{"report_id":"e8441770-550d-4bb3-acd5-4cccd57ef7ee","version":0,"status":"done","tags":[],"date":"2026-06-25T12:55:25Z","url":{"schema":"http","addr":"fixdll-helper.fit","fqdn":"fixdll-helper.fit","domain":"fixdll-helper.fit","tld":"fit"},"ip":{"addr":"104.21.72.60","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"fixdll-helper.fit/","fqdn":"fixdll-helper.fit","domain":"fixdll-helper.fit","tld":"fit"},"title":"The DLL that was not — Field Notes from the Loader","dom":{"size":71606,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (819)","md5":"7ba6429a35049d4fa00544e80a14b181","sha1":"23de77d312dafacd82f9b909c0ab7a96016725ae","sha256":"e6a369776ef66866702546765851da4c79d0be768f60b7a412ae1f54003b30ea","sha512":"4ceb6c66de2c397415ba7c3b4032cf02e5f7ed340996b64142653616c8061fe3a5eca999b5f6ef59ad13b22b6751349319e0dfedbe249bfbd8faff187807f794","ssdeep":"1536:eow00WcDR7QMdQdppDPmXI43qs/UaKW7d4l:MR7POdpgdba","tlshash":"6863d7a293f25233107344c2368f6b5fbba9d43bd54756207aec435c4fcaea8b163598","dom_hash":"domhash8b3ef2e1507097a831d527a2157dcf19","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"fixdll-helper.fit","fqdn":"fixdll-helper.fit","domain":"fixdll-helper.fit","tld":"fit"},"ip":{"addr":"104.21.72.60","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-30T12:55:25Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"fixdll-helper.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-21T22:19:08.810882Z","alert_count":0,"request_count":5,"received_data":127704,"sent_data":2752,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fixdll-helper.fit","ip":{"addr":"172.67.175.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-23","domain_rank":0,"first_seen":"2026-06-25T12:55:25.323257Z","last_seen":"2026-06-25T12:55:25.323258Z","alert_count":2,"request_count":2,"received_data":72983,"sent_data":996,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.3.31","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-21T22:22:12.048317Z","alert_count":0,"request_count":1,"received_data":14156,"sent_data":578,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"fixdll-helper.fit/","fqdn":"fixdll-helper.fit","domain":"fixdll-helper.fit","tld":"fit"},"ip":{"addr":"172.67.175.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a7677d5f9658e4c5445dea2676352393","sha1":"809e6d1419122f0c930618fffe2093128d5b46fc","sha256":"41c8381a3ce911e9567f6d3bc77eb9e2b993cf306e3f71ab395337eac3a0f59f","sha512":"04ee27a4e97a95a28de1a0ee0f71dd2c083b56fc8b31749915fc0423eec5da8a81bd4339ac9d99c28a25b13b4997981d50f9a8e229efdeb8cc4b16176362650e","ssdeep":"","tlshash":"85119c2abe95607ee07b5136c36fa35c3e3200075502c4027afce5d80fa0d16a965aea","size":942,"data":"","first_seen":"2026-06-25T12:55:31.533731Z","last_seen":"2026-06-25T12:55:31.533731Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/tinos/v26/buEzpoGnedXvwjX-Rt1s4C0f_Q.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fixdll-helper.fit/","date":"2026-06-25T12:55:02.139Z","timestamp":1782392102139,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/tinos/v26/buEzpoGnedXvwjX-Rt1s4C0f_Q.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://fixdll-helper.fit\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18868\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 24 Jun 2026 09:15:48 GMT\r\nexpires: Thu, 24 Jun 2027 09:15:48 GMT\r\ncache-control: public, max-age=31536000\r\nage: 99554\r\nlast-modified: Tue, 19 May 2026 16:09:12 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":18868,"size_decoded":19680,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18868, version 1.0","md5":"b2ff4ef5495d41f8fea415348020d205","sha1":"7df5ea26b99649061e39578438a4c48f4f6fcde4","sha256":"6b199a846d3766e7d35961162b6dc399cda36ff60d3f26ef022be685b609425e","sha512":"f7f6f3d1b4aa8a0c58ff3b421cffdb56ead648ddc3f55fc83e49b7d10eee746aebf694a52a2dec5a0af4042f30a617ce631bca47bd2ebf919fcc0a3c4412b6ec","ssdeep":"384:5nncoo5geiEGAsb1fbBV/clKofrhEC5GwkfdF4eRK7M8ZZolNl28X:5ncZyeHlY1NV/clfDB5iSZZWl2y","tlshash":"f882e0727cd1a2dad18a90de530e08feeef9e6b6a70083061a864f47bfd881175c5cc4","first_seen":"2026-05-24T19:04:58.305109Z","last_seen":"2026-06-27T20:05:57.732906Z","times_seen":13,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/tinos/v26/buE4poGnedXvwjX7fmQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fixdll-helper.fit/","date":"2026-06-25T12:55:02.142Z","timestamp":1782392102142,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/tinos/v26/buE4poGnedXvwjX7fmQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://fixdll-helper.fit\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 17848\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 24 Jun 2026 00:52:52 GMT\r\nexpires: Thu, 24 Jun 2027 00:52:52 GMT\r\ncache-control: public, max-age=31536000\r\nage: 129730\r\nlast-modified: Tue, 19 May 2026 16:09:17 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":17848,"size_decoded":18661,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17848, version 1.0","md5":"9399a8d32ba9c32d0eabd16e3a1a18db","sha1":"d4ccb922182cfa3aca768cfd677fa5881e62bfb3","sha256":"18505b57c8a016326da164a1e9a14e8d1c5081ae78e9fe7b57bb66a330ea4ef9","sha512":"b035ae55d0a38ce78a846c91ce8aac75e199eb58edf5f9360bf9193089cbc5c93fa897771d879f09f97b27d30a91b80f74d14395bedfbbf4a21aab58e5138f34","ssdeep":"384:btV3NdVshTelkCy6huBS1aDmlYkPZu+FewtIRk4ShSb89WabtXC3yS5:bt4hT6MBS1aDmqkRuiPtIRk4db897RXi","tlshash":"2c82d074dfaf6fb2c5035876aa2cf47346ca1aaede16948daf10491008f2718582c77f","first_seen":"2026-05-22T01:39:52.691732Z","last_seen":"2026-06-29T13:45:07.889178Z","times_seen":48,"resource_available":false,"data":null}},"time_used":73,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":39,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/tinos/v26/buE2poGnedXvwjX-TmZJ9Q.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fixdll-helper.fit/","date":"2026-06-25T12:55:02.144Z","timestamp":1782392102144,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/tinos/v26/buE2poGnedXvwjX-TmZJ9Q.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://fixdll-helper.fit\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 24 Jun 2026 06:59:47 GMT\r\nexpires: Thu, 24 Jun 2027 06:59:47 GMT\r\ncache-control: public, max-age=31536000\r\nage: 107715\r\nlast-modified: Tue, 19 May 2026 16:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":18756,"size_decoded":19569,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18756, version 1.0","md5":"33269a60b4f9e18d6108ee6def0ddfc1","sha1":"250d8daf45b2b9eb7b93a209ae018e28d5a37478","sha256":"55fe58e551b07fc6586e4e632d10ebf50339fe1f0f4ec97cb55a2abc7d18ff79","sha512":"7124530e8232813e500253812d217510bb2c778a96af81518b93477b619959e6ec4fc57a642f4a0dd863458d3033f90e108fc728b3a86df3f86a867dc35b730e","ssdeep":"384:eELAfG+l6uBYF0vs8MbmC4re7TN3dW1YVGSv55aI4TBB+3ZjRAfxMREVesaH:eEG9rvs8M8Cxp4Sv58I4T7AZj2JMoeL","tlshash":"cc82e0f1c10f01415eccea5ed27ed071e47e7888674258c44cd6bd87aab090ee43b683","first_seen":"2026-05-23T18:58:14.904851Z","last_seen":"2026-06-27T20:05:57.755346Z","times_seen":15,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":33,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fixdll-helper.fit/favicon.ico","fqdn":"fixdll-helper.fit","domain":"fixdll-helper.fit","tld":"fit"},"ip":{"addr":"172.67.175.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://fixdll-helper.fit/","date":"2026-06-25T12:55:02.255Z","timestamp":1782392102255,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fixdll-helper.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 15:22:13 GMT","end":"Mon, 21 Sep 2026 16:20:54 GMT"},"fingerprint":{"sha1":"E7:B9:A2:D0:2A:3A:17:A2:63:B0:76:37:3E:07:DC:26:93:60:2E:92","sha256":"80:18:43:69:02:B8:33:FF:45:D9:0D:3F:41:BA:5E:38:3B:E1:45:F7:B1:AD:50:26:A1:6A:AF:2A:B6:A7:A3:3A"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: fixdll-helper.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fixdll-helper.fit/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: text/plain; charset=utf-8\r\ndate: Thu, 25 Jun 2026 12:55:02 GMT\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mTOAOIPYa9Z7ozBg1Taip6Vq%2FY83WJulAuRD%2FSmBtByhyVK4t4YxVsOihK%2BFL0vgbbfGP0OnN2Uf8U29%2FW2YSjtUKoGJsC%2FyvlN8xyi%2F5VXDM7IxWBMT9ZaCrw9LQol9CxIBKA%3D%3D\"}]}\r\ncontent-length: 19\r\ncf-ray: a1141fcf1c755a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19,"size_decoded":694,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"595e88012a6521aae3e12cbebe76eb9e","sha1":"da3968197e7bf67aa45a77515b52ba2710c5fc34","sha256":"b16e15764b8bc06c5c3f9f19bc8b99fa48e7894aa5a6ccdad65da49bbf564793","sha512":"fd13c580d15cc5e8b87d97ead633209930e00e85c113c776088e246b47f140efe99bdf6ab02070677445db65410f7e62ec23c71182f9f78e9d0e1b9f7fda0dc3","ssdeep":"","tlshash":"1270000c0a0202082020002822800020080802022a802220000aa00882008000800888","first_seen":"2023-04-05T03:13:11Z","last_seen":"2026-06-30T00:11:10.954587Z","times_seen":37710,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"fixdll-helper.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fixdll-helper.fit/","fqdn":"fixdll-helper.fit","domain":"fixdll-helper.fit","tld":"fit"},"ip":{"addr":"172.67.175.242","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-25T12:55:01.277Z","timestamp":1782392101277,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"fixdll-helper.fit","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Jun 2026 15:22:13 GMT","end":"Mon, 21 Sep 2026 16:20:54 GMT"},"fingerprint":{"sha1":"E7:B9:A2:D0:2A:3A:17:A2:63:B0:76:37:3E:07:DC:26:93:60:2E:92","sha256":"80:18:43:69:02:B8:33:FF:45:D9:0D:3F:41:BA:5E:38:3B:E1:45:F7:B1:AD:50:26:A1:6A:AF:2A:B6:A7:A3:3A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: fixdll-helper.fit\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\ncache-control: no-store\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-type: text/html; charset=utf-8\r\ndate: Thu, 25 Jun 2026 12:55:01 GMT\r\nserver: cloudflare\r\nx-powered-by: PHP/8.3.31\r\ncf-cache-status: DYNAMIC\r\npriority: u=0,i\r\ncontent-encoding: zstd\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gpfU7Y940KsvAygNLDuZjxcZel7WLS2QR%2Bgn%2Fwia%2BOyTtXolHu92DyDtcFcYTwKxeRuTuO%2Bq6v7BllVwyP9uw8vSBoewmucNCsQq%2BxLafjSOgW0yysADdH3UnZpnvoK2SwZxOQ%3D%3D\"}]}\r\ncf-ray: a1141fc94bad5a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP:8.3.31","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":71598,"size_decoded":24095,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (819)","md5":"3ba1250d7ae05e6a5aa17806ee2cce0e","sha1":"6142833c656a9e9eb2d07f2998603d65c0c68eea","sha256":"3e7bd5cdf4ecd135b94d309a4c35464bf335c792a043360b6a390872e9574703","sha512":"f4c163e77d9338db3ca3e1bad2fa85c1f8a1265c13ca9524153cc6fceff6b9faaeb6ef5944dc454dd65b3d2baf503eba8e4fea61b3e2d1287e7fdde9b11278a7","ssdeep":"1536:I2w0yWcDR7QMdQdppDPmXI43qs/UaKB7d4J:wR7POdpgdbJ","tlshash":"7f63d7a293f25233107344c2368f6b5fbba9d43bd54756207aec435c4fcaea8b163598","first_seen":"2026-06-25T12:55:31.530724Z","last_seen":"2026-06-25T12:55:31.530724Z","times_seen":1,"resource_available":true,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":24,"connect":17,"send":0,"wait":91,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-25","alert":"Sinkholed","trigger":"fixdll-helper.fit","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Tinos:ital,wght@0,400;0,700;1,400;1,700\u0026family=Inconsolata:wght@500;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.42","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://fixdll-helper.fit/","date":"2026-06-25T12:55:01.737Z","timestamp":1782392101737,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /css2?family=Tinos:ital,wght@0,400;0,700;1,400;1,700\u0026family=Inconsolata:wght@500;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fixdll-helper.fit/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Thu, 25 Jun 2026 12:55:01 GMT\r\ndate: Thu, 25 Jun 2026 12:55:01 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13472,"size_decoded":1724,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"d578bd5bef7c533d15bbc2281d8afccb","sha1":"52bf7456dd2a994b8db7b47eaf45f34a1622cfb4","sha256":"01265ff39d2cf7665155989eb1a40b05ab252b01319b39b094604a752ea55aaa","sha512":"e7d2205f3592ce6467ee1ae82e685894bd2470c992cf517de6f454183db03fb113bdfa7fd3ed7fe86c2d01078bfa3efe49d14fbec52f7e264cd576954487fd68","ssdeep":"192:cQajLQecjxwOnUO9OuOHLOo3O1OOWOkrLUrdrSrGLrx3rBrCWrgEMHIo5G1WeewJ:c02KU4jgN3uStPU5mI13tlfvAP2","tlshash":"11529d92046ba400ea475dc127cf7e33ed4e611a7449d17eaffe18c8acead265364b0d","first_seen":"2026-06-25T12:55:31.531897Z","last_seen":"2026-06-25T12:55:31.531897Z","times_seen":1,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":16,"send":0,"wait":34,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inconsolata/v37/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fixdll-helper.fit/","date":"2026-06-25T12:55:02.134Z","timestamp":1782392102134,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/inconsolata/v37/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://fixdll-helper.fit\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 34084\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Jun 2026 06:13:21 GMT\r\nexpires: Wed, 23 Jun 2027 06:13:21 GMT\r\ncache-control: public, max-age=31536000\r\nage: 196901\r\nlast-modified: Thu, 04 Sep 2025 17:22:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":34084,"size_decoded":34897,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 34084, version 1.0","md5":"4f77d4a9715e4afc64a863d9e47527de","sha1":"6c0cf65047bbbb46faba3d92f1ba4b80ed04bbdd","sha256":"4914e68b98699a8f3d5d552fe60fd7a1c2cb631a0f66f0a148392f161d3155ab","sha512":"d4ffe5acded9b2e6d59487ac5cb9f97b00644fe6d5b627c08eab181bea10a1e1d85b143aeda6e44c7077cc859ae41be28029658f3281b7129e8f8991d5930b2f","ssdeep":"768:MYusugoEx0m+rAt1Hsu7yN8yI0VALqBFUpSM3tD:q60JUjsksRIGALk9M9D","tlshash":"e8e202553cf2a123715dca20a21f84e27a951cc64f479120ef481cf96a0bfded46e6ab","first_seen":"2025-06-03T01:50:41.190157Z","last_seen":"2026-06-29T12:58:18.534428Z","times_seen":2941,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":30,"send":0,"wait":25,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inconsolata/v37/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://fixdll-helper.fit/","date":"2026-06-25T12:55:02.138Z","timestamp":1782392102138,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/inconsolata/v37/QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://fixdll-helper.fit\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 34084\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 23 Jun 2026 06:13:21 GMT\r\nexpires: Wed, 23 Jun 2027 06:13:21 GMT\r\ncache-control: public, max-age=31536000\r\nage: 196901\r\nlast-modified: Thu, 04 Sep 2025 17:22:05 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":34084,"size_decoded":34897,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 34084, version 1.0","md5":"4f77d4a9715e4afc64a863d9e47527de","sha1":"6c0cf65047bbbb46faba3d92f1ba4b80ed04bbdd","sha256":"4914e68b98699a8f3d5d552fe60fd7a1c2cb631a0f66f0a148392f161d3155ab","sha512":"d4ffe5acded9b2e6d59487ac5cb9f97b00644fe6d5b627c08eab181bea10a1e1d85b143aeda6e44c7077cc859ae41be28029658f3281b7129e8f8991d5930b2f","ssdeep":"768:MYusugoEx0m+rAt1Hsu7yN8yI0VALqBFUpSM3tD:q60JUjsksRIGALk9M9D","tlshash":"e8e202553cf2a123715dca20a21f84e27a951cc64f479120ef481cf96a0bfded46e6ab","first_seen":"2025-06-03T01:50:41.190157Z","last_seen":"2026-06-29T12:58:18.534428Z","times_seen":2941,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":21,"dns":0,"connect":0,"send":0,"wait":47,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}