{"report_id":"a25c2cab-c443-489c-85c8-e4c171e31fb1","version":6,"status":"done","tags":[],"date":"2025-09-18T11:54:00Z","url":{"schema":"http","addr":"gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"172.67.223.2","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"title":"You’ve got stories. So does she. Trade a few tonight."},"submit":{"url":{"schema":"http","addr":"gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"172.67.223.2","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-23T11:54:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"gcnj.cepydu.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"svntrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"lh3.google.com","ip":{"addr":"142.250.178.78","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":1918,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":505,"sent_data":444,"comment":"","tags":null,"fingerprints":null},{"fqdn":"accounts.google.com","ip":{"addr":"64.233.161.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":103,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":6844,"sent_data":1781,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}]},{"fqdn":"svntrk.com","ip":{"addr":"172.67.197.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":392290,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":1,"received_data":662,"sent_data":428,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":313,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":6525,"sent_data":521,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":130769,"sent_data":1649,"comment":"","tags":null,"fingerprints":null},{"fqdn":"gcnj.cepydu.com","ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":7,"request_count":7,"received_data":736085,"sent_data":6929,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ec742d688046f6c95793775e894c744","sha1":"a264c829a2e1efa5031dc98fdc64a2ca9ade41a4","sha256":"0c20e88b04db99bd312e5c1c7601594024b2c10d5853719feaaca174282c840a","sha512":"7924786ab5c78a47a6c1604ce0da2f5f521c2d40504f8f0bd59640f9ecfb40b23bbdf01e8437a90c7d4f6fb164b26b9cbe485839ccdf0c0b1a1480c7e20ceceb","ssdeep":"","tlshash":"1a5110858da769e17c6b362a4f6ea14930f7447f0448ca20791cd5183fe5a77a298ef0","size":2475,"data":"","first_seen":"2025-09-18T11:54:27.21389Z","last_seen":"2025-09-18T11:54:27.21389Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gcnj.cepydu.com/scripts/fp.v3.js?id=646d4b3deea4287def3fdfc18906bcc7","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d8ad98fe3471d1a74d485f9b4737bfc","sha1":"a1190f7bb41660f682d59e15c2606279da0792f7","sha256":"9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c","sha512":"7fb9f2102417806125bb6cfc40d829f98ca8cb772b9ba847562a19b7e0e6e3e1a3e78ccf464a2409741ee9074d12ca521d305c3ae16ff774e2bb6e3c462dda51","ssdeep":"768:WTW1G6kf2ckxyISuNwxJDJzFE8CYtCgkbAIlIdlIZCwXy:ljvfxyI7N8JDJJEnYsgu3ZRC","tlshash":"be0329d872c7b01e5263697a157fa046ba3abd50750d8c07da3be1c07ca5d4a023bfb9","size":40104,"data":"","first_seen":"2023-04-05T13:38:28Z","last_seen":"2026-04-05T12:38:54.867375Z","times_seen":198288,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gcnj.cepydu.com/landings/wlc41/js/vendor.js?id=658915ba11773991ebb67c62d8572da6","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"a073f4452002370371fdbe4adfeec66d","sha1":"2e0b3e4e42ddd58b0ff0860eae3555bc06260cb1","sha256":"c439797de7b232dc0207a73f71767d30606d8b43a10aa5a1fddc581ee5564432","sha512":"1ff6d57501508bc450953734f2bad164120a36660c506eaa884e5823c2db999831c4d576df3259f91990ceee311b46fa374443abfaa08e8dd04cd4e7f5ccc3f6","ssdeep":"1536:DW2diZYtGTw+UIXyUbxmyBggCz21PW7R7sSNGDkAzyuDNEX4HdlBMDMsq3v2s+yB:01UgSNGDkteHdTB3vOJu7QK5","tlshash":"d2a309ddb2ca716347ab707a00bf550af2365599680d8400f029d8eabc78e4e527bf7d","size":99131,"data":"","first_seen":"2025-08-05T14:53:42.970477Z","last_seen":"2025-10-31T13:43:39.923534Z","times_seen":17946,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/unbounded/v12/Yq6W-LOTXCb04q32xlpwu8ZfvRQkSJZH.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:19.723Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/unbounded/v12/Yq6W-LOTXCb04q32xlpwu8ZfvRQkSJZH.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gcnj.cepydu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 50928\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 11 Sep 2025 17:16:19 GMT\r\nexpires: Fri, 11 Sep 2026 17:16:19 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:47:59 GMT\r\ncontent-type: font/woff2\r\nage: 584400\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":50928,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 50928, version 1.0","md5":"05d155aeb9312622bb55344a904c67a7","sha1":"7179f28585e79eb649070109ff59446ae8cadacf","sha256":"4b69ae920ef9fb5868c8255f5176e799e96d820db11a9e23da7de2ffd2af190b","sha512":"ce6260761e9fbaf82c95fe980b4bacc4dbbc96aecee4e5b70f7f57db488b29f7351c9a047be5a52de94a1e1bf05ffda15b4bd1ea59597d070ceda52ce51641d4","ssdeep":"1536:YavAFuYIsPewmVKgN/gy2DOZfOlgJeQ9nc:YavAcwmVK8x2yZf4gJeQ9c","tlshash":"2733028520f7291fc67232b74f68aaa4347163dea531d18e320970c8e9c665e6e3193a","first_seen":"2025-09-11T17:16:41.899057Z","last_seen":"2026-04-05T12:23:45.68248Z","times_seen":141896,"resource_available":false,"data":null}},"time_used":348,"timings":{"blocked":162,"dns":5,"connect":29,"send":0,"wait":16,"receive":6,"ssl":127},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gcnj.cepydu.com/landings/wlc41/js/vendor.js?id=658915ba11773991ebb67c62d8572da6","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:18.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cepydu.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 04:08:24 GMT","end":"Sun, 16 Nov 2025 05:07:17 GMT"},"fingerprint":{"sha1":"9F:2F:4C:91:0A:DD:49:C9:40:8B:DC:97:B1:A7:79:F5:E0:52:50:A2","sha256":"D6:07:EC:C7:2A:7E:A1:2B:C1:44:EA:1F:57:C9:4A:DA:56:2B:34:9B:33:F6:F2:FB:D6:06:06:5E:2E:39:4E:22"}}},"request":{"raw":"GET /landings/wlc41/js/vendor.js?id=658915ba11773991ebb67c62d8572da6 HTTP/1.1\r\nHost: gcnj.cepydu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net\r\nCookie: XSRF-TOKEN=eyJpdiI6ImxxQVdlNUNrNE9CYWhlSzBCb3h1aWc9PSIsInZhbHVlIjoiOUtCbGxvakdCMGdmQ0VOVE9ZRE5lWWJFenRGYkZXQU02WHArc0t2V2MxaGd3Z2FBQXFVck9FL21jeDdEVC9DNyIsIm1hYyI6IjBjZGRjNzI5MzZmY2JlZDRmNWVhNGY4ZDYxNDFlOGQ3NzllYjNhOTMyMjNkYTgxZmFjYTM3MGMyYzgzMmRlNTcifQ%3D%3D; laravel_session=eyJpdiI6IlZxQUZrSXhQbHRLd0pVd2Y3ZXVUSVE9PSIsInZhbHVlIjoiSVNkRHo1d0ZSUW1ITlozSVpCL2FIdTFnRHFmMk40R2NzR1NRdGNuUGFHNnFXTk40UnZuQVY2K0psaVprMFJvMiIsIm1hYyI6ImZmYjhkNWZmMGU0ZTFmYzdiNDBiN2Q0ZGMxMjc4OGRiMzViNjQwZDU5Y2M0MDFkMGE1ZmQyMzJjZjdlNjA0NjIifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 18 Sep 2025 11:36:19 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Sep 2025 10:01:25 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BWiBUucRvNFVuJtRoFsEkuOLJk64ZcPhw%2BNXiyt3MAcztSYABuvtEcUqTV4jr3zgojmhkci4PPKY99XUfvuSUDH3wOjIhNHxdyaMbr7Pag%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"68cbd875-1833b\"\r\ncontent-encoding: br\r\ncf-ray: 98108b7cabdab28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":99131,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"a073f4452002370371fdbe4adfeec66d","sha1":"2e0b3e4e42ddd58b0ff0860eae3555bc06260cb1","sha256":"c439797de7b232dc0207a73f71767d30606d8b43a10aa5a1fddc581ee5564432","sha512":"1ff6d57501508bc450953734f2bad164120a36660c506eaa884e5823c2db999831c4d576df3259f91990ceee311b46fa374443abfaa08e8dd04cd4e7f5ccc3f6","ssdeep":"1536:DW2diZYtGTw+UIXyUbxmyBggCz21PW7R7sSNGDkAzyuDNEX4HdlBMDMsq3v2s+yB:01UgSNGDkteHdTB3vOJu7QK5","tlshash":"d2a309ddb2ca716347ab707a00bf550af2365599680d8400f029d8eabc78e4e527bf7d","first_seen":"2025-08-05T14:53:42.970477Z","last_seen":"2025-10-31T13:43:39.923534Z","times_seen":17946,"resource_available":true,"data":null}},"time_used":528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"gcnj.cepydu.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gcnj.cepydu.com/landings/wlc41/fonts/vendor.css?id=9597d069ba0250f4a2df7e2647f42f2d","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:18.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cepydu.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 04:08:24 GMT","end":"Sun, 16 Nov 2025 05:07:17 GMT"},"fingerprint":{"sha1":"9F:2F:4C:91:0A:DD:49:C9:40:8B:DC:97:B1:A7:79:F5:E0:52:50:A2","sha256":"D6:07:EC:C7:2A:7E:A1:2B:C1:44:EA:1F:57:C9:4A:DA:56:2B:34:9B:33:F6:F2:FB:D6:06:06:5E:2E:39:4E:22"}}},"request":{"raw":"GET /landings/wlc41/fonts/vendor.css?id=9597d069ba0250f4a2df7e2647f42f2d HTTP/1.1\r\nHost: gcnj.cepydu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net\r\nCookie: XSRF-TOKEN=eyJpdiI6ImxxQVdlNUNrNE9CYWhlSzBCb3h1aWc9PSIsInZhbHVlIjoiOUtCbGxvakdCMGdmQ0VOVE9ZRE5lWWJFenRGYkZXQU02WHArc0t2V2MxaGd3Z2FBQXFVck9FL21jeDdEVC9DNyIsIm1hYyI6IjBjZGRjNzI5MzZmY2JlZDRmNWVhNGY4ZDYxNDFlOGQ3NzllYjNhOTMyMjNkYTgxZmFjYTM3MGMyYzgzMmRlNTcifQ%3D%3D; laravel_session=eyJpdiI6IlZxQUZrSXhQbHRLd0pVd2Y3ZXVUSVE9PSIsInZhbHVlIjoiSVNkRHo1d0ZSUW1ITlozSVpCL2FIdTFnRHFmMk40R2NzR1NRdGNuUGFHNnFXTk40UnZuQVY2K0psaVprMFJvMiIsIm1hYyI6ImZmYjhkNWZmMGU0ZTFmYzdiNDBiN2Q0ZGMxMjc4OGRiMzViNjQwZDU5Y2M0MDFkMGE1ZmQyMzJjZjdlNjA0NjIifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 18 Sep 2025 11:36:19 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Sep 2025 10:01:25 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9mV4ThMiPChfc7tImxOZM1bnjZFTPQK5fI68J%2BSxT5dH7Y6cEzSHbGpS4vwYk3S2cfm8HltBt0KZeb%2BJ9d64k%2BMZMPlI3DSoQqMsEAIDVg%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"68cbd875-2619\"\r\ncontent-encoding: br\r\ncf-ray: 98108b7cabd7b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9753,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (9752)","md5":"b4595c9f20c6a200d6b74d90d8d3a198","sha1":"9e51178a9a0651384c96a84f4fdf4321088f00eb","sha256":"b3ed1a4ac7d61119c297b1a66a4076df400f1958487995e3dbbad698e18da270","sha512":"5f9658f22545b8acbb1f7d2e6c78e22557b3f47afc72a29b7f030ae637bdc9966e57229e891d8834a7a18c352b8e278da4efa1a0d6b03fb064e99c9d4a24b8b6","ssdeep":"192:QAVn8coWKjzG07OEdNCxDdQ4dof0TWkujkJhPrH:f8vZjzGlDvScakJhPrH","tlshash":"501275314fe96038f72f867f75d11a982d94c923d2174f99f06ab669cdc50a21272f0d","first_seen":"2025-04-27T07:20:09.090797Z","last_seen":"2026-04-05T09:19:05.248399Z","times_seen":1979,"resource_available":false,"data":null}},"time_used":528,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":528,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"gcnj.cepydu.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100","fqdn":"lh3.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.78","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:21.194Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:39:47 GMT","end":"Mon, 17 Nov 2025 08:39:46 GMT"},"fingerprint":{"sha1":"F9:0D:6B:52:9B:02:94:79:6F:66:5E:99:BA:02:05:E9:13:79:85:94","sha256":"C6:8F:33:FB:A2:A4:D9:3A:28:2E:A9:DD:1E:E1:73:83:2E:94:AE:8E:40:D4:13:43:2A:90:66:65:A2:98:09:4A"}}},"request":{"raw":"GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1\r\nHost: lh3.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\r\ncache-control: private\r\nvary: Origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\ncontent-type: text/html; charset=UTF-8\r\nx-content-type-options: nosniff\r\ndate: Thu, 18 Sep 2025 11:36:21 GMT\r\nserver: fife\r\ncontent-length: 337\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":174,"timings":{"blocked":69,"dns":1,"connect":15,"send":0,"wait":36,"receive":0,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gcnj.cepydu.com/landings/wlc41/video/Video.webm","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:19.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cepydu.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 04:08:24 GMT","end":"Sun, 16 Nov 2025 05:07:17 GMT"},"fingerprint":{"sha1":"9F:2F:4C:91:0A:DD:49:C9:40:8B:DC:97:B1:A7:79:F5:E0:52:50:A2","sha256":"D6:07:EC:C7:2A:7E:A1:2B:C1:44:EA:1F:57:C9:4A:DA:56:2B:34:9B:33:F6:F2:FB:D6:06:06:5E:2E:39:4E:22"}}},"request":{"raw":"GET /landings/wlc41/video/Video.webm HTTP/1.1\r\nHost: gcnj.cepydu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net\r\nCookie: XSRF-TOKEN=eyJpdiI6ImxxQVdlNUNrNE9CYWhlSzBCb3h1aWc9PSIsInZhbHVlIjoiOUtCbGxvakdCMGdmQ0VOVE9ZRE5lWWJFenRGYkZXQU02WHArc0t2V2MxaGd3Z2FBQXFVck9FL21jeDdEVC9DNyIsIm1hYyI6IjBjZGRjNzI5MzZmY2JlZDRmNWVhNGY4ZDYxNDFlOGQ3NzllYjNhOTMyMjNkYTgxZmFjYTM3MGMyYzgzMmRlNTcifQ%3D%3D; laravel_session=eyJpdiI6IlZxQUZrSXhQbHRLd0pVd2Y3ZXVUSVE9PSIsInZhbHVlIjoiSVNkRHo1d0ZSUW1ITlozSVpCL2FIdTFnRHFmMk40R2NzR1NRdGNuUGFHNnFXTk40UnZuQVY2K0psaVprMFJvMiIsIm1hYyI6ImZmYjhkNWZmMGU0ZTFmYzdiNDBiN2Q0ZGMxMjc4OGRiMzViNjQwZDU5Y2M0MDFkMGE1ZmQyMzJjZjdlNjA0NjIifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 Partial Content\r\nserver: cloudflare\r\ndate: Thu, 18 Sep 2025 11:36:20 GMT\r\ncontent-type: video/webm\r\ncontent-length: 538406\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Sep 2025 10:01:25 GMT\r\netag: \"68cbd875-83726\"\r\naccept-ranges: bytes\r\ncontent-range: bytes 0-538405/538406\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yLs%2B6ChjvAf9L37wIAZ0FQAkf8pUkWz9t9DYY%2Bym1hCW1ZDZNkQ7bDaoppPI%2Fl5YuYkdqopr0uZY541j4Mq%2F3e5%2Bk83dzhWcNG82WGrn0Q%3D%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98108b835a1cb1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":538406,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"8db53b75c8c31fa669854812bde0e14e","sha1":"f10d8b012e453fbebedfcd858d1ac93b243b5667","sha256":"a3f017cb7e866f3ff6bb935e4747721fc5a8c9bd995b584cbdc22143d8fdc1c2","sha512":"87bfbf6de861af3e9cda4c96634bc627baf52e8bbc078e22c5b8d95ea0e76a9ff9eea1e8c6e420492aeab7ef17fa8c53fc9305a2c7762b19b419b1a511c9b8ae","ssdeep":"12288:nOka4rR/gve/viZeaGnRrPIkxZkthWeMInggMvbq19BW9zwg:OZGR/g8INsIk/kt0eMIDCWBgsg","tlshash":"20b42254ab14689bd6061337c78f435e9b0b494998fc1c517732a6b0cda4fbea84f32e","first_seen":"2025-04-27T07:20:09.094671Z","last_seen":"2026-04-05T09:19:05.255985Z","times_seen":1970,"resource_available":false,"data":null}},"time_used":1422,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":522,"receive":900,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"gcnj.cepydu.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"64.233.161.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:21.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:38:01 GMT","end":"Mon, 01 Dec 2025 08:38:00 GMT"},"fingerprint":{"sha1":"50:D2:49:3C:F8:95:11:7F:74:11:C6:30:B6:82:0C:F4:34:21:2E:47","sha256":"EA:D4:6B:60:2A:3C:4B:39:32:39:92:5B:56:98:4B:5B:00:E5:93:5E:BA:66:43:BD:89:DE:10:FF:76:70:E1:53"}}},"request":{"raw":"GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:DnI_0PNYiRIIe8GAsc2LhS_fvxU8PQ:HT4XGrk_m-SN_z8T; Expires=Sat, 18-Sep-2027 11:36:21 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 18 Sep 2025 11:36:21 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AfYwgwWnR6qTzSmuTy_WkBR7vBrSTVFeQsQ6tGkRBih6dklLCfZCftwKX8AvDZReT4uDByEN6yvDeg\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-0xdVoFo9Rw5dN97n_xZObQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\ncross-origin-opener-policy: unsafe-none\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-resource-policy: cross-origin\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":79,"dns":0,"connect":15,"send":0,"wait":25,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-18T11:36:17.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cepydu.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 04:08:24 GMT","end":"Sun, 16 Nov 2025 05:07:17 GMT"},"fingerprint":{"sha1":"9F:2F:4C:91:0A:DD:49:C9:40:8B:DC:97:B1:A7:79:F5:E0:52:50:A2","sha256":"D6:07:EC:C7:2A:7E:A1:2B:C1:44:EA:1F:57:C9:4A:DA:56:2B:34:9B:33:F6:F2:FB:D6:06:06:5E:2E:39:4E:22"}}},"request":{"raw":"GET /?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net HTTP/1.1\r\nHost: gcnj.cepydu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 18 Sep 2025 11:36:18 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I1WD%2Fl63X20nuScnNAoBNyzcaUUbzUT9QMYWWjVHXSwU9ojN%2FXgWjhyt0km2zfc%2BwKucnBP2hcMGXGhuoUA4Vkbq1VdjmHDOP4xUdkAnLQ%3D%3D\"}]}\r\ncontent-encoding: br\r\nset-cookie: XSRF-TOKEN=eyJpdiI6ImxxQVdlNUNrNE9CYWhlSzBCb3h1aWc9PSIsInZhbHVlIjoiOUtCbGxvakdCMGdmQ0VOVE9ZRE5lWWJFenRGYkZXQU02WHArc0t2V2MxaGd3Z2FBQXFVck9FL21jeDdEVC9DNyIsIm1hYyI6IjBjZGRjNzI5MzZmY2JlZDRmNWVhNGY4ZDYxNDFlOGQ3NzllYjNhOTMyMjNkYTgxZmFjYTM3MGMyYzgzMmRlNTcifQ%3D%3D; SameSite=Lax; Path=/; Max-Age=7200; Expires=Thu, 18 Sep 2025 13:36:18 GMT\nlaravel_session=eyJpdiI6IlZxQUZrSXhQbHRLd0pVd2Y3ZXVUSVE9PSIsInZhbHVlIjoiSVNkRHo1d0ZSUW1ITlozSVpCL2FIdTFnRHFmMk40R2NzR1NRdGNuUGFHNnFXTk40UnZuQVY2K0psaVprMFJvMiIsIm1hYyI6ImZmYjhkNWZmMGU0ZTFmYzdiNDBiN2Q0ZGMxMjc4OGRiMzViNjQwZDU5Y2M0MDFkMGE1ZmQyMzJjZjdlNjA0NjIifQ%3D%3D; HttpOnly; SameSite=Lax; Path=/\nSRVNAME=w1; Path=/\r\ncf-ray: 98108b77e99db28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4995,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (319)","md5":"62068f35becc9d6cb2d26380e67c8b14","sha1":"5e2d09de43d8a4e14a6df8ee4e13bd26590cf03f","sha256":"6f2f597e6a492c8fa00ef8da7519ef8033cdb3889670fc7fc12b6889e922ebc7","sha512":"3846c5a58ec953ad233832c852f34a29fb4b0b9f2f1a6dd7bf5768017adc187460600f57d3af58c837f10d2970952be3b2e9443e0406564c47aa0dc6ddb92107","ssdeep":"96:f3uu56hWy78Elggq6+OPKnLq3ywq7Nkzu:f+uQhWy796gq6rKnowNkzu","tlshash":"52a1d7418ce790f32c5325916feed31575f3862b5a06cc90b98c88413fe0e1bb1979e8","first_seen":"2025-09-18T11:54:27.203867Z","last_seen":"2025-09-18T11:54:27.203867Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1959,"timings":{"blocked":691,"dns":1,"connect":1,"send":0,"wait":576,"receive":0,"ssl":686},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"gcnj.cepydu.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"svntrk.com/assets/upg17_68cbeeb255ccc.js","fqdn":"svntrk.com","domain":"svntrk.com","tld":"com"},"ip":{"addr":"172.67.197.110","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:18.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"svntrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Sep 2025 03:26:30 GMT","end":"Wed, 17 Dec 2025 04:23:52 GMT"},"fingerprint":{"sha1":"5A:E4:AE:58:31:18:1E:DA:44:17:65:49:77:0E:66:1B:18:B8:96:B0","sha256":"E0:61:1B:42:62:28:23:B5:BD:30:DE:2D:F3:15:B0:FA:4D:C5:E7:4C:23:18:F1:59:E3:F5:A2:D3:4E:9F:61:FD"}}},"request":{"raw":"GET /assets/upg17_68cbeeb255ccc.js HTTP/1.1\r\nHost: svntrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gcnj.cepydu.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 18 Sep 2025 11:36:18 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nserver: cloudflare\r\ncache-control: no-cache, private\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-cache-status: BYPASS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0hwkEJfLuKCDAp4Y4ps2wK7RbJ5KbqEDQFTACk4dlI3bV0F7ca4n9hFmmbvBxFe4ZcA0ow24B1ewl5q9uf%2FLrOzHH%2F3KJC76\"}]}\r\ncontent-encoding: br\r\nset-cookie: svnimp=68cbeeb2b6bca; HttpOnly; SameSite=None; Secure; Path=/\r\ncf-ray: 98108b7cb909b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":16,"dns":4,"connect":1,"send":0,"wait":136,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"svntrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gcnj.cepydu.com/scripts/fp.v3.js?id=646d4b3deea4287def3fdfc18906bcc7","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:18.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cepydu.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 04:08:24 GMT","end":"Sun, 16 Nov 2025 05:07:17 GMT"},"fingerprint":{"sha1":"9F:2F:4C:91:0A:DD:49:C9:40:8B:DC:97:B1:A7:79:F5:E0:52:50:A2","sha256":"D6:07:EC:C7:2A:7E:A1:2B:C1:44:EA:1F:57:C9:4A:DA:56:2B:34:9B:33:F6:F2:FB:D6:06:06:5E:2E:39:4E:22"}}},"request":{"raw":"GET /scripts/fp.v3.js?id=646d4b3deea4287def3fdfc18906bcc7 HTTP/1.1\r\nHost: gcnj.cepydu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net\r\nCookie: XSRF-TOKEN=eyJpdiI6ImxxQVdlNUNrNE9CYWhlSzBCb3h1aWc9PSIsInZhbHVlIjoiOUtCbGxvakdCMGdmQ0VOVE9ZRE5lWWJFenRGYkZXQU02WHArc0t2V2MxaGd3Z2FBQXFVck9FL21jeDdEVC9DNyIsIm1hYyI6IjBjZGRjNzI5MzZmY2JlZDRmNWVhNGY4ZDYxNDFlOGQ3NzllYjNhOTMyMjNkYTgxZmFjYTM3MGMyYzgzMmRlNTcifQ%3D%3D; laravel_session=eyJpdiI6IlZxQUZrSXhQbHRLd0pVd2Y3ZXVUSVE9PSIsInZhbHVlIjoiSVNkRHo1d0ZSUW1ITlozSVpCL2FIdTFnRHFmMk40R2NzR1NRdGNuUGFHNnFXTk40UnZuQVY2K0psaVprMFJvMiIsIm1hYyI6ImZmYjhkNWZmMGU0ZTFmYzdiNDBiN2Q0ZGMxMjc4OGRiMzViNjQwZDU5Y2M0MDFkMGE1ZmQyMzJjZjdlNjA0NjIifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 18 Sep 2025 11:36:19 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Sep 2025 10:01:25 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qp%2FLHr5ltHJPBUBVsclds6GfVn0Zac7zGA%2B5CZsIb4ECdO9WvlnpBMThZ%2BzyC8Zu1G%2FmNidRmdnYwoVUsvrpKW3BWa7Bd0P18ovfBEWgrQ%3D%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"68cbd875-9ca8\"\r\ncontent-encoding: br\r\ncf-ray: 98108b7cabd1b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40104,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (40096)","md5":"1d8ad98fe3471d1a74d485f9b4737bfc","sha1":"a1190f7bb41660f682d59e15c2606279da0792f7","sha256":"9aa12d141f3c41629c83ac95bf3bebab2b33bca7f8f8988bf64b53b57c73714c","sha512":"7fb9f2102417806125bb6cfc40d829f98ca8cb772b9ba847562a19b7e0e6e3e1a3e78ccf464a2409741ee9074d12ca521d305c3ae16ff774e2bb6e3c462dda51","ssdeep":"768:WTW1G6kf2ckxyISuNwxJDJzFE8CYtCgkbAIlIdlIZCwXy:ljvfxyI7N8JDJJEnYsgu3ZRC","tlshash":"be0329d872c7b01e5263697a157fa046ba3abd50750d8c07da3be1c07ca5d4a023bfb9","first_seen":"2023-04-05T13:38:28Z","last_seen":"2026-04-05T12:38:54.867375Z","times_seen":198288,"resource_available":true,"data":null}},"time_used":489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":489,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"gcnj.cepydu.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gcnj.cepydu.com/landings/wlc41/img/bg.jpg","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:19.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cepydu.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 04:08:24 GMT","end":"Sun, 16 Nov 2025 05:07:17 GMT"},"fingerprint":{"sha1":"9F:2F:4C:91:0A:DD:49:C9:40:8B:DC:97:B1:A7:79:F5:E0:52:50:A2","sha256":"D6:07:EC:C7:2A:7E:A1:2B:C1:44:EA:1F:57:C9:4A:DA:56:2B:34:9B:33:F6:F2:FB:D6:06:06:5E:2E:39:4E:22"}}},"request":{"raw":"GET /landings/wlc41/img/bg.jpg HTTP/1.1\r\nHost: gcnj.cepydu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gcnj.cepydu.com/landings/wlc41/fonts/vendor.css?id=9597d069ba0250f4a2df7e2647f42f2d\r\nCookie: XSRF-TOKEN=eyJpdiI6ImxxQVdlNUNrNE9CYWhlSzBCb3h1aWc9PSIsInZhbHVlIjoiOUtCbGxvakdCMGdmQ0VOVE9ZRE5lWWJFenRGYkZXQU02WHArc0t2V2MxaGd3Z2FBQXFVck9FL21jeDdEVC9DNyIsIm1hYyI6IjBjZGRjNzI5MzZmY2JlZDRmNWVhNGY4ZDYxNDFlOGQ3NzllYjNhOTMyMjNkYTgxZmFjYTM3MGMyYzgzMmRlNTcifQ%3D%3D; laravel_session=eyJpdiI6IlZxQUZrSXhQbHRLd0pVd2Y3ZXVUSVE9PSIsInZhbHVlIjoiSVNkRHo1d0ZSUW1ITlozSVpCL2FIdTFnRHFmMk40R2NzR1NRdGNuUGFHNnFXTk40UnZuQVY2K0psaVprMFJvMiIsIm1hYyI6ImZmYjhkNWZmMGU0ZTFmYzdiNDBiN2Q0ZGMxMjc4OGRiMzViNjQwZDU5Y2M0MDFkMGE1ZmQyMzJjZjdlNjA0NjIifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 18 Sep 2025 11:36:20 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 37287\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Sep 2025 10:01:25 GMT\r\netag: \"68cbd875-91a7\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ehBPHXYpL9qKkFH%2FLXrL4K3TNQ5CL6vFerfX9Lis7gfbwWcG7SCSZ98Ls9yhh3QgPcE9%2Bdic7%2BRaFYz%2BFI0Nn2jXIy6QSp%2FDaALPLnUfrQ%3D%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98108b832a18b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37287,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=Paint.NET 5.1.4], progressive, precision 8, 667x994, components 3","md5":"42bb7a2c3049fef96e85af4c6f794f9b","sha1":"85d17299dd5b5aa4683c39dbcf3dc7efa1e6a870","sha256":"f3f13586b40b6dc8baa46299ba32354729948c27c0e7bafc48c7e40b9b5ff644","sha512":"69264624d7ffdb058f4aaac941bbf486d01ef163b79deaaa67577759bc9549b63b08ce6baa0da2d14a31e9df1d801a08fafe9132feb11646b5082ba6df96402e","ssdeep":"768:ZE8ntE4CWqQXJNwpw21jKgTVeAbE+EKddQCfzjwC7OZzVe6rA:ZE8t1CWjCpjK4VeAvQCfzMVeWA","tlshash":"24f2f22d4bcb5477cb7957671388179f1bbc5a7acd1a9088e45418e835f6bb90f0e00c","first_seen":"2025-04-27T07:20:09.088357Z","last_seen":"2026-04-05T09:19:05.265884Z","times_seen":1976,"resource_available":false,"data":null}},"time_used":723,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":184,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"gcnj.cepydu.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:19.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gcnj.cepydu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 12 Sep 2025 00:31:31 GMT\r\nexpires: Sat, 12 Sep 2026 00:31:31 GMT\r\ncache-control: public, max-age=31536000\r\nage: 558288\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-04-05T13:48:53.426438Z","times_seen":308190,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":84,"dns":1,"connect":15,"send":0,"wait":18,"receive":21,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AfYwgwWnR6qTzSmuTy_WkBR7vBrSTVFeQsQ6tGkRBih6dklLCfZCftwKX8AvDZReT4uDByEN6yvDeg","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"64.233.161.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:21.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:38:01 GMT","end":"Mon, 01 Dec 2025 08:38:00 GMT"},"fingerprint":{"sha1":"50:D2:49:3C:F8:95:11:7F:74:11:C6:30:B6:82:0C:F4:34:21:2E:47","sha256":"EA:D4:6B:60:2A:3C:4B:39:32:39:92:5B:56:98:4B:5B:00:E5:93:5E:BA:66:43:BD:89:DE:10:FF:76:70:E1:53"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AfYwgwWnR6qTzSmuTy_WkBR7vBrSTVFeQsQ6tGkRBih6dklLCfZCftwKX8AvDZReT4uDByEN6yvDeg HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:kAI0ZQiCC6KN_bJMoJ5Ug4E9XSo7yQ:Dg1KXUave7vt-sv8;Path=/;Expires=Sat, 18-Sep-2027 11:36:21 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 18 Sep 2025 11:36:21 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AfYwgwVQeiMcs6zyoXn_DRKzss2qdbKa2OxANYdx5i8p-RyDRz7vLkKoECNgInYEDheLpEbXW0gzKA\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S1728380935%3A1758195381433295\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-0ilBZezb2CkHwFqKXRxR_Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 430\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenGSE","description":"OpenGSE is a test suite used for testing servlet compliance. It is deployed by using WAR files that are deployed on the server engine.","website":"https://code.google.com/p/opengse","common_platform_enumeration":"","icon":"Google.svg","categories":["Web servers"]},{"name":"Java","description":"Java is a class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.","website":"https://java.com","common_platform_enumeration":"cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*","icon":"Java.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AfYwgwVQeiMcs6zyoXn_DRKzss2qdbKa2OxANYdx5i8p-RyDRz7vLkKoECNgInYEDheLpEbXW0gzKA\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S1728380935%3A1758195381433295","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"64.233.161.84","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:21.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Sep 2025 08:38:01 GMT","end":"Mon, 01 Dec 2025 08:38:00 GMT"},"fingerprint":{"sha1":"50:D2:49:3C:F8:95:11:7F:74:11:C6:30:B6:82:0C:F4:34:21:2E:47","sha256":"EA:D4:6B:60:2A:3C:4B:39:32:39:92:5B:56:98:4B:5B:00:E5:93:5E:BA:66:43:BD:89:DE:10:FF:76:70:E1:53"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100\u0026hl=en\u0026ifkv=AfYwgwVQeiMcs6zyoXn_DRKzss2qdbKa2OxANYdx5i8p-RyDRz7vLkKoECNgInYEDheLpEbXW0gzKA\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S1728380935%3A1758195381433295 HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 18 Sep 2025 11:36:21 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-4-AUUv1hODqSb4YLKdXxKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.google.com/tools/feedback/ https://www.gstatic.com/feedback/js/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://support.google.com/inapp/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\ncontent-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/chat_load.js https://www.google.com/tools/feedback/help_api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.gstatic.com/feedback/js/ https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.3HBIfyy7sbs.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T13:47:07.33171Z","times_seen":13377129,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100..900;1,100..900\u0026family=Unbounded:wght@200..900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:19.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:02 GMT","end":"Mon, 17 Nov 2025 08:41:01 GMT"},"fingerprint":{"sha1":"ED:FC:A5:F2:F4:07:8E:0E:EA:C7:96:D8:BE:47:04:EE:34:72:47:E9","sha256":"42:1D:9B:CD:2D:EC:4C:72:94:02:2C:88:B5:FF:BC:A2:B8:35:1B:C6:E0:B5:97:71:DB:7D:5B:6A:FA:CA:C1:8A"}}},"request":{"raw":"GET /css2?family=Montserrat:ital,wght@0,100..900;1,100..900\u0026family=Unbounded:wght@200..900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gcnj.cepydu.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 18 Sep 2025 11:36:19 GMT\r\ndate: Thu, 18 Sep 2025 11:36:19 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5839,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"72ecc6cc0e11e6140e11a1dde0ebd5a9","sha1":"f711dd3d4fb940ff845c5323369ff16d261b1ab4","sha256":"0d1ee37453bbe3e63bb082f18f0d538fc8306fd4185e9df6b237c579d1252c8e","sha512":"7cf08986be803f128d8882fb40ce6bc84eeb288e617383c1cd7589e4a5eb23f4e3a431ee89e43816c90edfa46e64733257184fc4c898322293ad8daebd6e3d4b","ssdeep":"96:AOYg4aYwOYg4agFZOhOYg4a+OYg4a7nJc+udOYg4aeNtOO4aRwOO4aOFZOhOO4aq:AyYwyNFyuy3uySRk73vO6uLVmdX98Ic","tlshash":"3fc1fe910527e504ea431cc523cf7f269e4e62653495c5ba7ffe2c98adeac360325b2c","first_seen":"2025-09-11T17:16:41.908218Z","last_seen":"2026-04-05T12:23:45.68299Z","times_seen":143939,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":62,"dns":1,"connect":7,"send":0,"wait":19,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUQjIg1_i6t8kCHKm459WxRyS7m0dJ9pQOi.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:19.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/montserrat/v31/JTUQjIg1_i6t8kCHKm459WxRyS7m0dJ9pQOi.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://gcnj.cepydu.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 39580\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 12 Sep 2025 00:40:07 GMT\r\nexpires: Sat, 12 Sep 2026 00:40:07 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:10:26 GMT\r\ncontent-type: font/woff2\r\nage: 557772\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":39580,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 39580, version 1.0","md5":"adbb74ed85ae03bafbc689d12c4b009d","sha1":"7f3b99b45e6d2fcfc6236e972f9eca353cf0d130","sha256":"d7143d0ded43c36b8c4ff4a0df9fba2d356d27f64d38f33d962ec5977f928d31","sha512":"d91511c5a20c5b851b6363603959dc520622c0202e2c39b8bd7cacf95f597bccbfe4595cda9785639dbd216e1a45c980e8e54c94a778165b6d81b83192d57a55","ssdeep":"768:GtZDr7XQiUGTkhuSlVGpCRf0p0lBYtg8PdVc4vtSbga/azp8kAUuzqksy8G:GzP7xyhuSlwpq7R8Ve6UN/ad8kLufsyP","tlshash":"e30301c6940ca5f9dcaa027bfc5e0cfa39654cb89c0a6b9c5f89e7634165cf2425ca4c","first_seen":"2025-09-05T00:54:06.266401Z","last_seen":"2026-04-05T13:13:18.470817Z","times_seen":124422,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":98,"dns":0,"connect":27,"send":0,"wait":21,"receive":13,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gcnj.cepydu.com/landings/wlc41/img/favicon.png","fqdn":"gcnj.cepydu.com","domain":"cepydu.com","tld":"com"},"ip":{"addr":"104.21.17.66","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net","date":"2025-09-18T11:36:20.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cepydu.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 18 Aug 2025 04:08:24 GMT","end":"Sun, 16 Nov 2025 05:07:17 GMT"},"fingerprint":{"sha1":"9F:2F:4C:91:0A:DD:49:C9:40:8B:DC:97:B1:A7:79:F5:E0:52:50:A2","sha256":"D6:07:EC:C7:2A:7E:A1:2B:C1:44:EA:1F:57:C9:4A:DA:56:2B:34:9B:33:F6:F2:FB:D6:06:06:5E:2E:39:4E:22"}}},"request":{"raw":"GET /landings/wlc41/img/favicon.png HTTP/1.1\r\nHost: gcnj.cepydu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://gcnj.cepydu.com/?s1=upg17\u0026s3=wx96\u0026email=jesse@slurpmail.net\r\nCookie: XSRF-TOKEN=eyJpdiI6ImxxQVdlNUNrNE9CYWhlSzBCb3h1aWc9PSIsInZhbHVlIjoiOUtCbGxvakdCMGdmQ0VOVE9ZRE5lWWJFenRGYkZXQU02WHArc0t2V2MxaGd3Z2FBQXFVck9FL21jeDdEVC9DNyIsIm1hYyI6IjBjZGRjNzI5MzZmY2JlZDRmNWVhNGY4ZDYxNDFlOGQ3NzllYjNhOTMyMjNkYTgxZmFjYTM3MGMyYzgzMmRlNTcifQ%3D%3D; laravel_session=eyJpdiI6IlZxQUZrSXhQbHRLd0pVd2Y3ZXVUSVE9PSIsInZhbHVlIjoiSVNkRHo1d0ZSUW1ITlozSVpCL2FIdTFnRHFmMk40R2NzR1NRdGNuUGFHNnFXTk40UnZuQVY2K0psaVprMFJvMiIsIm1hYyI6ImZmYjhkNWZmMGU0ZTFmYzdiNDBiN2Q0ZGMxMjc4OGRiMzViNjQwZDU5Y2M0MDFkMGE1ZmQyMzJjZjdlNjA0NjIifQ%3D%3D; SRVNAME=w1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 18 Sep 2025 11:36:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 1110\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 18 Sep 2025 10:01:25 GMT\r\netag: \"68cbd875-456\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TP3UreQPLp%2BkD4YlU3x26Zd9QnHHV%2BBLiOSatcBalc4WhurikrsN%2Bqk4AK8Q84I6Zwv3wXQRR%2FBpI0lbOk8qNoe1ee88njm%2FyDjUzuc%2FGw%3D%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 98108b85aa53b1b8-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1110,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 4-bit colormap, non-interlaced","md5":"7d02aa08107ebd4a1bc24ae6549d5edc","sha1":"26593612ebd8104522d4e351576a833a3090f680","sha256":"3465e360f94e80f033b6af97fc16d8826d73ed45a1cb434bbbf08f3d02c7ef58","sha512":"1211a08680d610b7ba0d1787075eb0c553efa479f27d261784830ec354b7d8cd69cf207388b253f69a217422a114cc1b2b30c0d494889ca830a59a295bd1a2aa","ssdeep":"","tlshash":"c311b9f0c40ade1521c1013f2dd86724bdb10cdb602c72cba35e9df22d45644ceed426","first_seen":"2025-08-05T16:53:52.55155Z","last_seen":"2026-04-03T14:44:53.085633Z","times_seen":6074,"resource_available":false,"data":null}},"time_used":521,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":520,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-09-18","alert":"Sinkholed","trigger":"gcnj.cepydu.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}