{"report_id":"acd51bc1-fd37-4d63-90b9-329e7b4507ff","version":0,"status":"done","tags":[],"date":"2026-07-02T13:53:20Z","url":{"schema":"http","addr":"processhacker.app","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"172.67.168.17","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"processhacker.app/","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"title":"Process Hacker - Advanced System Monitoring Tool for Windows | Free Download","dom":{"size":185687,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (330)","md5":"66bf1d1c9aceb41d0d516ca4e55ab6e0","sha1":"63f8fc39192f7db6d848fd765da06151b54b7231","sha256":"5e3e3930bd6f4a6e68d2264ff0a4d607a751201ed26c0849daf889adbc4ccb38","sha512":"be0eee78ae0e91460cae9a1197742732985fb84736d8990f71681390a5706bffbd04329db6f02dc2d74e392dbf76466df0fc9ac612f6e425060ece398b8a12c5","ssdeep":"3072:kxWPTEPn52+x6B9watv+m2bByruqC9s/YahT/eVyNQ4MLd3GvWqlh:kxWPTEPn52+x6B9watv+m2bByruqC9sL","tlshash":"2f04637472f09076bc63a2f5a7ce612dbe39d19bd92f4d94b6dc0110afd26f68d82900","dom_hash":"domhash4f8aeba71166c608dc3e90c511134a86","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"processhacker.app","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"172.67.168.17","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-06T13:53:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"processhacker.app","ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":56,"request_count":14,"received_data":302328,"sent_data":6953,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-06-28T22:30:22.905773Z","alert_count":0,"request_count":1,"received_data":485947,"sent_data":480,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-28T22:22:13.875484Z","alert_count":0,"request_count":1,"received_data":18373,"sent_data":545,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-06-28T22:47:06.167692Z","alert_count":0,"request_count":1,"received_data":277408,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"processhacker.app/js/script.js","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bce86642b36f3429d5d2e7378dc0b537","sha1":"68932162ebf03b7e95a4cf74b13e43318fecdd05","sha256":"706f2935dc8a616514b937521a6b618a75bb5565eb36a1bafcc128cc9ae543ab","sha512":"1d9e238de60bee2ef64c059df79f1a96d948ec57e7518fbb393bc1c1395810b27e95544f594285c770bbab67ff73993f6673b7587c72bafb8bf07facf827019d","ssdeep":"192:PADZtFLbCx6el1OdlUUhePqyiWVLtCabSgVCzSPAYi8IDY9iKqMkYO5:Pqie","tlshash":"2412105e26b72036497331b96b8f65443a3620437842de083f6d87841f93b715dbabde","size":9256,"data":"","first_seen":"2026-07-02T13:53:26.32794Z","last_seen":"2026-07-02T13:53:26.32794Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/js/navbar.js","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4e9ff679fa18406a1b861f4f72a146e","sha1":"5a6801625c0d2268ec2c8c5dd9860db2f0bc48ef","sha256":"333d2bfd863b1c2b6ed518bc380ca5d91f4ce5eb625815aa4c49c4eda60c551a","sha512":"6c6078455632fecffdfb566d361f76696b5c890fbaf902a7516a58783c1220d763af9b6c5d8edc50aa84217ac553be1101ea7f5440ddc83a4bccff7b9ec56181","ssdeep":"96:QaVGz90FVysYZUMPWZp28UYuBFsqs2nDTYfzvvckpobOfVOVba:DGz90SX+u3ns2nDTYrPp66ce","tlshash":"b13233a4a4d1106fe1f782b673bb793cedad45a3d103a888727c91978fb6c055b039e1","size":11928,"data":"","first_seen":"2026-07-02T13:53:26.334684Z","last_seen":"2026-07-02T13:53:26.334684Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-Z5ZY3X5BBH","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"52c257dc956baa5b95120eda0f124151","sha1":"55f715362d20dc899535b57b9eab470b101d3a08","sha256":"8bf881600e57d357940630ff14401cf68ead8d47732c3fb95f998ddba7d108a9","sha512":"cac847a3a05b1f90884a28e25e2339916bc948f3c190322b3eeea06e1df111c9022d67f63d9b061c45bf73bdb5d0016debaeaf4864970077e5e2019eba11f042","ssdeep":"6144:/LnAtCn0dFkiqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:znAzFB0AQQUpEZEni","tlshash":"bca4f8cdb3d674265396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","size":485343,"data":"","first_seen":"2026-07-02T13:53:26.325253Z","last_seen":"2026-07-02T13:53:26.325253Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","size":276272,"data":"","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-03T03:09:44.104071Z","times_seen":33,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"e7ed1928123f7756c4b856821760275b","sha1":"959f37a44c71980db5c90d262c72b4b05ac34f50","sha256":"47cd112b8f283b3106791e8157d11521c2498479a18c30fe6b756ed0670cdce3","sha512":"b9cc8213cf70d629e2fa43c737c7942e04c72d426c2ab12f21a98798492c387492d3b386e06849a5b15f3b4dbf3c3c69c4930156118e9dee303835ac1cb020be","ssdeep":"","tlshash":"e5c08c88210f1c7195ab2a010bafa200b0093202a4905921391f32485f20d039758814","size":161,"data":"","first_seen":"2026-07-02T13:53:26.336282Z","last_seen":"2026-07-02T13:53:26.336282Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c304f06ca7dfc61972d89ddc6875c1d0","sha1":"9a8964d8a12f788733b37ac2ff984464c1d192c4","sha256":"c3577b5b15088f4aec121a9e4c18e4a949ae16c20f685b41c4eed642e6f31ca7","sha512":"5d727dad9b8063445e36395f9146bce08e164f9158482224353cb38aa827a930b588d35ed452b78d660ff6bc9dc3c6ee78512c069785b0befd0d79998484d06d","ssdeep":"","tlshash":"c9e0721e30c2003a02b345b623b7810a22222b0be48e8b22ba5fc8d61f28ca1044254c","size":319,"data":"","first_seen":"2026-07-02T13:53:26.337205Z","last_seen":"2026-07-02T13:53:26.337205Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/js/language.js","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9a70eeedf303886ec22b59fbc3d2378f","sha1":"b45625e68d557e1549783f8140020ac017f36cb7","sha256":"c9c47a51b73a519f7c563fa2909dc194e58035f3dcc53dbc4d45586eef4a8da9","sha512":"1e8c7c839252dee82cd1ae63c9873127c59d8e4e5fcfe7bfd1ab1e6806cb405ac032dfc0e5bf45251020cd779d40e97525090a2ab6794ab7f2b69349d1bc98e7","ssdeep":"","tlshash":"f531e0d9589321a9e5369338316d3e14e5b943a326012d167fbcc3d14ff7520c0a0dec","size":1577,"data":"","first_seen":"2026-07-02T13:53:26.326883Z","last_seen":"2026-07-02T13:53:26.326883Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"processhacker.app/images/ProcessHacker3.png","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.274Z","timestamp":1783000368274,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /images/ProcessHacker3.png HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff42-123a\"\r\nexpires: Sat, 01 Aug 2026 13:52:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VqUFsIEKwjLigAl6mreOqlgpXMr4mExANENZJZqV11KqHO8QLW6sPIzZkacK5BV9YNJAR9mJQq3IdXVyB%2FHMleO55L9qQr3oIDYTK942BB1%2Fs4YSso9qcMcoh6t0imiPGgrkrw%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14e220dba100daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4666,"size_decoded":5404,"mime_type":"image/png","magic":"PNG image data, 650 x 199, 8-bit colormap, non-interlaced","md5":"fe2096251f1243dccbbb651e4100f45c","sha1":"c0348d26b39cec13ef264bded28456516bfa58c9","sha256":"face7ed012fe7a753e7332c99401515cda93dfa6a8639134e4791fa41d0e86e2","sha512":"c6a5183acc3a22d77bed04cef6a6a31202b2e58b3926806ef75e6ba96c08eca494591bfd2e67f1d13fbc38ee4d35c956d42042bca49993172292a828836829d3","ssdeep":"96:TVoO2R8UAYQ+pWO1EMf2QteB2c9HJC3vkfAWGjEJodoiHTinZPsttimuEz:TVYR8LByl2GeBR9HDAW1JCHTDoEz","tlshash":"4da17d6bdcac50763d0d9bf68512c871cb6ad3bb4a6c15181ee41af40597d0d4f4c3ad","first_seen":"2026-07-02T12:49:13.519103Z","last_seen":"2026-07-02T13:53:26.323743Z","times_seen":2,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/images/icon.webp","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:49.739Z","timestamp":1783000369739,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:49 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\netag: \"69eeff42-bac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EjdEHTZWfAgjV1W7NzQttwYb8jzKPv8eXmh0CVL8eCMHZ2h%2B%2FTT0w8uEROxxj5zY8suTJV0BJXm8JgFiTv9p2AgIaBhF5DSC2sTZAwhedDWIE4%2FQj3A08aQTHh3QHTq3EK34uw%3D%3D\"}]}\r\ncf-ray: a14e2216eb8e0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 2988\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2988,"size_decoded":3737,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6cc17108c34feb90a0ff945e24270f1a","sha1":"1ca994b7ba99822ff436183f016e3b5105ed9138","sha256":"275afb29e8ab872dca2a4d22021a5deb400049d3bc39a1d0ccf47f91d4c87927","sha512":"d7c6dc1dba3c3d53e690ab63c00cc1e18687955058a1b7910d45e49ac38d020134c601add3b432a53dc01dbeba5c443f384bb381b4cb14470d2e1d684fa7ac1c","ssdeep":"","tlshash":"45514caded35dd8bd67a913f4caf77739bf8a0280281648b81bac8099644a63d1d3c04","first_seen":"2026-07-02T12:49:13.492683Z","last_seen":"2026-07-02T13:53:26.324647Z","times_seen":4,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-Z5ZY3X5BBH","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.258Z","timestamp":1783000368258,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:39:04 GMT","end":"Mon, 07 Sep 2026 08:39:03 GMT"},"fingerprint":{"sha1":"6D:E4:85:F4:01:A4:0B:02:E0:64:E2:F2:58:93:6D:3F:4C:AB:30:9D","sha256":"4A:07:79:34:AC:03:17:68:07:4A:CB:68:23:A7:E3:14:B2:DE:22:3C:E1:AE:8D:F5:2F:2E:2D:C6:28:58:47:CE"}}},"request":{"raw":"GET /gtag/js?id=G-Z5ZY3X5BBH HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: zstd\r\nvary: Accept-Encoding\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\nexpires: Thu, 02 Jul 2026 13:52:48 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 165042\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":485343,"size_decoded":165646,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"52c257dc956baa5b95120eda0f124151","sha1":"55f715362d20dc899535b57b9eab470b101d3a08","sha256":"8bf881600e57d357940630ff14401cf68ead8d47732c3fb95f998ddba7d108a9","sha512":"cac847a3a05b1f90884a28e25e2339916bc948f3c190322b3eeea06e1df111c9022d67f63d9b061c45bf73bdb5d0016debaeaf4864970077e5e2019eba11f042","ssdeep":"6144:/LnAtCn0dFkiqGCvJwXQd7pcxIGQznsWjfGUpEGmwvPrLi:znAzFB0AQQUpEZEni","tlshash":"bca4f8cdb3d674265396f478903f018ba57b28a2b44cc899f189cce42e7465a8277f7c","first_seen":"2026-07-02T13:53:26.325253Z","last_seen":"2026-07-02T13:53:26.325253Z","times_seen":1,"resource_available":true,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":2,"connect":15,"send":0,"wait":44,"receive":45,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/images/icon.webp","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.280Z","timestamp":1783000368280,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\netag: \"69eeff42-bac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NgqwRtU0TvSqcVNzN84mTl%2FB%2F99O%2BnhKbtujKFZOu%2BZSUyjQ9c9vqDr15rMsnKR0izksQY%2Bk%2FIXWuZInXYm36Gbxi864R7xyLwEDn5GkX9qPr74t3rySwP1cEny%2BaIyEElJleg%3D%3D\"}]}\r\ncf-ray: a14e220dca140daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 2988\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2988,"size_decoded":3735,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6cc17108c34feb90a0ff945e24270f1a","sha1":"1ca994b7ba99822ff436183f016e3b5105ed9138","sha256":"275afb29e8ab872dca2a4d22021a5deb400049d3bc39a1d0ccf47f91d4c87927","sha512":"d7c6dc1dba3c3d53e690ab63c00cc1e18687955058a1b7910d45e49ac38d020134c601add3b432a53dc01dbeba5c443f384bb381b4cb14470d2e1d684fa7ac1c","ssdeep":"","tlshash":"45514caded35dd8bd67a913f4caf77739bf8a0280281648b81bac8099644a63d1d3c04","first_seen":"2026-07-02T12:49:13.492683Z","last_seen":"2026-07-02T13:53:26.324647Z","times_seen":4,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.252Z","timestamp":1783000368252,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 15 Jun 2026 08:41:02 GMT","end":"Mon, 07 Sep 2026 08:41:01 GMT"},"fingerprint":{"sha1":"FD:DA:E1:3E:1F:AC:E0:96:14:ED:37:58:30:0F:ED:9D:B4:5E:F1:EF","sha256":"7D:36:0C:A4:14:F6:05:8D:F4:E1:CD:BF:84:A7:03:AD:3F:C4:93:AE:B3:D6:7E:99:CB:92:D7:1F:29:A1:49:A4"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 02 Jul 2026 13:52:48 GMT\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17689,"size_decoded":1563,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"30e76aaeae29f594433bc728a08b4d8f","sha1":"ac1b677b4d702295e7802802376ddd8c84acbc13","sha256":"395e51e3dc84faf99710da8cf316e573703addd6eb598e1b334eff76653e820d","sha512":"93b1661d34210abbdb2c6cca46bb229254b615ba07c05dbcadb65199b9d1e61e18dbb4302236e89188ddc34be20528f503f6140358f82385b1f0e621f93ec4d8","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kV:8KYXuM0p2+g7GQK","tlshash":"b1828892002ba400ab971dc233cf7f3aaece10896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-11T05:09:40.151737Z","last_seen":"2026-07-03T01:45:23.820286Z","times_seen":4686,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":15,"send":0,"wait":36,"receive":0,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/js/language.js","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.261Z","timestamp":1783000368261,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /js/language.js HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff42-629\"\r\nexpires: Fri, 03 Jul 2026 01:52:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=89VTOsVEWUypCVzD6i5aLEzBBYBIGNaQ9E0lY%2FaAXaTeCE8QGFlCrsl%2BAPY%2Fzo3ZhOjtVnIEv3bD4guDKd1LtAfalV06KEtFFkFkKc3%2BivqeNp0kbYVmwGRef0idWhVNkxX8QA%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a14e220daa0b0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1577,"size_decoded":1472,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"9a70eeedf303886ec22b59fbc3d2378f","sha1":"b45625e68d557e1549783f8140020ac017f36cb7","sha256":"c9c47a51b73a519f7c563fa2909dc194e58035f3dcc53dbc4d45586eef4a8da9","sha512":"1e8c7c839252dee82cd1ae63c9873127c59d8e4e5fcfe7bfd1ab1e6806cb405ac032dfc0e5bf45251020cd779d40e97525090a2ab6794ab7f2b69349d1bc98e7","ssdeep":"","tlshash":"f531e0d9589321a9e5369338316d3e14e5b943a326012d167fbcc3d14ff7520c0a0dec","first_seen":"2026-07-02T13:53:26.326883Z","last_seen":"2026-07-02T13:53:26.326883Z","times_seen":1,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/js/script.js","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.262Z","timestamp":1783000368262,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /js/script.js HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Sun, 24 May 2026 17:09:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a1330dc-2428\"\r\nexpires: Fri, 03 Jul 2026 01:52:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EzVsrTnzI3R8z2IC%2FkzwstkuhFCBhiRovvopLGKWkAT38cQ9XM5pyPEyVm158Fbx2pYlbBf%2BesKfBU8ab3UGBTwnseu3E9N7EbJbMctJiM8XVu5KbkUDguyNTPI7qAf9UgkI6w%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a14e220daa0c0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9256,"size_decoded":3027,"mime_type":"application/javascript","magic":"ASCII text","md5":"bce86642b36f3429d5d2e7378dc0b537","sha1":"68932162ebf03b7e95a4cf74b13e43318fecdd05","sha256":"706f2935dc8a616514b937521a6b618a75bb5565eb36a1bafcc128cc9ae543ab","sha512":"1d9e238de60bee2ef64c059df79f1a96d948ec57e7518fbb393bc1c1395810b27e95544f594285c770bbab67ff73993f6673b7587c72bafb8bf07facf827019d","ssdeep":"192:PADZtFLbCx6el1OdlUUhePqyiWVLtCabSgVCzSPAYi8IDY9iKqMkYO5:Pqie","tlshash":"2412105e26b72036497331b96b8f65443a3620437842de083f6d87841f93b715dbabde","first_seen":"2026-07-02T13:53:26.32794Z","last_seen":"2026-07-02T13:53:26.32794Z","times_seen":1,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/images/ProcessHacker1.png","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.271Z","timestamp":1783000368271,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /images/ProcessHacker1.png HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff42-ff80\"\r\nexpires: Sat, 01 Aug 2026 13:52:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=A%2BGUqL%2BFS7zoDtbLrE%2F%2FYLPYF0tOMzlB3HMtQf3aohMdvJjh54M3kYeqz3PYojMCiTEEziyhMNyR02Ysp9EBxxdrxI5%2BtKYMx0QkKsrZVmYfPQvVdPTOJaiJh3IM1mjdhxhZxQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14e220dba0e0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":65408,"size_decoded":59659,"mime_type":"image/png","magic":"PNG image data, 1141 x 707, 8-bit/color RGB, non-interlaced","md5":"3798fdfc8b6f8299fb62b5abdc8e902d","sha1":"3cb5f9513353938fc78dbb47b5fdc91eb7c39306","sha256":"5a24fa59a77ad8b6af7af98f67a78d6c3d38ecd3fe2fc7e1a32a0fdf21a51792","sha512":"dc15378b86008ba8ed378ed23cee28e18925eb21a8625ce4e04ac1facf9115d8253fbb95920b1d8d10567f8f6fec32858337358e99eb03c3014266d3300342a4","ssdeep":"1536:WC6ym15N0EjQoM8cCyECIpR2TiB4ce3hyfhvI9cOOx5mw+WpSA:WKo5eEN2CdC02sK3MiOxkw+Wpt","tlshash":"bf53e14d89eb4268ecc89433b6671390f37922ef5292c1cd1dadb175cd8227d58829bf","first_seen":"2026-07-02T13:03:42.157112Z","last_seen":"2026-07-02T13:53:26.328868Z","times_seen":3,"resource_available":false,"data":null}},"time_used":265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/images/ProcessHacker4.png","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.275Z","timestamp":1783000368275,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /images/ProcessHacker4.png HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff42-204f\"\r\nexpires: Sat, 01 Aug 2026 13:52:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AGdMhEYMa%2Fy74fNlCi6dxkbPxmHdyWttbiVRgNUUa7qMP0PMqEILvnfHY8XHWXOEyPLX0yCu4GAKOEhMUIETuYRF9St9OVJZKxX1ziVjghoOWKyPn83pdyogWvH89aOwWZ4WKQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14e220dba110daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8271,"size_decoded":8909,"mime_type":"image/png","magic":"PNG image data, 641 x 296, 8-bit colormap, non-interlaced","md5":"cd0f2465c01b72e22c6714b5036e2da6","sha1":"3dc3b57c950a2465fd51f74bb92e7f90b552cc2c","sha256":"0da1d39f7d75f3107856e65f6566ffd10c081fc2d79323d14b16dc1da8d8f143","sha512":"98d39b829bc406b7e33644996d27e925f86b8e0c59d9808cf52c510ca77079a430dc3ef37a0bae95c4c23459b37fb5a947690d5f240aa2f97c18514a8b636969","ssdeep":"192:pNXyE4uZ/MLflCOmUzDcwXzOUkdVPOd11gt1OX7TkGQrG+3qiEipqt5:pNyE4uZ0ZmUzDcwXzBkzkgt1EFiD3qi8","tlshash":"f002b033cab341ba6e0a817b9ecd9dde0fd025110127d2db4dc645b87e92ea44b496f4","first_seen":"2026-07-02T12:49:13.505929Z","last_seen":"2026-07-02T13:53:26.32949Z","times_seen":2,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/images/ProcessHacker6.png","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.277Z","timestamp":1783000368277,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /images/ProcessHacker6.png HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: image/png\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff42-2e4d\"\r\nexpires: Sat, 01 Aug 2026 13:52:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DAQJP6NGVtVaom%2B1RlGWMexqM6ClS2mQXHikeMSvdMdq4%2BTNziJdd%2Bd4nV0Slk%2BoM7iFUdDAvYboQp59lO1jmhhnVHT0Rvw%2BEg%2BH2GOagD2gtCIGScCzC3UUq%2BiJfu2B2MwhoA%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14e220dba130daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11853,"size_decoded":12425,"mime_type":"image/png","magic":"PNG image data, 621 x 325, 8-bit colormap, non-interlaced","md5":"741b08c81a22e4803de53cd7009a724c","sha1":"0e50c4ed10066dd6217952a3cc22345620792ba1","sha256":"8bafba9caa98bf5de30d12fa0d496bdf273d8156906f6d8eedd7800bdf44e846","sha512":"2d931cf2e32f72d08bbe5155125fc43bcf9df9a035e10d7a3a2672f3c7b103fdb4a08eca23a999eeabdc237b6cddefef9067214f542fb740526ca865a5f11e22","ssdeep":"192:PzmF3dXtpCVe/n9fm2SWnvdfVrgnQoWSDSiFyOe+fLS/UOUS704V4Xdc:PUvwynRlSG1mnDSEpe+T0r04V/","tlshash":"c632cf76db1bfcd9cd32d62c4438380121a25bc51ffcb1a86c956f92e3830b2536a6d4","first_seen":"2026-07-02T12:49:13.520338Z","last_seen":"2026-07-02T13:53:26.330432Z","times_seen":2,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-02T13:52:47.624Z","timestamp":1783000367624,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:47 GMT\r\ncontent-type: text/html\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\npriority: u=0,i\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I3sAziinWNbsCUusN1C%2F%2FKTNBoNkp%2B9CBaB7SQ5fcBeLckYU%2BEjJuC0p%2BXpYpoPzv%2BkMPhM53hD3Y0VF75af5ay6rWI5MdgUmyY%2BHBzGMpGN7GAOCEk8AIsi7GS7KGMQeRhLcg%3D%3D\"}]}\r\ncontent-encoding: zstd\r\ncf-ray: a14e220a396a0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":103908,"size_decoded":15603,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (524)","md5":"2a47294a62012f9c337af270f8af5e55","sha1":"89ce455a654326d8d62e17cf356a6331a7f5ba73","sha256":"e534873a0fde19fb671fbb7674fb225a8a8f373ecbb965154ebe4e11b58ccbb9","sha512":"b42eb91bd82d3e326c27536f1d04e5387d13b899dc14728fd7f302f9cd0a36d7e96cc64059dec72f0be997614ff8f3633124f2e8d162353c732fe5144d48efcb","ssdeep":"768:s6Xh1josnbNpWH7FRgLLltPedf4h0lj45kA8euopxioDPU6xiLdxXsrl/kAf:posnbLHW8tpPUOke","tlshash":"1ba3a77263f415a950cbc2f2ea66673aaf78c657d63b448cb3bc81506fc7c46ca03654","first_seen":"2026-07-02T13:53:26.331394Z","last_seen":"2026-07-02T13:53:26.331394Z","times_seen":1,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":58,"connect":21,"send":0,"wait":150,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@tailwindcss/browser@4","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.17.208.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.255Z","timestamp":1783000368255,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Wed, 22 Apr 2026 00:00:00 GMT","end":"Fri, 06 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"65:D9:C4:7E:04:4C:FD:DD:60:E0:CC:18:B5:B7:01:68:B4:2D:C7:34","sha256":"50:6C:A4:F6:ED:74:C7:E9:68:DB:32:56:5A:68:4C:98:ED:01:28:36:F8:13:BA:CC:19:A7:FD:7A:0A:6E:E7:D4"}}},"request":{"raw":"GET /npm/@tailwindcss/browser@4 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Thu, 02 Jul 2026 13:52:54 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 68133\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 4.3.2\r\nx-jsd-version-type: version\r\netag: W/\"43730-cv+oV5vtIBy0YKTZKfkeYqCKtgY\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230233-FRA, cache-bma-essb1270054-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\nage: 37764\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bk3QKS4uAlrE%2Fgpz5sV1xmZs%2Ft7RZZPpvdcGyMPJ3%2BbyYcmMlsfhvb74e%2F%2B3JHzSxst83bGCDijhu%2BrMrKGXSePnBKO0M6oLGlElEjsgXfcAYAoujzVWiklHZjfrafN8TXY%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: a14e2235aabeb521-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":276272,"size_decoded":69269,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65267)","md5":"4ab42b0053e976bc3a170bb73eb47e4a","sha1":"72ffa8579bed201cb460a4d929f91e62a08ab606","sha256":"d04446c80203b7517ca833115e9bdcbd87f1ff709a9f4f7ca48804604129d782","sha512":"99037b4ad0b354997eaf089e5adf9afec0ccea6b9c15223adfab27d897fc4877c105d68bfeb093ea1c04e9aff378393131689519862e1385a478cb9157abb99e","ssdeep":"3072:O3M3h4O2WMhWAY/LBcDcQKwod0PNTsVPYoYZGJtgXoul5VWR8cWiYVSi5+0Lra2Z:D2OT7jaWsNxy0uOz","tlshash":"cf442b353603a03e5fbb43da20de6004d62e6b65a75841e8f782d51b21e5af809f7f39","first_seen":"2026-06-30T06:12:31.279404Z","last_seen":"2026-07-03T03:09:44.104071Z","times_seen":33,"resource_available":true,"data":null}},"time_used":6423,"timings":{"blocked":-1,"dns":3,"connect":1,"send":0,"wait":13,"receive":2,"ssl":6403},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/images/ProcessHacker5.jpg","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.276Z","timestamp":1783000368276,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /images/ProcessHacker5.jpg HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff42-8912\"\r\nexpires: Sat, 01 Aug 2026 13:52:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qWlLSoCDtsan4nPzst3d%2BYUgF7gkuiAITN5c0cSWxkx4EPwUR04XBYZKwA1LWfj5%2B%2FXDj1Cnm9h4AMhIT4UJKyzjR6lu4uh26gT%2BHPXDJlQPXHJCL1gP%2FeAa0CEdGtgWeaT40A%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14e220dba120daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35090,"size_decoded":33896,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 393x261, components 3","md5":"27550c377f1373a8f7a0f56c0040489a","sha1":"5f12d008b2ae97af7336d67fa917fb1f7cb0242b","sha256":"af1cfeb95f3adf2e74a06ee49c2bcb5bb90ba8fc528cf765b52cd81ef46fd74e","sha512":"8ba5a8f0e4679496f3aa2679d2db871a575f4654b3c1ca79cf74714aeb11d9c65be0012b916b26ab4e24b2817393fe8cf15c722ff99d2eb78eb4e9101f8b7271","ssdeep":"768:ruFA3xco5tunB+vDFWrSmSjVydeXdJDgjXvU7689i+dFmi:n3xh3rGA8eTD+vU7689ioFmi","tlshash":"56f2e08c006ec4cef8dc4275e1b153b47c971ca02562e7798e96f27f530792db9a8d4a","first_seen":"2026-07-02T12:49:13.515916Z","last_seen":"2026-07-02T13:53:26.333061Z","times_seen":2,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/images/icon.webp","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:49.741Z","timestamp":1783000369741,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /images/icon.webp HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:49 GMT\r\ncontent-type: image/webp\r\nserver-timing: cfExtPri\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\netag: \"69eeff42-bac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ist0qyRXfBItJGxIo8FcS%2BQrF7EW%2F3Hgjx6YzQYUYRccTsxwTnntsB7FDQfRn67AiTyjuUA4VyEuD8jxre3ArIewp2Qh00RV3MGOGk58VkjD2MX7LtAUk5SrN2pApJm%2FojUcYQ%3D%3D\"}]}\r\ncf-ray: a14e2216eb8f0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 2988\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2988,"size_decoded":3737,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6cc17108c34feb90a0ff945e24270f1a","sha1":"1ca994b7ba99822ff436183f016e3b5105ed9138","sha256":"275afb29e8ab872dca2a4d22021a5deb400049d3bc39a1d0ccf47f91d4c87927","sha512":"d7c6dc1dba3c3d53e690ab63c00cc1e18687955058a1b7910d45e49ac38d020134c601add3b432a53dc01dbeba5c443f384bb381b4cb14470d2e1d684fa7ac1c","ssdeep":"","tlshash":"45514caded35dd8bd67a913f4caf77739bf8a0280281648b81bac8099644a63d1d3c04","first_seen":"2026-07-02T12:49:13.492683Z","last_seen":"2026-07-02T13:53:26.324647Z","times_seen":4,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/css/styles.css","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.256Z","timestamp":1783000368256,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /css/styles.css HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff42-1c1e\"\r\nexpires: Fri, 03 Jul 2026 01:52:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hOXJYVhcPNb7Kptt%2B0zvfc7mYbAaud0sEf60ZCzdFYHSUbYuBhCcBkhl5LLwVtR8XCfNhfW6V2fFT3%2FHiHrYxLJQoH9tru5l342L9h72CB7kU0szzyTd1BJeaFZ3oAI%2Fk0gbcQ%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncf-ray: a14e220d9a080daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7198,"size_decoded":2781,"mime_type":"text/css","magic":"ASCII text","md5":"4e899140905c55cb1127a647da9dcffe","sha1":"f7762f502ca1e924b3513aab3aebf6b2cda342a7","sha256":"e65e26b1d780f0e230c90713e976f3ddb87ed252569074a571fc922beff781a4","sha512":"5e23496a6602eff8fcf13c397406cfc0c02ea727132b738cb1198f471633d3887eb5d906f9adb80dfc0bfb011c1fe0f7b3a925459230e5e35e8b815ef99e1080","ssdeep":"192:pC5mMfjRUDfjR1smgpeaPSV47FNqWC/AEHbUBfWGfd89vb+bDD:6scPSV0","tlshash":"7fe141445ba31404609b81a9d3fba298633c94479e0bde6dfacf32858f491a472a3f5d","first_seen":"2026-07-02T13:53:26.333693Z","last_seen":"2026-07-02T13:53:26.333693Z","times_seen":1,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/js/navbar.js","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.265Z","timestamp":1783000368265,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /js/navbar.js HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff42-2e98\"\r\nexpires: Fri, 03 Jul 2026 01:52:48 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YeOfmTmhTggP9DmIQpI9pT4b8DLRp6C7zb585cS3oDAV8%2BAZ8UYfj5kQDfqQ8b96hFDg%2FfLwCyIOLXVgLC356Ll0a0jPr5SBIQWqypRHezo7hf26WjrhwO8%2FMgi23w%2FqSuR0Uw%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\ncf-ray: a14e220daa0d0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11928,"size_decoded":3172,"mime_type":"application/javascript","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (312), with CRLF line terminators","md5":"c4e9ff679fa18406a1b861f4f72a146e","sha1":"5a6801625c0d2268ec2c8c5dd9860db2f0bc48ef","sha256":"333d2bfd863b1c2b6ed518bc380ca5d91f4ce5eb625815aa4c49c4eda60c551a","sha512":"6c6078455632fecffdfb566d361f76696b5c890fbaf902a7516a58783c1220d763af9b6c5d8edc50aa84217ac553be1101ea7f5440ddc83a4bccff7b9ec56181","ssdeep":"96:QaVGz90FVysYZUMPWZp28UYuBFsqs2nDTYfzvvckpobOfVOVba:DGz90SX+u3ns2nDTYrPp66ce","tlshash":"b13233a4a4d1106fe1f782b673bb793cedad45a3d103a888727c91978fb6c055b039e1","first_seen":"2026-07-02T13:53:26.334684Z","last_seen":"2026-07-02T13:53:26.334684Z","times_seen":1,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"processhacker.app/images/ProcessHacker2.jpg","fqdn":"processhacker.app","domain":"processhacker.app","tld":"app"},"ip":{"addr":"104.21.66.72","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://processhacker.app/","date":"2026-07-02T13:52:48.272Z","timestamp":1783000368272,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"processhacker.app","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 25 May 2026 21:43:53 GMT","end":"Sun, 23 Aug 2026 21:43:52 GMT"},"fingerprint":{"sha1":"02:FD:D4:0F:4E:28:DE:A4:C1:73:A4:54:23:CA:AB:7E:CF:5A:D4:C7","sha256":"AB:79:F5:29:85:AB:04:C2:B9:FF:5A:9E:4A:DF:82:36:4D:ED:E7:35:E9:65:2E:AC:FE:49:DA:4D:31:F5:E8:DF"}}},"request":{"raw":"GET /images/ProcessHacker2.jpg HTTP/1.1\r\nHost: processhacker.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://processhacker.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Thu, 02 Jul 2026 13:52:48 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Mon, 27 Apr 2026 06:16:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"69eeff42-5b35\"\r\nexpires: Sat, 01 Aug 2026 13:52:48 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=r1zVupQzcqIQKQ3SjgL7WGzMD5rCOvfrdr7baTYMvPPQ5oM0bMw2lRI%2FtSuC2aLfo9xuhZ7L0lq0cft%2B3IyZ%2Fpa6r4Td3EfpbHmpld4uT8T7E4JWZ28I2GtI85ONzJy7NVq39A%3D%3D\"}]}\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncf-ray: a14e220dba0f0daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23349,"size_decoded":23333,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, baseline, precision 8, 393x194, components 3","md5":"fa5ec5d33418d2a7911e410fde78ae73","sha1":"9f705455945f7b7d182450f4bc8ab8bb778ff5ba","sha256":"af6c2ccb0194b6c011c4fc22a6809a2c2deecdd91953eac6a85de4412f9b9306","sha512":"f4f3eaa3be56337323c6d23d644201baa722a2c24987c2ad687d585d7b3c55bf4a4be95f1bb6216399c0da2aaca6b421990626a98581094b3e50416ce946eb8b","ssdeep":"384:oKcCJAcTFDVozhgOztQWcumNWA5R1jTlzrKOOK48xIr8Fc0niOIpPq1iXo4:oKFRIa7tRdzr/rIg+pi1iY4","tlshash":"bba2e1d9721ba198a50cc9f70402f5cd6c4c46d3ac919a0d2aa69ef87ff13d42cca674","first_seen":"2026-07-02T12:49:13.496811Z","last_seen":"2026-07-02T13:53:26.335759Z","times_seen":2,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-07-02","alert":"Sinkholed","trigger":"processhacker.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}
