{"report_id":"740ac7b1-9adb-4786-b201-97805aee692b","version":0,"status":"done","tags":[],"date":"2026-07-02T13:04:05Z","url":{"schema":"http","addr":"processhacker.org","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"processhacker.org/","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"title":"Process Hacker - Advanced System Monitor \u0026 Task Manager for Windows","dom":{"size":137678,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (334)","md5":"d1b45f88235b792fee6ccc8b46905ad9","sha1":"163393003f7d418a25c01bd1088751ecb0270b29","sha256":"10de4eed0b4cf9829ab35af62005fd68cd4c17bf5c55d80b19754fee79bdd11b","sha512":"ec499f9efaca0e270f6fa42afba1323c448e76cf9fffadf2c65f1a985ce92e12bb92bb00fe728b51c02dd75b5268e3d86c980b1d83bcb89a36b80b586ed31303","ssdeep":"3072:UPqnshbqv+mA9JoZH7OQNl84hFRNU3o5CMx73XcGhw:UPqnshbqv+mA9JoZH7OQNl84hFRNU3oS","tlshash":"43d37474b2f190767c63a2f5a3de211dbe39d05bdd2a8d9879dc41109fd26fa8d83a00","dom_hash":"domhash3c3c6629ecc74b5648a9dfff9d9a2d4d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"processhacker.org","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-06T13:04:05Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-06-28T22:47:06.167692Z","alert_count":0,"request_count":1,"received_data":277402,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"processhacker.org","ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-12-30","domain_rank":0,"first_seen":"2026-02-11T21:37:07.908272Z","last_seen":"2026-02-11T21:37:07.908272Z","alert_count":18,"request_count":6,"received_data":158096,"sent_data":3003,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-06-28T22:30:22.905773Z","alert_count":0,"request_count":1,"received_data":485934,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"processhacker.org/","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"ef470461a4ab1a1e9c5d6cec0649c595","sha1":"9589066d6e71bafa5f0b370e1602415f9d8f6ac1","sha256":"e600968eccf45735fb4c7fefcdcbe7794506f84e370f70110bca4c17d940c109","sha512":"976ccb2f1fd57f55433e17709b023ae8c7e39f0ed5e21b06d68eacc8ecd3707f3f2ea7d990b29c568bac7b7b77c57307e9f7a545f9e84ac4da4d20fd4c386248","ssdeep":"","tlshash":"8bc02b8c220b1c7051eb2f010f7fb200b0953203acd05932780f73044f21e03d744864","size":161,"data":"","first_seen":"2026-07-02T13:04:11.314852Z","last_seen":"2026-07-02T13:04:11.314852Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.org/","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f069a83fa0551134f1aff81d6e66894b","sha1":"8b01acb3d6f96f59f7284b69a3847e0d80f62396","sha256":"9657ed9f4c5f9326d608c8e3f4a22c66c7c524f59b8f4a5ddf94e7619c624c94","sha512":"3adbde82319f9d6f6a9f8e3bf2b56636951ad7ae8637920b04b96052bcf73f78359ef7bdab29745243ba15bc722b2573d83fa3c5718e51f1999a9ef6af032c72","ssdeep":"","tlshash":"46e0722a30d2503a43b348b633b7810a2122270bc49e8b22ba6fcc961f24ca5040650c","size":319,"data":"","first_seen":"2026-07-02T13:04:11.31565Z","last_seen":"2026-07-02T13:04:11.31565Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","size":276272,"data":"","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-03T03:09:44.104071Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.org/js/language-switcher.js","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"abba9e7b3240cc28dabebd28e059f059","sha1":"ff952fb2d35f3dda31bc4ce75da896aeb27f716a","sha256":"08b335a501f66232592b81a5e2841628c2c1668a5ed56f63c2670de01284fbd7","sha512":"0c668d4297f43046662bc4754512b516fbc6a4c97bfaa35905224e5f8d9dc6db6357d8d2a3f1ccb3898bd28dc287d0927ce9a5652db43d7971eb739d9ea4c8be","ssdeep":"48:2hrLH9kXiDbXVYZ5wVN0eXlHdP/xwI1bIYCu0uabWQUgxxnjpjWBLLEM2hTeL+jD:2l+inVYvWNhuv0sxdM2hpj9d","tlshash":"8bb1872e94910239d1732338a79a3929f83602b7320589853bbde645ffb7c14c563ee9","size":5106,"data":"","first_seen":"2026-07-02T13:04:11.312457Z","last_seen":"2026-07-02T13:04:11.312457Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-XF8WS63W33","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7c02ad91c8f84f95b2ab14d6d6cc13c5","sha1":"b8aafeb9c730edf49c3fbbc4fc16f9b3ebdf84e3","sha256":"be03d00cfa8a7a291c62ca57e31e7616daf415350ed2a9e14d78723326103f38","sha512":"40d8632bcb04097e79db819008ade7656a1f9d5221687decdc37a2bfa676d046935e916c7bf674ac4247d9db03c5138b808f0c6cb6ec39d2b61a011a2fe8311e","ssdeep":"6144:XLactCn0dF5iqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:baczFY0AQQUpEZEni","tlshash":"4da4f8cdb3d674265396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","size":485330,"data":"","first_seen":"2026-07-02T13:04:11.311511Z","last_seen":"2026-07-02T13:04:11.311511Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"processhacker.org/images/icon.webp","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.org/","date":"2026-07-02T13:03:42.971Z","timestamp":1782997422971,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 20:50:46 GMT","end":"Sun, 23 Aug 2026 20:50:45 GMT"},"fingerprint":{"sha1":"C8:F7:86:4F:41:FE:9D:2A:CA:86:B8:D6:F5:97:89:92:9C:6A:C1:B8","sha256":"F0:A2:14:90:E1:01:EB:4D:50:60:03:5B:2D:D8:77:E3:56:81:9D:6A:D3:C7:FE:D7:DB:09:87:6B:7D:8A:21:DA"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: processhacker.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:03:42 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:36 GMT\r\netag: \"69eeff44-bac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j%2B1LL396BmU%2FiigzFjzaGfJQTJCzK5ffOHA50xXl1Sf1VSuJ5UJ2tXXtiX2P5rcPqjfeoOgr9UWjdSxsZRZy2IOMzyFehgeo5Ioyy23snSevcNkIMIyzDKhtkImIDQOvUpEtLA%3D%3D\"}]}\r\ncf-ray: a14dda259a1e0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 2988\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2988,"size_decoded":3735,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6cc17108c34feb90a0ff945e24270f1a","sha1":"1ca994b7ba99822ff436183f016e3b5105ed9138","sha256":"275afb29e8ab872dca2a4d22021a5deb400049d3bc39a1d0ccf47f91d4c87927","sha512":"d7c6dc1dba3c3d53e690ab63c00cc1e18687955058a1b7910d45e49ac38d020134c601add3b432a53dc01dbeba5c443f384bb381b4cb14470d2e1d684fa7ac1c","ssdeep":"","tlshash":"45514caded35dd8bd67a913f4caf77739bf8a0280281648b81bac8099644a63d1d3c04","first_seen":"2026-07-02T12:49:13.492683Z","last_seen":"2026-07-02T13:53:26.324647Z","times_seen":4,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.org/images/icon.webp","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.org/","date":"2026-07-02T13:03:42.973Z","timestamp":1782997422973,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 20:50:46 GMT","end":"Sun, 23 Aug 2026 20:50:45 GMT"},"fingerprint":{"sha1":"C8:F7:86:4F:41:FE:9D:2A:CA:86:B8:D6:F5:97:89:92:9C:6A:C1:B8","sha256":"F0:A2:14:90:E1:01:EB:4D:50:60:03:5B:2D:D8:77:E3:56:81:9D:6A:D3:C7:FE:D7:DB:09:87:6B:7D:8A:21:DA"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: processhacker.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:03:42 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:36 GMT\r\netag: \"69eeff44-bac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VjAXVZbHgUsdx0ei73%2BsNEQFuZSoTTG%2B6BaJ2Pp3hxPy%2BhTFVSC%2FcAxuB4DNyXiuriXL02c%2BQDPtsOgw5eQmHjWiJIXAm3HgTXZn2axnvM%2FTFkBKxqC%2FC%2BslOP3HA%2FKZICSljQ%3D%3D\"}]}\r\ncf-ray: a14dda259a1f0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 2988\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2988,"size_decoded":3749,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6cc17108c34feb90a0ff945e24270f1a","sha1":"1ca994b7ba99822ff436183f016e3b5105ed9138","sha256":"275afb29e8ab872dca2a4d22021a5deb400049d3bc39a1d0ccf47f91d4c87927","sha512":"d7c6dc1dba3c3d53e690ab63c00cc1e18687955058a1b7910d45e49ac38d020134c601add3b432a53dc01dbeba5c443f384bb381b4cb14470d2e1d684fa7ac1c","ssdeep":"","tlshash":"45514caded35dd8bd67a913f4caf77739bf8a0280281648b81bac8099644a63d1d3c04","first_seen":"2026-07-02T12:49:13.492683Z","last_seen":"2026-07-02T13:53:26.324647Z","times_seen":4,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.org/","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-02T13:03:41.847Z","timestamp":1782997421847,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 20:50:46 GMT","end":"Sun, 23 Aug 2026 20:50:45 GMT"},"fingerprint":{"sha1":"C8:F7:86:4F:41:FE:9D:2A:CA:86:B8:D6:F5:97:89:92:9C:6A:C1:B8","sha256":"F0:A2:14:90:E1:01:EB:4D:50:60:03:5B:2D:D8:77:E3:56:81:9D:6A:D3:C7:FE:D7:DB:09:87:6B:7D:8A:21:DA"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: processhacker.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 02 Jul 2026 13:03:42 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Apr 2026 06:16:36 GMT\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BC4ASSzZQJJUQ7n0YQicIHRZCT0pv7poz07GNBPqSq1td3%2BEHdkiRwznl%2Bg%2FYAQ4nwYCnGr%2BGJPUNXlEtv1qbP6NqxZsJKMedBKLvYGpmMCJS0RMBt8W%2B95OIsidzRlPZANKQA%3D%3D\"}]}\r\nstrict-transport-security: max-age=31536000\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: zstd\r\ncf-ray: a14dda1f2fe30b69-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":74109,"size_decoded":13720,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (594)","md5":"3e89941bc9cb354f27fea34abbce38f2","sha1":"577b0e7540cfdede82d4230c7e2d48adf7a46834","sha256":"5f8946079ba96d06ccb3b12b5d5a27c8092df55ffb6521c77ed1336b1eb211b3","sha512":"aabb53e5364fc9446ed8e77a73c5c51fdf354dc9a7b2d61b5c80a1c08974548add0224ef30646743937e2acf3b35f7b52241c541d94d4f9440f53f7b8ea8934b","ssdeep":"768:tkw9R+zMrumhjbG47EtvN3hf73XcG171vm15rb4tDsjb:NbtuA/4tFx73XcG171PpI","tlshash":"9473a732a3f4056e11c341f6f7a63b7a5eacc55be617489872bc81649fc3c4acb532a4","first_seen":"2026-07-02T13:04:11.310574Z","last_seen":"2026-07-02T13:04:11.310574Z","times_seen":1,"resource_available":true,"data":null}},"time_used":258,"timings":{"blocked":-1,"dns":70,"connect":1,"send":0,"wait":165,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-XF8WS63W33","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://processhacker.org/","date":"2026-07-02T13:03:42.577Z","timestamp":1782997422577,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:39:04 GMT","end":"Mon, 07 Sep 2026 08:39:03 GMT"},"fingerprint":{"sha1":"6D:E4:85:F4:01:A4:0B:02:E0:64:E2:F2:58:93:6D:3F:4C:AB:30:9D","sha256":"4A:07:79:34:AC:03:17:68:07:4A:CB:68:23:A7:E3:14:B2:DE:22:3C:E1:AE:8D:F5:2F:2E:2D:C6:28:58:47:CE"}}},"request":{"raw":"GET /gtag/js?id=G-XF8WS63W33 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Jul 2026 13:03:42 GMT\r\nexpires: Thu, 02 Jul 2026 13:03:42 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 165029\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":485330,"size_decoded":165633,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"7c02ad91c8f84f95b2ab14d6d6cc13c5","sha1":"b8aafeb9c730edf49c3fbbc4fc16f9b3ebdf84e3","sha256":"be03d00cfa8a7a291c62ca57e31e7616daf415350ed2a9e14d78723326103f38","sha512":"40d8632bcb04097e79db819008ade7656a1f9d5221687decdc37a2bfa676d046935e916c7bf674ac4247d9db03c5138b808f0c6cb6ec39d2b61a011a2fe8311e","ssdeep":"6144:XLactCn0dF5iqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:baczFY0AQQUpEZEni","tlshash":"4da4f8cdb3d674265396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","first_seen":"2026-07-02T13:04:11.311511Z","last_seen":"2026-07-02T13:04:11.311511Z","times_seen":1,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":2,"connect":14,"send":0,"wait":41,"receive":45,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.org/js/language-switcher.js","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://processhacker.org/","date":"2026-07-02T13:03:42.582Z","timestamp":1782997422582,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 20:50:46 GMT","end":"Sun, 23 Aug 2026 20:50:45 GMT"},"fingerprint":{"sha1":"C8:F7:86:4F:41:FE:9D:2A:CA:86:B8:D6:F5:97:89:92:9C:6A:C1:B8","sha256":"F0:A2:14:90:E1:01:EB:4D:50:60:03:5B:2D:D8:77:E3:56:81:9D:6A:D3:C7:FE:D7:DB:09:87:6B:7D:8A:21:DA"}}},"request":{"raw":"GET /js/language-switcher.js HTTP/1.1\r\nHost: processhacker.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:03:42 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 24 May 2026 17:09:50 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1330de-13f2\"\r\nexpires: Fri, 03 Jul 2026 01:03:42 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZWlA2x0hmWTGQ348hX%2FrMHjPvZQQcr5jnAiADnJyzVdLvFyPZ6KZazWiTJ4oSAN9DDJDGjyzZtPd8JnO8tf%2B4jzD3Cu0KKtBytPo%2BQOfCxCy1Jpaf07pFxZObQWPfvsqaXsYxQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a14dda2329f90afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5106,"size_decoded":2560,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"abba9e7b3240cc28dabebd28e059f059","sha1":"ff952fb2d35f3dda31bc4ce75da896aeb27f716a","sha256":"08b335a501f66232592b81a5e2841628c2c1668a5ed56f63c2670de01284fbd7","sha512":"0c668d4297f43046662bc4754512b516fbc6a4c97bfaa35905224e5f8d9dc6db6357d8d2a3f1ccb3898bd28dc287d0927ce9a5652db43d7971eb739d9ea4c8be","ssdeep":"48:2hrLH9kXiDbXVYZ5wVN0eXlHdP/xwI1bIYCu0uabWQUgxxnjpjWBLLEM2hTeL+jD:2l+inVYvWNhuv0sxdM2hpj9d","tlshash":"8bb1872e94910239d1732338a79a3929f83602b7320589853bbde645ffb7c14c563ee9","first_seen":"2026-07-02T13:04:11.312457Z","last_seen":"2026-07-02T13:04:11.312457Z","times_seen":1,"resource_available":true,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.org/images/icon.webp","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.org/","date":"2026-07-02T13:03:42.595Z","timestamp":1782997422595,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 20:50:46 GMT","end":"Sun, 23 Aug 2026 20:50:45 GMT"},"fingerprint":{"sha1":"C8:F7:86:4F:41:FE:9D:2A:CA:86:B8:D6:F5:97:89:92:9C:6A:C1:B8","sha256":"F0:A2:14:90:E1:01:EB:4D:50:60:03:5B:2D:D8:77:E3:56:81:9D:6A:D3:C7:FE:D7:DB:09:87:6B:7D:8A:21:DA"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: processhacker.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:03:42 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:36 GMT\r\netag: \"69eeff44-bac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GLT2InKtP5LQWE%2Bnc9zDEtiDxX%2FIGHrXarwQc1Oevfv9WhN%2BOwYO3oWM0%2Br5CPvt%2FoNf6TaBJMOHW1POOm0cUQi5g3Ytt0ncZ1cMAkSgWRQniMu5BPOjEnFmXpdlrDuTRvUKgQ%3D%3D\"}]}\r\ncf-ray: a14dda2339fd0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 2988\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2988,"size_decoded":3731,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6cc17108c34feb90a0ff945e24270f1a","sha1":"1ca994b7ba99822ff436183f016e3b5105ed9138","sha256":"275afb29e8ab872dca2a4d22021a5deb400049d3bc39a1d0ccf47f91d4c87927","sha512":"d7c6dc1dba3c3d53e690ab63c00cc1e18687955058a1b7910d45e49ac38d020134c601add3b432a53dc01dbeba5c443f384bb381b4cb14470d2e1d684fa7ac1c","ssdeep":"","tlshash":"45514caded35dd8bd67a913f4caf77739bf8a0280281648b81bac8099644a63d1d3c04","first_seen":"2026-07-02T12:49:13.492683Z","last_seen":"2026-07-02T13:53:26.324647Z","times_seen":4,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.207.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://processhacker.org/","date":"2026-07-02T13:03:42.580Z","timestamp":1782997422580,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/@tailwindcss/browser@4 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 02 Jul 2026 13:03:42 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 68133\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 4.3.2\r\nx-jsd-version-type: version\r\netag: W/\"43730-cv+oV5vtIBy0YKTZKfkeYqCKtgY\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230233-FRA, cache-bma-essb1270054-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 34812\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QH1vKi7HjNcv1axiWfTSPSronmavso3k6dIJ42xZnYvm1%2Fc%2B0ZAhpGswrBOucEnv6h6zvRc17YT%2BTyAVVMRpi26CTdSXvs3XGARK9IjXJeY2l1fXQPT2LkMAv8aH9gXxe0U%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a14dda233b591a30-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":276272,"size_decoded":69263,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65267)","md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-03T03:09:44.104071Z","times_seen":33,"resource_available":true,"data":null}},"time_used":21,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":6,"receive":2,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.org/images/ProcessHacker1.png","fqdn":"processhacker.org","domain":"processhacker.org","tld":"org"},"ip":{"addr":"172.67.207.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://processhacker.org/","date":"2026-07-02T13:03:42.855Z","timestamp":1782997422855,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 20:50:46 GMT","end":"Sun, 23 Aug 2026 20:50:45 GMT"},"fingerprint":{"sha1":"C8:F7:86:4F:41:FE:9D:2A:CA:86:B8:D6:F5:97:89:92:9C:6A:C1:B8","sha256":"F0:A2:14:90:E1:01:EB:4D:50:60:03:5B:2D:D8:77:E3:56:81:9D:6A:D3:C7:FE:D7:DB:09:87:6B:7D:8A:21:DA"}}},"request":{"raw":"GET /images/ProcessHacker1.png HTTP/1.1\r\nHost: processhacker.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:03:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:36 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff44-ff80\"\r\nexpires: Sat, 01 Aug 2026 13:03:42 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XtjgWf3yi%2F2TiEdtzKXLqZViy4PaTOrB7XdFPCDDqg%2BvCjfEF7xZnrtdDCbQNU5RNyoVaFZj7lL1AiaQFEvVX6RKMXXpjiK1O8qORtzqgzcGY4uu3CY72CKe1TUJFb7KmNBSgg%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14dda24da0c0afe-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65408,"size_decoded":59653,"mime_type":"image/png","magic":"PNG image data, 1141 x 707, 8-bit/color RGB, non-interlaced","md5":"3798fdfc8b6f8299fb62b5abdc8e902d","sha1":"3cb5f9513353938fc78dbb47b5fdc91eb7c39306","sha256":"5a24fa59a77ad8b6af7af98f67a78d6c3d38ecd3fe2fc7e1a32a0fdf21a51792","sha512":"dc15378b86008ba8ed378ed23cee28e18925eb21a8625ce4e04ac1facf9115d8253fbb95920b1d8d10567f8f6fec32858337358e99eb03c3014266d3300342a4","ssdeep":"1536:WC6ym15N0EjQoM8cCyECIpR2TiB4ce3hyfhvI9cOOx5mw+WpSA:WKo5eEN2CdC02sK3MiOxkw+Wpt","tlshash":"bf53e14d89eb4268ecc89433b6671390f37922ef5292c1cd1dadb175cd8227d58829bf","first_seen":"2026-07-02T13:03:42.157112Z","last_seen":"2026-07-02T13:53:26.328868Z","times_seen":3,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":158,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
