{"report_id":"ad56cb0d-c34c-4aca-9eaf-6ca0aabdfef6","version":6,"status":"done","tags":[],"date":"2026-02-04T13:30:24Z","url":{"schema":"http","addr":"capcutmod.net","fqdn":"capcutmod.net","domain":"capcutmod.net","tld":"net"},"ip":{"addr":"172.67.144.222","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.capcutmod.net/","fqdn":"www.capcutmod.net","domain":"capcutmod.net","tld":"net"},"title":"CapCut Mod APK v14.8.0 (Premium Unlocked) August 2025","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"capcutmod.net","fqdn":"capcutmod.net","domain":"capcutmod.net","tld":"net"},"ip":{"addr":"172.67.144.222","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-03-11T13:30:24Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":7}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"intermediategillsevent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"blogger.googleusercontent.com","ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":4332,"first_seen":"2012-05-25T17:41:01Z","last_seen":"2026-02-02T03:52:29.679756Z","alert_count":0,"request_count":11,"received_data":2218563,"sent_data":7387,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.capcutmod.net","ip":{"addr":"104.21.39.112","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-01-30","domain_rank":0,"first_seen":"2026-02-04T13:30:25.226917Z","last_seen":"2026-02-04T13:30:25.226918Z","alert_count":0,"request_count":3,"received_data":201529,"sent_data":1329,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:5.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"capcutmod.net","ip":{"addr":"172.67.144.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-01-30","domain_rank":0,"first_seen":"2026-02-04T13:30:25.2282Z","last_seen":"2026-02-04T13:30:25.2282Z","alert_count":0,"request_count":1,"received_data":95475,"sent_data":482,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"intermediategillsevent.com","ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-11-06","domain_rank":0,"first_seen":"2025-11-20T22:32:29.615074Z","last_seen":"2026-02-02T15:27:54.882212Z","alert_count":2,"request_count":2,"received_data":195077,"sent_data":922,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2026-01-28T21:46:08.862696Z","alert_count":9,"request_count":3,"received_data":96170,"sent_data":1415,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2026-01-29T01:11:36.221251Z","alert_count":3,"request_count":1,"received_data":85956,"sent_data":415,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-02-01T22:30:37.402665Z","alert_count":0,"request_count":1,"received_data":20344,"sent_data":512,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"protrafficinspector.com","ip":{"addr":"3.73.195.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2026-01-28T14:28:55.84725Z","alert_count":0,"request_count":1,"received_data":426,"sent_data":450,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-02-01T22:32:08.727296Z","alert_count":0,"request_count":2,"received_data":178019,"sent_data":902,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.capcutmod.net/","fqdn":"www.capcutmod.net","domain":"capcutmod.net","tld":"net"},"ip":{"addr":"104.21.39.112","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"592c459f3c8592c55571099ca60891c7","sha1":"8cf93679b1c16d9a1c7f7d91d17c51e8681fca23","sha256":"0019a4942ebaeceeb12eca7b7280b88b8319bd54eb458146cee980341f51812a","sha512":"33e8ece402d06d431a2b985f8518c6dabc604c97b43093e365c965e1afc45962fe682159201ea52469733e7423e85fc2f1871ef9ec94955de66890b1698a50cb","ssdeep":"","tlshash":"0fe0c0c4140194f3943e25ef1ad59a5cb9316859b8ff0910f04ab0483dad40f4341e81","size":337,"data":"","first_seen":"2023-03-10T14:20:49Z","last_seen":"2026-06-04T13:14:03.122933Z","times_seen":221,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.capcutmod.net/","fqdn":"www.capcutmod.net","domain":"capcutmod.net","tld":"net"},"ip":{"addr":"104.21.39.112","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eventHandler","is_inline":false,"md5":"1ac31bb22462484bccb9fb7b19c0b302","sha1":"eb1ef7902c9d5cf1c03709e04b031ee15aa0033f","sha256":"82915ea5e9ed075161096d65dddf2ea9bbe16449ab8c3d1036bfc4ba2b55e1af","sha512":"2da701eb2bad2a09cf4919cd9cab2df1b2c66c434466ef7ab0954af30b740735a33016f52caa84bf7f834d65dc9bbf18dd867a80a97e0d3d176aa68ea4ec6454","ssdeep":"","tlshash":"d6800008003030300003030c02838000003a0c0300c003200c0a000002b033c2822c22","size":27,"data":"","first_seen":"2023-05-04T23:26:03Z","last_seen":"2026-06-04T16:04:44.339549Z","times_seen":627,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"intermediategillsevent.com/ab/75/ec/ab75ec185db7b3ffb5b20df3939ccd57.js","fqdn":"intermediategillsevent.com","domain":"intermediategillsevent.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:02.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intermediategillsevent.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 21:41:45 GMT","end":"Sun, 05 Apr 2026 21:41:44 GMT"},"fingerprint":{"sha1":"99:6B:87:FD:27:5D:D6:67:9C:70:2A:41:2F:FE:C2:C3:0C:90:08:1C","sha256":"7A:19:1F:A2:32:47:16:04:78:DA:14:22:2B:3E:CB:64:84:1E:2D:48:F3:F4:82:78:B9:AA:5D:39:45:AB:84:7D"}}},"request":{"raw":"GET /ab/75/ec/ab75ec185db7b3ffb5b20df3939ccd57.js HTTP/1.1\r\nHost: intermediategillsevent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 04 Feb 2026 13:30:02 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 33230\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: intermediategillsevent.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bea92ee6d690924f8e96e15de68edf8a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87584,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"71f51867e5925059d72f7091fa64107b","sha1":"5333da709c4a0452444a2fbc5a5369b9d54d8588","sha256":"a751ec241575639413992d1442e8d2d126a608ea0005a1d83a96789dd3379b1a","sha512":"e879d79be80521428827e14fcf2bb46ce5bf03c5f82879f59d7c80d01a3d294d8be3b93b2b14fd3497c70a95b78f17aee66fd8696e48a5071904d88d588d5bfb","ssdeep":"768:zcH8b+r6K3NTEjxl+BM6Gyc9cW3LSczlk7PuVilkBDfxdaC+d3T2ZQU0BoLo5ok/:zMGqXe6Gy19SClmxdHqDKQU9LV4","tlshash":"c583d8487f85b869035660733a2fd02bf16edd215084d898e14ff9ac2eb871de736725","first_seen":"2026-02-04T13:30:29.892952Z","last_seen":"2026-02-04T13:30:29.892952Z","times_seen":1,"resource_available":false,"data":null}},"time_used":813,"timings":{"blocked":307,"dns":31,"connect":92,"send":0,"wait":100,"receive":94,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"intermediategillsevent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:02.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/bootstrap@5.1.3/dist/css/bootstrap.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.1.3\r\nx-jsd-version-type: version\r\netag: W/\"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 04 Feb 2026 13:30:02 GMT\r\nage: 3176510\r\nx-served-by: cache-fra-etou8220177-FRA, cache-hel1410025-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 25229\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":163873,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (65306)","md5":"94994c66fec8c3468b269dc0cc242151","sha1":"ec16bd19bf4ae9bc2e2336ac409a503bbbdaacad","sha256":"62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab","sha512":"190194d1f30c8b6dfcb80f9afdb75625fa5418a52405d81f15d8019bbd92510e817b25a3a18feda27d2d1231fe3921fd88fe037e1fbb1ccd08f5fe5e4742ffe3","ssdeep":"1536:4t04T8if0W8DsEBpy0cuJBf2rIWE5e0VUpz600I4fM:4t04/0VUpz600I4fM","tlshash":"c1f3b4dbf581341dd4a7c259a4d1bffd052f4586e3025aabb0277bb88b892c70963e4c","first_seen":"2023-04-05T04:27:21Z","last_seen":"2026-06-06T15:16:20.852904Z","times_seen":24693,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":13,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/37/3e/5e/373e5e2fb359bee9def6387c09bf85dc.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:02.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /37/3e/5e/373e5e2fb359bee9def6387c09bf85dc.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 04 Feb 2026 13:30:02 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 33276\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: aa8246a3642f64692e7ef3a7830a68d3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":87545,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"1a2bcb2826b7e7f9434f2d40d99821f0","sha1":"967e2915d7a8cc59a612b86eaa29779ba4eaa3d9","sha256":"14a194b318ac27096f64e8ef3aa7f322ebfb7d4db22b88bb909b799e38d254a8","sha512":"e1e38b42f20d7dfc094aa1c6c899e17d2036fd6af9bc952bb9726469ae938660dd6dc133b05fe3460707e640b36f4c1395a6911b06de4aa7a7fd168c8604de28","ssdeep":"768:zObo+56aNTUjxl+BM6Gyc9cW3LSczlk7PuNidkBDfxdaC+d3T2ZQU0BoLo5oky4:zw0qne6Gy19SidmxdHqDKQU9LV4","tlshash":"1283d8487f85b869035660733a2fd02bf16edd215084d898e14ff9ac2eb871de732729","first_seen":"2026-02-04T13:30:29.894889Z","last_seen":"2026-02-04T13:30:29.894889Z","times_seen":1,"resource_available":false,"data":null}},"time_used":780,"timings":{"blocked":290,"dns":7,"connect":92,"send":0,"wait":97,"receive":103,"ssl":187},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaGV9WmZkQpg77GI5GTZr8xeicX5tdiierCkYIS1Ef5C3rYPEYdNIRf0XnawkrGNzTCVhskRdfvIQKpQanDMS-ywxS6yr9tUCop7b4UjIR3t-r27omz6_CiXGpX90wzSR5ZXL9LBI4bZT7YyR4UO-T3E3S1fSGgKYs1cw_DfOr8QisIixCfrTzyZp0MA/s554/images.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjaGV9WmZkQpg77GI5GTZr8xeicX5tdiierCkYIS1Ef5C3rYPEYdNIRf0XnawkrGNzTCVhskRdfvIQKpQanDMS-ywxS6yr9tUCop7b4UjIR3t-r27omz6_CiXGpX90wzSR5ZXL9LBI4bZT7YyR4UO-T3E3S1fSGgKYs1cw_DfOr8QisIixCfrTzyZp0MA/s554/images.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v11c\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"images.png\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 4065\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4065,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 554 x 554, 8-bit colormap, non-interlaced","md5":"9f6d5ef0cdd5aa12f23c4b0d75b93dda","sha1":"7a7f2e8b1d94b9e50adb9a5d405b5f7d4362dede","sha256":"7a8609e2a6e6d0ed0963e27c5b721a3159e59928cbc8911cb95adfe9203be304","sha512":"da424987cc2c8b47e24811fc8f4da5087e623fd64c6020a31e764cd61edd3e5694f0b45383d6b7d57e614fa096ced7c16d53e4c0b3f6bbcbd12007633c9cbfeb","ssdeep":"","tlshash":"ef815a7ec3c80639ab3ba124f695fb0ac055613cc1a94e70315cdf5a2c574fc09a04f2","first_seen":"2026-02-04T13:30:29.895786Z","last_seen":"2026-02-04T13:30:29.895786Z","times_seen":1,"resource_available":false,"data":null}},"time_used":468,"timings":{"blocked":103,"dns":25,"connect":9,"send":0,"wait":235,"receive":0,"ssl":94},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMlyztN_hBy1UgZRBoDW3IN9fQtlZgNQVnigYU0luQbHmRI5kP_qh3zFO16kbCOym_W19GtMfQBZHM_dbK9mT0GUqCHoDYjju7T-9vtemAHu1PABVNKKKEbCz-F5LOHizatWO-DZNdbyojnlWZXJhZ3uP2pn1Iq4aOT5l5LCuaElFgjNRY_6P6vAvhYw/s1920/unnattmed.webp","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiMlyztN_hBy1UgZRBoDW3IN9fQtlZgNQVnigYU0luQbHmRI5kP_qh3zFO16kbCOym_W19GtMfQBZHM_dbK9mT0GUqCHoDYjju7T-9vtemAHu1PABVNKKKEbCz-F5LOHizatWO-DZNdbyojnlWZXJhZ3uP2pn1Iq4aOT5l5LCuaElFgjNRY_6P6vAvhYw/s1920/unnattmed.webp HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v126\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnattmed.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 300843\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":300843,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1080x1920, components 3","md5":"c7fc3f373a9da7eb0d7ba554573d7a9a","sha1":"808da1d1f69e364b0a951e219f4718f0278af19a","sha256":"ca7834bf3adbda9285aed90c57e89869bd8cafaa5f64415ab4fc4491aa60036e","sha512":"a4a39bfb2b28f66e1cb9c0f38bd852efcf2586916bd0df1774e8c906da06d7e9dedb0dccf2def999376711d456ed618d082a4a3663ccca9630a39fab30879583","ssdeep":"6144:Er6+lXMoUrA5gPplJOw6GHclvIreYiye8p6H7iiFYDbrqo7N0HJg4:GdlKrA6gw6z7fygbPFgbrqo7N0B","tlshash":"38541254adff57135b16ba12e90fd5c6facb8d1eba84a2f8e056b40d35dcb801c8a0c5","first_seen":"2026-02-04T13:30:29.896729Z","last_seen":"2026-02-04T13:30:29.896729Z","times_seen":1,"resource_available":false,"data":null}},"time_used":471,"timings":{"blocked":96,"dns":24,"connect":21,"send":0,"wait":235,"receive":16,"ssl":77},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMeTGWFTRTy5WvT21CGh5DHbDEvY5PpGWlgWnXF8rINT_Ra_o_GC9yM9coTNUT2vVB2v_7yOArVcMrApfGsmbTHQJtrsVL7V3kU7uuHE8a5UlMbDFqBYcIDPS2pYbQfp4NRZoXgnn4eOk66O1EJkfZ24ujrb_w4YIFcmCvAikzRA1fdzgIG984YzsnFg/s1920/untvyvnamed.webp","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiMeTGWFTRTy5WvT21CGh5DHbDEvY5PpGWlgWnXF8rINT_Ra_o_GC9yM9coTNUT2vVB2v_7yOArVcMrApfGsmbTHQJtrsVL7V3kU7uuHE8a5UlMbDFqBYcIDPS2pYbQfp4NRZoXgnn4eOk66O1EJkfZ24ujrb_w4YIFcmCvAikzRA1fdzgIG984YzsnFg/s1920/untvyvnamed.webp HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v128\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"untvyvnamed.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 201801\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":201801,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1080x1920, components 3","md5":"8c92d41fbaa7ad31386b9c4c58410711","sha1":"bc43c4867f455a59cb463a594b5ac6971d2939d7","sha256":"00023accba2f75419336e18b98fe881831fbedeebb992561299b72df37d4b0ce","sha512":"d00f4c0695011e5c917918bb4e762417f58e36db88cc8924481b07d63fd6dbf68829b258ed990e99f095e7eccefb03ca13c5dea8a0885d3246e4e181938afa97","ssdeep":"3072:qqlDTJsJuE/EU8rbXY+gPBjXISyKxWRvsezm87jiR8L+GG4LVivCAf62Aoc1f6ta:LTJYx/h8rbuRrWTBVivlHw1ciyAxpkm","tlshash":"411412214bf5878a571bf129ea4d44d2f463254e7283daf3b0c7a0e774ebd8e6424398","first_seen":"2026-02-04T13:30:29.897662Z","last_seen":"2026-02-04T13:30:29.897662Z","times_seen":1,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":221,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.capcutmod.net/","fqdn":"www.capcutmod.net","domain":"capcutmod.net","tld":"net"},"ip":{"addr":"104.21.39.112","port":80,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-04T13:30:01.382Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.capcutmod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nDate: Wed, 04 Feb 2026 13:30:01 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nLocation: https://www.capcutmod.net/\r\nReport-To: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5rOMfboeU2hvmnZpmmCmrtPEPyyPlNsFQ4Vkyrfn2QrG7V3YdaTOC5xaSib0DzyeHXK73G2XOneBv2ZSJ6j1oTLTKB%2BD%2B0i7Mv1SwRW26Xzq\"}]}\r\nNel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nServer-Timing: cfEdge;dur=11,cfOrigin;dur=0\r\nServer: cloudflare\r\nCF-RAY: 9c8a852ee99c5a0f-OSL\r\nalt-svc: h2=\":443\"; ma=60\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":94783,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T15:09:47.269258Z","times_seen":16181626,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":42,"dns":42,"connect":1,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:02.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Dec 2025 23:36:36 GMT","end":"Sat, 28 Mar 2026 23:36:35 GMT"},"fingerprint":{"sha1":"0E:EE:1D:ED:80:5A:CA:0C:1E:93:89:94:78:B7:34:91:38:D4:89:51","sha256":"CF:77:1B:FB:04:67:32:02:DF:D9:38:24:27:3D:A5:98:54:0C:4D:BA:C5:1B:62:FD:C1:E1:17:57:6F:63:B3:BF"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 04 Feb 2026 13:30:02 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ac17d663e4da326498c61d2a57110e89\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-06T15:35:14.172879Z","times_seen":18168,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":62,"dns":1,"connect":19,"send":0,"wait":27,"receive":20,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVFla1-ww5xIcUGbVAhpnS2KykSXwI7Ib2FqQjQhRhOa1qhNneLPCxRtKpQgPAelJlhmzOdjcwhzUNQsdP0jntFwRdgCARh8QAp-e4Ycu-nQ3Pb7VkCYcS6xv0Glnhg9s7rkuRd2RcfcPw0leOxEQ56iCyau_imO52C4wqTZ1wARulbhNY-Y1KXHNhtg/s1920/unnaymed.webp","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjVFla1-ww5xIcUGbVAhpnS2KykSXwI7Ib2FqQjQhRhOa1qhNneLPCxRtKpQgPAelJlhmzOdjcwhzUNQsdP0jntFwRdgCARh8QAp-e4Ycu-nQ3Pb7VkCYcS6xv0Glnhg9s7rkuRd2RcfcPw0leOxEQ56iCyau_imO52C4wqTZ1wARulbhNY-Y1KXHNhtg/s1920/unnaymed.webp HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v127\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnaymed.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 256850\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":256850,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1080x1920, components 3","md5":"bc39ac95036d365002c4e1502a1df7a3","sha1":"17098f20dd1b2963f9806008b160cfadebe9794d","sha256":"a15b9186c69c42968adb274a40b9ca0ce192c896efbee6397b19bf50b22191e3","sha512":"dc18fd92674bb316f2a96a8d326255821a27afb8e60c80659ad06ed91445e5060bcad0fa177c077edb5ac83444c24cb12beb8111a4a461e4145c25e3eee1cf96","ssdeep":"6144:grRqpImNeIWnTNEX8E40h0/XbvTaUuvnap67ax2mbeZus0pfjl:OR9NpnGX8b0n5a07y2mKZYpZ","tlshash":"cd44122ae3b1cb6343222ab4db2f24d6f4970d5d7181c0e9fbd2b4652dfe59816780c6","first_seen":"2026-02-04T13:30:29.900517Z","last_seen":"2026-02-04T13:30:29.900517Z","times_seen":1,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":81,"dns":25,"connect":20,"send":0,"wait":210,"receive":35,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhGp7WE_-GPI4RwHMvDNw3DIVRnmvYzBlQzCGhLbgF4GHwBqQ1b2Wy3GACCV9_-9X-0bpt0pAjIlKQITihGbY9QjtZJdn0FZpCHqNEKURFl3YClHwZy2zhVLYuyqMRmreC0xAgr_H1j05kcDK7ZkWU17TS7icWhNZN90puNQo5VZ0k8aQU4UKZ1HMsWYA/s1920/unnatyyumed.webp","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEhGp7WE_-GPI4RwHMvDNw3DIVRnmvYzBlQzCGhLbgF4GHwBqQ1b2Wy3GACCV9_-9X-0bpt0pAjIlKQITihGbY9QjtZJdn0FZpCHqNEKURFl3YClHwZy2zhVLYuyqMRmreC0xAgr_H1j05kcDK7ZkWU17TS7icWhNZN90puNQo5VZ0k8aQU4UKZ1HMsWYA/s1920/unnatyyumed.webp HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v126\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnatyyumed.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 284192\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":284192,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1080x1920, components 3","md5":"86d2f91b8543bca90853c677aecc9554","sha1":"197a51b2f4b7c670a86a37ba46146ed5a8434748","sha256":"a2cc99ac1008153eb464351f2c448aa7b6d0036324e71356751dd52a25323ff2","sha512":"2e905e2fe2976d6273e595e9f5f53185720f9f9623811edf3920d50fe083e988a07f902f522cfc14b49df3f6a99e57393bf3206da22d2c9f36724a5dde2d2dcb","ssdeep":"6144:SIVXyNCtiRyddfIMbi5bnJOzxpBVuG1cNGcroj22lNEvwCsHF4+T:DVXay8MbAne16N7oj22/qEt","tlshash":"35542390b7665b8aa3c8f775e35db4274b5201fb73948f080746b6aeafe5446833b043","first_seen":"2026-02-04T13:30:29.902412Z","last_seen":"2026-02-04T13:30:29.902412Z","times_seen":1,"resource_available":false,"data":null}},"time_used":489,"timings":{"blocked":95,"dns":24,"connect":21,"send":0,"wait":241,"receive":28,"ssl":76},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJpdwLaFwn13nwWKMPvkLomPNUaTgobJBau1X973Y9KCIc2TH8Nsfnll1-ngD04KycU-boUlzwzD73HFGakC-iaP0ZeRJXwXra0QqZYi4QP7IxPqIGEHmsxOa8WaGGkpd1Kv6hKwiQOt64d7eTfbdgkW7hCWgQzTDOKJ37D2wDMl7zG6CbfhBRYELSxw/s1920/unnavyyvmed.webp","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEhJpdwLaFwn13nwWKMPvkLomPNUaTgobJBau1X973Y9KCIc2TH8Nsfnll1-ngD04KycU-boUlzwzD73HFGakC-iaP0ZeRJXwXra0QqZYi4QP7IxPqIGEHmsxOa8WaGGkpd1Kv6hKwiQOt64d7eTfbdgkW7hCWgQzTDOKJ37D2wDMl7zG6CbfhBRYELSxw/s1920/unnavyyvmed.webp HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v125\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnavyyvmed.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 311206\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":311206,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1080x1920, components 3","md5":"ab8580e9065e987c9cd3e176cae21b01","sha1":"d940aa9883e33c80e4e07ee5d8f6efc77fd72f30","sha256":"3d64334a3e4da4701bdbbb6fc4340e0de992106338c842340ce82d652fe7c012","sha512":"925c65b0f514270d2f0d0e79e861a0191bf9f4e6d78eb3b0f54d2cc0f396f709f7cc686a11b4f9e70333286237477161a3a98aa783de6866c47d8815672013cf","ssdeep":"6144:beKnp4EvfPWtTSNdz4zrB+kZXo5kuBL6k5RVPavCq:hGEvHWVSXMY5kuB+k5/Pg","tlshash":"0f6412a7db84ab13843487e57d072e6d6b16690cfec1b6bd14e39c8f7a21633288d14d","first_seen":"2026-02-04T13:30:29.903556Z","last_seen":"2026-02-04T13:30:29.903556Z","times_seen":1,"resource_available":false,"data":null}},"time_used":412,"timings":{"blocked":68,"dns":23,"connect":21,"send":0,"wait":213,"receive":33,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1sQHvFCbdDUituBTaFUrAzxEhTSNVDYt9lOWjNbwT5Fnl0Y20xNOI7QxpR9tB8o417oi0rkn3fWTnUOQZXt1wPYDb9tD6sX2ECL0KQxR6E0prMF4F8gaIbROHakeiDiIYlkYZzixsLo3mHqv0VdTN8etGg_AoIUDLLeoiCHpWdETVfnDqarsNrmV02g/s320/ccmn.png","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEh1sQHvFCbdDUituBTaFUrAzxEhTSNVDYt9lOWjNbwT5Fnl0Y20xNOI7QxpR9tB8o417oi0rkn3fWTnUOQZXt1wPYDb9tD6sX2ECL0KQxR6E0prMF4F8gaIbROHakeiDiIYlkYZzixsLo3mHqv0VdTN8etGg_AoIUDLLeoiCHpWdETVfnDqarsNrmV02g/s320/ccmn.png HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v12e\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"ccmn.png\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 4801\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 320 x 101, 8-bit/color RGBA, non-interlaced","md5":"1433558bad62d04dede47adf76e8f2b7","sha1":"cb6b6b99593c49958115e937e2373ff52b39fe67","sha256":"bd5177477c33bbfc95c5992a7c50277d0b16a4ccf76092eed4b5459cc9ee2168","sha512":"ccc4cf6e708a417d18a33cca58d25c7276fc3f3118391a00620b41bf3f7f70e05638a4d67beb69decf920812d3948f2be353a3b6608b331f47833f068e605c83","ssdeep":"96:rthReVUawEGluW641yC4uygNvNenfkaJqQNJK5PWFd9zb9C:ZTM14qujNi8aJdNc5O/ZpC","tlshash":"79a15c616070e6008e1f543d36b61f63d9d79e6095faef72c1abd23da48ac1212b3848","first_seen":"2026-02-04T13:30:29.904422Z","last_seen":"2026-02-04T13:30:29.904422Z","times_seen":1,"resource_available":false,"data":null}},"time_used":275,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"capcutmod.net/","fqdn":"capcutmod.net","domain":"capcutmod.net","tld":"net"},"ip":{"addr":"172.67.144.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-04T13:30:01.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capcutmod.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 18:11:34 GMT","end":"Fri, 10 Apr 2026 19:10:19 GMT"},"fingerprint":{"sha1":"B1:E9:EB:83:FC:2F:96:22:35:C3:03:A4:15:DE:54:21:D1:87:B3:22","sha256":"32:B3:D8:3A:F3:4E:47:01:80:BB:2D:F2:BC:10:04:76:08:28:60:B4:08:00:B8:F1:35:83:9A:A6:0E:C9:05:E3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: capcutmod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Wed, 04 Feb 2026 13:30:01 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nlocation: http://www.capcutmod.net/\r\nserver: cloudflare\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=8,cfOrigin;dur=27\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7EztNdDvxIwpZZ0lj8i0Igb0qkkoWMMX%2B6wGQELH%2B8SzAvVtxrDUmY7m4m%2FtAhVp4CqTvkCm7pPQ0W4bfWia014lrwUaIi1fxS6F8Js%3D\"}]}\r\ncf-ray: 9c8a852e59660daa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":94783,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T15:09:47.269258Z","times_seen":16181626,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":50,"dns":32,"connect":1,"send":0,"wait":38,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/jettheme/js@0.5.5/main.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:02.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /gh/jettheme/js@0.5.5/main.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.5.5\r\nx-jsd-version-type: version\r\netag: W/\"3122-6kmtk52Xy6HP/Wr2Rx1SXQewc0A\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Wed, 04 Feb 2026 13:30:02 GMT\r\nage: 1601776\r\nx-served-by: cache-fra-etou8220144-FRA, cache-hel1410025-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 6103\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12578,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (12577)","md5":"6fde6634cd4204232b3d56c45f4666fc","sha1":"ea49ad939d97cba1cffd6af6471d525d07b07340","sha256":"94b103190c505e7ce35a8f196437db358e5d45c0071c0f65231c0e6211316826","sha512":"e5aa3e03a0c9dc3d2d375bfd136b1acc11921b955c66656c9ac4e4485c85cc0e79f7f5dc9e8c98e96ff41a757022f2d08d42a8aa0584f698090c6523534cfd6e","ssdeep":"384:5mKsbSj3i1mgl92xc2gsktaPAStVUzWq3i7kAg9h502BCqi4lby:kTbW3iVlQc2gsktaPAkGzWq3i73gpAqS","tlshash":"71420a9a718c742795037874908f160b456f7a378a0884d4a1ac8fbd46bdc7c776be7c","first_seen":"2023-03-10T14:20:49Z","last_seen":"2026-06-02T01:26:48.309977Z","times_seen":204,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":38,"dns":3,"connect":14,"send":0,"wait":13,"receive":4,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:02.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 20 Dec 2025 10:36:27 GMT","end":"Fri, 20 Mar 2026 11:36:07 GMT"},"fingerprint":{"sha1":"C6:6A:71:84:C2:40:13:D1:A4:B7:DF:C4:1C:E1:54:F3:76:97:EF:6B","sha256":"EC:09:93:3E:E8:5D:9E:7A:B0:D9:7C:6D:85:49:92:10:89:9F:C8:FF:A5:1B:90:BB:AB:86:7E:D9:BA:0A:1C:4E"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.capcutmod.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Feb 2026 13:30:02 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 22 Jan 2026 17:06:04 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9c8a8532ab7756ae-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-06-06T15:02:39.368948Z","times_seen":337269,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":10,"dns":0,"connect":1,"send":0,"wait":33,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:02.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 04 Feb 2026 13:30:02 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3468\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 03f1e6eab7a0cc1a18c585ffd7eb0a92\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6412,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6412), with no line terminators","md5":"ad4dbe3fe355a2ecc52bf4861b932d02","sha1":"5625a8edae53265a720c2a2966f11f2c1f21dca4","sha256":"d95fbf673a21ccdb6dcacb69b2bc9e7744b8188adc55b04e582043e73bf2ea91","sha512":"5e111c1ac19606e23ca3524def6fd6b04fd89ac27e696d3603f5f9320fedf05e7e899273946173b5dde021dbdbc6a2461465985b2c13d0c7d4f8ca583cd2cba6","ssdeep":"96:Egrhh1NDNEJitqJYNJk8rWVSeApOT17khUiklM3F5Ken+XYsIr5nBm9StOJkN9do:EUhhvwitG8r0R7eklMVN+XImeOZFvg4","tlshash":"b4d1a68e7740bc640752b87b7b1f7516f5ea8e20189e980ce0067cd83e68d2dd67bb91","first_seen":"2026-02-04T13:30:29.906841Z","last_seen":"2026-02-18T11:59:33.838891Z","times_seen":946,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":291,"dns":14,"connect":92,"send":0,"wait":96,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"3.73.195.171","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:02.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.capcutmod.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 04 Feb 2026 13:30:02 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://www.capcutmod.net\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=e0ab1581-37a9-4160-ac08-67143eca12de:1:1; expires=Sat, 02 Feb 2036 13:30:02 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"b60ac0bbce87be85761a50da87c8509c","sha1":"8d4fb8a6d168383a35d926024be5cd977e177e8c","sha256":"6d9518bade748fc46b036a71a234b48546ca71d6dd30d79a0a11a60e09bfd818","sha512":"3afed36706659a4fe82dbd248da0b78b7d55d915eb4acb7200ae8312075769d71de6fe7f56e2e7632abc0c0fdd7885dd4585cbcedf7143aaceb82f1fbf97d13e","ssdeep":"","tlshash":"af9004144447031c750dc01c11410dcc4057c5111f51331c5d355dc47dc743d137d110","first_seen":"2026-02-04T13:30:29.907703Z","last_seen":"2026-02-04T13:30:29.907703Z","times_seen":1,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":193,"dns":35,"connect":21,"send":0,"wait":23,"receive":0,"ssl":135},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1247\u0026rd=1247\u0026fd=544\u0026bv=26.2.5104\u0026tmpl=70","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:02.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Dec 2025 22:08:08 GMT","end":"Wed, 25 Mar 2026 22:08:07 GMT"},"fingerprint":{"sha1":"BE:03:A2:AD:89:FD:C3:94:0E:B0:AC:88:9E:E3:AD:33:6F:39:72:EA","sha256":"86:5E:AF:03:20:81:8A:65:09:C9:A1:D4:22:8C:8B:1F:82:60:C9:82:6B:01:09:E8:98:E2:F3:DA:A8:3C:D5:71"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1247\u0026rd=1247\u0026fd=544\u0026bv=26.2.5104\u0026tmpl=70 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 04 Feb 2026 13:30:02 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T15:09:47.269258Z","times_seen":16181626,"resource_available":true,"data":null}},"time_used":694,"timings":{"blocked":300,"dns":13,"connect":92,"send":0,"wait":94,"receive":0,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9b6Lqt2cPVkdPI2dIhMd4Tg4WcyHYeJy-cUtb_E3_SGfQvPOM2ESUc97BxKfujSqeDVIAyfeDLQAou_0PlRO-ZZLut8jOweVuNdM9r7bAh7beVuzoJaBBH-8VU9wDYX95RgJ4ktqiXVkfndVi5OWY3faR6FPidwtWGNeY-szBQZMu6mRGw6aNFhdG8Q/s1280/20240611_212110.jpg","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.665Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEj9b6Lqt2cPVkdPI2dIhMd4Tg4WcyHYeJy-cUtb_E3_SGfQvPOM2ESUc97BxKfujSqeDVIAyfeDLQAou_0PlRO-ZZLut8jOweVuNdM9r7bAh7beVuzoJaBBH-8VU9wDYX95RgJ4ktqiXVkfndVi5OWY3faR6FPidwtWGNeY-szBQZMu6mRGw6aNFhdG8Q/s1280/20240611_212110.jpg HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v130\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"20240611_212110.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 74464\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":74464,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 1280x718, components 3","md5":"35aa1d7fbe659c50e1ce3430484e3980","sha1":"1492b99fd68c85e4e5efb77c5d60a4298ec82119","sha256":"492e7803168aaaf4bdb3936c571198d075814d10cb242a2ebde2eb9a52887df4","sha512":"5fc4237e7502e18c461cd805aed1c720f6cfac1bbcdbf7da01d4c13df9cf59e0926edc4e204bde1b61e34e7a840bd8700494c6286399b51d9e9eebcdbe624d89","ssdeep":"1536:Sv8OJeT5TaQsYC1mddKW0t51JHp4HdrXoWa/jfnn6tQ:Sv8qQsYZd8t+NX0r6tQ","tlshash":"f3730293268278e3eb8d15b6cf4baa2d150e8d667258e35f5144d478df13297a370ec0","first_seen":"2026-02-04T13:30:29.908518Z","last_seen":"2026-02-04T13:30:29.908518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":69,"dns":27,"connect":7,"send":0,"wait":197,"receive":18,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQXDrcJjh2u1vedFyt43gNBolu3Wp5htvTE03H39iru-B62_mKepLnyo_-V_Y_IHtk3zKhkvrp1MQtB60Fd3LD5dJKaTmKXZ3FRw_4wwhT8eH5Xe3_67490NO6f6MAcRQ-DGwE1jcYItOaVnoue7cTZCPhUSoOnS0yvIdNT-xMV-f1isgkk0zkZzw8DQ/s1920/unnaycvymed.webp","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEjQXDrcJjh2u1vedFyt43gNBolu3Wp5htvTE03H39iru-B62_mKepLnyo_-V_Y_IHtk3zKhkvrp1MQtB60Fd3LD5dJKaTmKXZ3FRw_4wwhT8eH5Xe3_67490NO6f6MAcRQ-DGwE1jcYItOaVnoue7cTZCPhUSoOnS0yvIdNT-xMV-f1isgkk0zkZzw8DQ/s1920/unnaycvymed.webp HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v127\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnaycvymed.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 243795\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":243795,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1080x1920, components 3","md5":"2e61bbc555ec4d5fb43ef19cfbea6e82","sha1":"9715a33c1c7a24a3f80de83bed2b7ffc16aa65b9","sha256":"9979beaac97cccf970c29473a1d360490dd356c385f1776a0d91cefe7f53a8f1","sha512":"bcb894a097bc5fed78709e36f85d7e1e325b6de49d3d94b36f999207d8b478d4dc33c51dffa5a54c910e32220e397074d9bc0682359408c465e5d00292dba8e7","ssdeep":"6144:HMXjkupVaMiqI5fLP93BC7HNtlzA0NyV+gBTF6Pwz:HMXjkdMFAzGHNNyVFBQe","tlshash":"3d3401b8a771e7134b657a489d5c4dd3f8960e1c36c483a4e9c76c2b66fe1cd08b428e","first_seen":"2026-02-04T13:30:29.909208Z","last_seen":"2026-02-04T13:30:29.909208Z","times_seen":1,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":63,"dns":0,"connect":0,"send":0,"wait":219,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoZ0ujZ6gi-SicF20PbwBMtTzTJgAEWchl3-NSTRX93fx1FsjLHz-v4op95Ux_lbwEHSxWRbkaDlTiirbW1j41O7ZBRhXGOZFEoYL2NI7lQ5hS2IXL4hky5wNCjUfR7ov85TUdLN6kFXX10w12HTAX67v7RD1S6gCln7_XtwpeomMQ7E-9TkwCeq5BZA/s1920/unnvubiamed.webp","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEgoZ0ujZ6gi-SicF20PbwBMtTzTJgAEWchl3-NSTRX93fx1FsjLHz-v4op95Ux_lbwEHSxWRbkaDlTiirbW1j41O7ZBRhXGOZFEoYL2NI7lQ5hS2IXL4hky5wNCjUfR7ov85TUdLN6kFXX10w12HTAX67v7RD1S6gCln7_XtwpeomMQ7E-9TkwCeq5BZA/s1920/unnvubiamed.webp HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v128\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unnvubiamed.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 264854\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":264854,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1080x1920, components 3","md5":"d5da0613cb5f054de541baee96296752","sha1":"9077921bd28bd795829c4766d81deb9bd52b262d","sha256":"5542df6c264605f6da8cc3df7fee18c524ffc780b714acd989f8eb4cb54ebc7c","sha512":"fe772dd689ac4d6c5c8dbebc577a164e8be2d7252b20df35d47483a348a62ea3702e43f33c247cf506c4fd74eba447cfde4e4955ba9dd34dcfd4a08734271c25","ssdeep":"6144:CtgVyczcKpgwM0iaV++HtmIwZDocLxst1EvHCECT8:g3cYKpPM0bVPtmZ594afLCT8","tlshash":"8e4413b5e73207f3eb02f540d70d0be6b15a2b9e7c8711e9e093f85ab09a49c3d65854","first_seen":"2026-02-04T13:30:29.910148Z","last_seen":"2026-02-04T13:30:29.910148Z","times_seen":1,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":205,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLwIqBBEyfvq_u1T8YMSviwlhkDn3Ez15CyDEFivOUNDGypeZ-EO95q7OLni_LpGcy_QwmjPqZBiNDMUYbeoFgQWgkUYaQ3hTI2XvsbXGVWJfl4nd0_NH7d4q8BI6Je-OWLZ-Xlmt0BLyOyJabxtVSTt1OfoANh0q7SBfwVcxU4SXX9FJYP4WmUKdsog/s1920/unncyvyc7amed.webp","fqdn":"blogger.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.1","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 12 Jan 2026 08:37:51 GMT","end":"Mon, 06 Apr 2026 08:37:50 GMT"},"fingerprint":{"sha1":"18:9D:1C:F1:BE:AC:20:F1:12:31:21:42:4B:35:60:ED:92:E4:20:4C","sha256":"4D:6B:C8:7A:03:21:52:23:47:8F:18:52:3F:72:65:0A:13:00:BD:A4:8F:35:A4:8A:2B:9E:2B:EF:13:C9:66:B5"}}},"request":{"raw":"GET /img/b/R29vZ2xl/AVvXsEiLwIqBBEyfvq_u1T8YMSviwlhkDn3Ez15CyDEFivOUNDGypeZ-EO95q7OLni_LpGcy_QwmjPqZBiNDMUYbeoFgQWgkUYaQ3hTI2XvsbXGVWJfl4nd0_NH7d4q8BI6Je-OWLZ-Xlmt0BLyOyJabxtVSTt1OfoANh0q7SBfwVcxU4SXX9FJYP4WmUKdsog/s1920/unncyvyc7amed.webp HTTP/1.1\r\nHost: blogger.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nvary: Origin\r\naccess-control-expose-headers: Content-Length\r\netag: \"v128\"\r\nexpires: Thu, 05 Feb 2026 13:30:03 GMT\r\ncache-control: public, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"unncyvyc7amed.jpg\"\r\nx-content-type-options: nosniff\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\nserver: fife\r\ncontent-length: 266518\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":266518,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 1080x1920, components 3","md5":"902a878486fef16a00f7df7fa4f6d0c2","sha1":"cd53d2c584931be5aaa6f314e702b5458dddbf13","sha256":"327398aa7f5c06f4c5d482e7cbc8176dac1f90095118db7ad8cf94771a7858b8","sha512":"9e8af0ec68414ea5f90b5f5a8f8ff341adb2765f1418db6e9bda0a4eeb27df388dcd122d4110b5edb56e06860be8a9db28f46ab83819a28000f9d075af98e70d","ssdeep":"6144:LKFoE5i9uH8Immz84cJmy7SfdCcvISF58hLLKoszTS:+FZM2JAvmyWFCcvl58hLXsS","tlshash":"84441341bb9e795b13a1595c9fcf58bd0bc9e2ba29c493822f5c8c49e6c096087334df","first_seen":"2026-02-04T13:30:29.910935Z","last_seen":"2026-02-04T13:30:29.910935Z","times_seen":1,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":62,"dns":0,"connect":0,"send":0,"wait":215,"receive":76,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.capcutmod.net/favicon.ico","fqdn":"www.capcutmod.net","domain":"capcutmod.net","tld":"net"},"ip":{"addr":"172.67.144.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:03.678Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capcutmod.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 18:11:34 GMT","end":"Fri, 10 Apr 2026 19:10:19 GMT"},"fingerprint":{"sha1":"B1:E9:EB:83:FC:2F:96:22:35:C3:03:A4:15:DE:54:21:D1:87:B3:22","sha256":"32:B3:D8:3A:F3:4E:47:01:80:BB:2D:F2:BC:10:04:76:08:28:60:B4:08:00:B8:F1:35:83:9A:A6:0E:C9:05:E3"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.capcutmod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/x-icon\r\nexpires: Wed, 04 Feb 2026 13:30:03 GMT\r\ndate: Wed, 04 Feb 2026 13:30:03 GMT\r\ncache-control: private, max-age=86400\r\nlast-modified: Sun, 18 Jan 2026 15:14:17 GMT\r\netag: W/\"c3caeba4239c368d4841400272404ea14c8939d3e42c702f3b95698db00855e1\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 1620\r\nserver: cloudflare\r\ncf-cache-status: BYPASS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PupH13Gy9kBa%2BwsmWkRAZXvbPW1UkA%2FRIJIRSw%2BATQQ69OpuTFUkgCNyKtN7D%2BCkkCkUgjw7jPmoe1utB5pb5SJDGpNe0AVPGKY8xgGZUw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\npriority: u=6,i=?0\r\ncf-ray: 9c8a853cf82156cb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9662,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"9fe852d73ad9901e7686fda11ab6505a","sha1":"cd6dbaf7c612eb461dd2fd9a72fcc7730c635a84","sha256":"afdde2f6672f9f6b913f5952447442c6a44fc6e756ec88f1f5db716c55d064e0","sha512":"ac2ec8ee81923041527aeb8debe5c68fa3736f91c999283b8399d423e15c138524725d46d14bddb7b4f049ad8610142a5fff6cd5f07966979cd21ce0f30f32a5","ssdeep":"48:9/oJ4mk1FyOw+Saqc0laK9P/PNsaJUHjTUg8ixqpulSZwhKZAIYfNx6Bu:9X/DR6a+laIPXNsaJUPUJix71K+Z","tlshash":"66128865930e5163cd540f760a24efbd27207c42af60694c3cdabd9b3bb27ceb502116","first_seen":"2026-02-04T13:30:29.911843Z","last_seen":"2026-02-04T13:30:29.911843Z","times_seen":1,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.capcutmod.net/","fqdn":"www.capcutmod.net","domain":"capcutmod.net","tld":"net"},"ip":{"addr":"172.67.144.222","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-02-04T13:30:01.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"capcutmod.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 10 Jan 2026 18:11:34 GMT","end":"Fri, 10 Apr 2026 19:10:19 GMT"},"fingerprint":{"sha1":"B1:E9:EB:83:FC:2F:96:22:35:C3:03:A4:15:DE:54:21:D1:87:B3:22","sha256":"32:B3:D8:3A:F3:4E:47:01:80:BB:2D:F2:BC:10:04:76:08:28:60:B4:08:00:B8:F1:35:83:9A:A6:0E:C9:05:E3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.capcutmod.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-robots-tag: all,noodp\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Wed, 04 Feb 2026 13:30:01 GMT\r\ndate: Wed, 04 Feb 2026 13:30:01 GMT\r\ncache-control: private, max-age=0\r\nlast-modified: Sun, 18 Jan 2026 15:14:17 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=1,i=?0\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BkEG6XuRQY5JkxODruMWdO06tDQECnYi7kqWHCilYuaDygtnwQD86g%2FN00YZl22I4WBFQTwHe700atN5KzFn0TcrlJ66HmqbV4ZM9G7WhQ%3D%3D\"}]}\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfEdge;dur=14,cfOrigin;dur=356, cfExtPri\r\nvary: accept-encoding\r\ncf-ray: 9c8a852f0f8b56cb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Bootstrap:5.1.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}],"data":{"size":94783,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5823)","md5":"8b3a535dd4b3d2c48952928a157d3ee2","sha1":"cabb6e9aa16447c58cf9e6b0f915c78119a2a881","sha256":"93c14ef944780ce87d74b8e1267da040f45aab1e14aa1b956ba723039c8c74c0","sha512":"6c2ba5b985457e85e4c7667061c0d7e4765bde677f4e7ba85fd907458aa9d19f3ba0d36db4a1c8faac2b4e129a00e446cd5a41c6e80b04a542b046f344c3b2b1","ssdeep":"1536:Wc9Ks7R57v25kAwXM4rGSa6ouv+7KZXWFrlbtm4lvHeOl4K4tKeucidgH8O/PkFF:is7RakAwXM4Jouv+e4FjH14K4tKej/Pi","tlshash":"c3935cabb2a01038a04743fdf736f7a5372e6087e646c509f56d42985fc5a91c4b3ee8","first_seen":"2026-02-04T13:30:29.912777Z","last_seen":"2026-02-04T13:30:29.912777Z","times_seen":1,"resource_available":false,"data":null}},"time_used":411,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":380,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"intermediategillsevent.com/18/ce/e3/18cee37166f7e11b56267ae7331f7ef5.js","fqdn":"intermediategillsevent.com","domain":"intermediategillsevent.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.capcutmod.net/","date":"2026-02-04T13:30:01.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"intermediategillsevent.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 05 Jan 2026 21:41:45 GMT","end":"Sun, 05 Apr 2026 21:41:44 GMT"},"fingerprint":{"sha1":"99:6B:87:FD:27:5D:D6:67:9C:70:2A:41:2F:FE:C2:C3:0C:90:08:1C","sha256":"7A:19:1F:A2:32:47:16:04:78:DA:14:22:2B:3E:CB:64:84:1E:2D:48:F3:F4:82:78:B9:AA:5D:39:45:AB:84:7D"}}},"request":{"raw":"GET /18/ce/e3/18cee37166f7e11b56267ae7331f7ef5.js HTTP/1.1\r\nHost: intermediategillsevent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.capcutmod.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Wed, 04 Feb 2026 13:30:02 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 37912\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: intermediategillsevent.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 93ed565e564ee46a3fcf6ebe3a41ff1b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":105789,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2f46b36a6c756bbfd502c392e7db894b","sha1":"035c5c8a4d942152f59f46ce1c45bae706c0975a","sha256":"00bcdc822da651e935154d30ec929798f08fb28be15a42b78d9e7d0d7635c8c2","sha512":"5e1f18c673ed814ecc50bbaf797433d2091b6ce7698a88d33893827f30b388194be55e45347e3bbef840a6112300199a8a8056ae10007e9afe88e9b5e9392673","ssdeep":"1536:Jm/m4sg8ehF6YfaWiLxcxmq50R0R+xcavjXcCaS/mTqnG3K:bgxTAFqiqqLceOTqZ","tlshash":"dba3b78e7f80e1ac17567037223fe119f06a4e0170ccf59ce057e6ac6e6d716a93ab64","first_seen":"2026-02-04T13:30:29.913588Z","last_seen":"2026-02-04T13:30:29.913588Z","times_seen":1,"resource_available":false,"data":null}},"time_used":833,"timings":{"blocked":315,"dns":43,"connect":94,"send":0,"wait":97,"receive":96,"ssl":185},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-02-04","alert":"Sinkholed","trigger":"intermediategillsevent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}