e790e679e1fba1da6eb576f9de4da2c15529ad856b859e3270e6fabd63f8ed7fe5cb38339a4a65c13fc664291f1b8e0ff05e3c6b42c333ef12","ssdeep":"6144:Tu7nTmlObujKYKb1U95/YeSfDHHYOyQFzvnsGOb7WVSzyjaJd/EPD5i:ITpbuNm1cqVnspW6PEU","tlshash":"e7a4088e73c670269396f478503f11cba9bb29e2a45cc89ab1c9ccf02d7459a4167f7c","first_seen":"2026-01-03T13:48:39.537049Z","last_seen":"2026-01-03T13:48:39.537049Z","times_seen":1,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"runwayer.ams3.cdn.digitaloceanspaces.com/images/Newcircle/male%20icon.webp","fqdn":"runwayer.ams3.cdn.digitaloceanspaces.com","domain":"ams3.cdn.digitaloceanspaces.com","tld":"cdn.digitaloceanspaces.com"},"ip":{"addr":"104.18.42.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ams3.cdn.digitaloceanspaces.com","organization":"DigitalOcean, LLC"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 23 Apr 2025 00:00:00 GMT","end":"Sat, 09 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:4B:DE:6C:17:96:2C:B9:1D:74:BE:4A:75:68:14:BD:01:62:61:1E","sha256":"19:BC:83:28:5B:69:9B:38:61:88:D1:40:B2:49:57:22:C1:24:E1:84:EA:DD:6D:B0:19:E4:93:AB:2B:5D:0C:B1"}}},"request":{"raw":"GET /images/Newcircle/male%20icon.webp HTTP/1.1\r\nHost: runwayer.ams3.cdn.digitaloceanspaces.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21342\r\ncf-ray: 9b82f391b9885ebd-OSL\r\naccept-ranges: bytes\r\nlast-modified: Tue, 14 Oct 2025 09:43:14 GMT\r\nx-rgw-object-type: Normal\r\netag: \"fe87ead30e1723a76417e5fa9a5abbcf\"\r\nx-amz-request-id: tx00000196bd43b06c5e5c7-0068f401d1-aee8a5e1-ams3c\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-do-cdn-uuid: be0a6ef8-cc8a-4bb5-a5ae-4ea0ea4016e1\r\ncache-control: max-age=3600\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=sz2eZxOQzbZrW7qow1mNzIUEUiKArnRv20lfGxZz1Kk-1767448082-1.0.1.1-mU9K804m3j9HQc2nl1wrFMbnWC2EOaGcVmxILSH8PudZnFmgAd0grionTQbxvf4GXAT7fgRl.Anym.aSmKbbzK1OhZXFKNiDyR_NkMzyQe8; path=/; expires=Sat, 03-Jan-26 14:18:02 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21342,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1024x1024, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"fe87ead30e1723a76417e5fa9a5abbcf","sha1":"43e643f9ddff737f6369ec057eccccf9827425c2","sha256":"e405140795dfb920cbbf7ffabc5449cdcb7c4a9620cf04aad27c52b386614e9a","sha512":"3d9beccc346f537801e5d283232aec1cde219baf0e9af436437c692a1b4f9a994bfc673373b5bf0816260386f74d8c2909bf0a963250d906fe1d63619687ce9c","ssdeep":"384:zxxAke5NKYgwdNJWAtQuSU6ldAWyUk1/ppagZfIP8YIBmWm4SBhYx4PdZk5f6b52:DAkenKYzq639/DjyjGmZhU4VZN5IJd","tlshash":"f0a2e1f514ee2e7a05711019317839b0b6a3ac2eda156c8fca5ccbdf5a6847709ca1bc","first_seen":"2026-01-03T13:48:39.542587Z","last_seen":"2026-04-19T17:50:37.453816Z","times_seen":2,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":52,"dns":31,"connect":6,"send":0,"wait":46,"receive":2,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"runwayer.ams3.cdn.digitaloceanspaces.com/images/Newcircle/logo.png","fqdn":"runwayer.ams3.cdn.digitaloceanspaces.com","domain":"ams3.cdn.digitaloceanspaces.com","tld":"cdn.digitaloceanspaces.com"},"ip":{"addr":"104.18.42.227","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ams3.cdn.digitaloceanspaces.com","organization":"DigitalOcean, LLC"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Wed, 23 Apr 2025 00:00:00 GMT","end":"Sat, 09 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5A:4B:DE:6C:17:96:2C:B9:1D:74:BE:4A:75:68:14:BD:01:62:61:1E","sha256":"19:BC:83:28:5B:69:9B:38:61:88:D1:40:B2:49:57:22:C1:24:E1:84:EA:DD:6D:B0:19:E4:93:AB:2B:5D:0C:B1"}}},"request":{"raw":"GET /images/Newcircle/logo.png HTTP/1.1\r\nHost: runwayer.ams3.cdn.digitaloceanspaces.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 73976\r\ncf-ray: 9b82f391a9765ebd-OSL\r\nlast-modified: Wed, 27 Aug 2025 11:07:24 GMT\r\nx-rgw-object-type: Normal\r\netag: \"6640229bb909aa1ff1fed28c1780181b\"\r\nx-amz-request-id: tx0000000138859046b3674-0068aee6fb-ae51fe12-ams3c\r\nvary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nx-do-cdn-uuid: be0a6ef8-cc8a-4bb5-a5ae-4ea0ea4016e1\r\ncache-control: max-age=3600\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nset-cookie: __cf_bm=0Tr9qhy1mOQ4AJLeWPhTeM0TnC36a8bmpBZY4MfOqAs-1767448082-1.0.1.1-ByDspPfcPakx1PTtUkSk6_5LWmddowdVY.SuQNtr3ljr4VtD9FBDsfXiY0qpwo8gzpTK_TxdgLJZY.uu.FdYbDe_0ZBy.BmnMZlD1dGhybQ; path=/; expires=Sat, 03-Jan-26 14:18:02 GMT; domain=.digitaloceanspaces.com; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":73976,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 573 x 548, 8-bit/color RGBA, non-interlaced","md5":"6640229bb909aa1ff1fed28c1780181b","sha1":"cd98a22a2e5bf5fd56303b8de374a70f116d490a","sha256":"52283e42d01c3171a6cacf4771ac7169495d1b0454e883bf3c41f814b996a96a","sha512":"f5ec28556576c49af62b2ab6c880cb3d34dd1f85df02fcc71984209a8b71594b80873fffa7b902427f3f6db2cef3ebe6aa6f1711a48c8bb8e7b6f456d477f44a","ssdeep":"1536:z/8RG4874vVig2SudTC3ygwqT977CDhbXMyIit89qLBWgqB1md8nSHf:oRG4874vV321dO3ygwqJ7khbXMnYLBWU","tlshash":"af73027a795e5d3bfe2cc9baee4ef44ecdd4105e44cf967fcba04b59882a0398528010","first_seen":"2026-01-03T13:48:39.475471Z","last_seen":"2026-04-19T17:50:37.458127Z","times_seen":2,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":48,"dns":28,"connect":2,"send":0,"wait":81,"receive":3,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fget.newcircle.club%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1820105640.1767448083\u0026dt=Newcircle%20Companion\u0026auid=47489981.1767448083\u0026navt=n\u0026npa=1\u0026gtm=45He5cb0h2v9224923955za200zd9224923955xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682877\u0026tft=1767448082716\u0026tfd=2815\u0026apve=1\u0026apvf=f","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:02.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:31 GMT","end":"Wed, 25 Feb 2026 15:57:30 GMT"},"fingerprint":{"sha1":"68:80:26:07:1C:4F:AC:C8:FF:32:F4:DD:86:41:D6:6E:85:27:90:D4","sha256":"6D:27:81:39:F2:6D:26:4E:B8:CE:4F:0B:02:95:B6:5D:C4:E2:58:C9:A9:A0:80:1D:02:70:91:FB:E9:98:E6:8B"}}},"request":{"raw":"POST /ccm/collect?frm=0\u0026en=page_view\u0026dl=https%3A%2F%2Fget.newcircle.club%2F\u0026scrsrc=www.googletagmanager.com\u0026rnd=1820105640.1767448083\u0026dt=Newcircle%20Companion\u0026auid=47489981.1767448083\u0026navt=n\u0026npa=1\u0026gtm=45He5cb0h2v9224923955za200zd9224923955xea\u0026gcd=13l3l3l2l1l1\u0026dma_cps=syphamo\u0026dma=1\u0026tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105391252~115583767~115938466~115938469~116184927~116184929~116251938~116251940~116682877\u0026tft=1767448082716\u0026tfd=2815\u0026apve=1\u0026apvf=f HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://get.newcircle.club/\r\nOrigin: https://get.newcircle.club\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\npragma: no-cache\r\ndate: Sat, 03 Jan 2026 13:48:02 GMT\r\nvary: Origin, X-Origin, Referer\r\nserver: scaffolding on HTTPServer2\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\naccess-control-allow-origin: https://get.newcircle.club\r\naccess-control-expose-headers: date,vary,vary,vary,server,content-length\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-26T08:03:11.41038Z","times_seen":14216150,"resource_available":true,"data":null}},"time_used":292,"timings":{"blocked":131,"dns":0,"connect":15,"send":0,"wait":30,"receive":0,"ssl":112},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html#url=https%3A%2F%2Fget.newcircle.club%2F\u0026title=Newcircle%20Companion\u0026referrer=\u0026muid=NA\u0026sid=NA\u0026version=6\u0026preview=false\u0026__shared_params__[version]=basil","fqdn":"js.stripe.com","domain":"stripe.com","tld":"com"},"ip":{"addr":"151.101.0.176","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://get.newcircle.club/","date":"2026-01-03T13:48:03.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"a.stripecdn.com","organization":"Stripe, Inc"},"issuer":{"commonName":"DigiCert SHA2 Extended Validation Server CA","organization":"DigiCert Inc"},"validity":{"start":"Wed, 12 Nov 2025 00:00:00 GMT","end":"Thu, 19 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F8:3C:C3:2C:74:4E:F5:15:E6:A1:CC:F9:DE:C4:32:B7:C2:6A:86:3D","sha256":"02:06:F1:39:10:46:EE:4A:33:2F:40:73:F1:F1:40:F7:0A:E6:7A:CE:1A:11:EC:48:C4:96:EC:FC:05:E4:71:7C"}}},"request":{"raw":"GET /v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html HTTP/1.1\r\nHost: js.stripe.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://get.newcircle.club/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 154\r\nlast-modified: Fri, 11 Nov 2022 20:25:37 GMT\r\netag: \"3437aaddcdf6922d623e172c2d6f9278\"\r\ncontent-type: text/html; charset=utf-8\r\nserver: Fastly\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 03 Jan 2026 13:48:03 GMT\r\nvia: 1.1 varnish\r\nage: 2723510\r\nx-request-id: b13a86fc-8495-48f4-b6c9-b2e07f2b3b47\r\nx-served-by: cache-hel1410031-HEL\r\nx-cache: HIT\r\nx-cache-hits: 386685\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31536000\r\ncontent-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report\r\ncontent-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nx-content-type-options: nosniff\r\ntiming-allow-origin: *\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Stripe","description":"Stripe offers online payment processing for internet businesses as well as fraud prevention, invoicing and subscription management.","website":"https://stripe.com","common_platform_enumeration":"","icon":"Stripe.svg","categories":["Payment processors"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":200,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"3437aaddcdf6922d623e172c2d6f9278","sha1":"f69066cf20141ac93418102d3eee7c0225b8a623","sha256":"35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb","sha512":"2dae5c5c30c6a0e763d8128f2ce1d467ead432e582ab4ebb68e23991db08f57490abc0eed805fd33fab5503c1737d9d47d4cc1090ae15d7391593fbb295d66e7","ssdeep":"","tlshash":"c3d022e78c3100048ae87b844c52a30c0c09f51a3c528c522ef638b424c2b934c1a6c0","first_seen":"2023-12-22T02:11:13Z","last_seen":"2026-04-26T08:07:32.669371Z","times_seen":87193,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}