{"node":"0x3d26c581bda2d0146f0baa34903872cc9783d61ca5be229768ba24da003319e7","name":"clickfix.eth","parent_name":"eth","is_subdomain":false,"root_cid":"bafkreie3ss3k7zznkn5d5jvgewldtolkfnqw4sxyxukozdh5fkbyputtii","title":".","icon_url":null,"manifest_url":null,"analysis":{"root_cid":"bafkreie3ss3k7zznkn5d5jvgewldtolkfnqw4sxyxukozdh5fkbyputtii","model":"openai/gpt-5.4-mini","analyzed_at":"2026-05-01T02:27:20.502Z","path":"analysis/by-cid/tt/ii/bafkreie3ss3k7zznkn5d5jvgewldtolkfnqw4sxyxukozdh5fkbyputtii.json","category":"Unknown","category_confidence":0.99,"summary":"A hidden HTA page launches PowerShell to download and execute remote code from an external domain.","quality_tier":"broken","quality_score":0.02,"security_risk":"critical","security_risk_score":0.99,"threat_type":"malware_download","safe_to_list":false},"contenthashes":[{"contenthash_protocol":"ipfs","root_cid":"bafkreie3ss3k7zznkn5d5jvgewldtolkfnqw4sxyxukozdh5fkbyputtii","contenthash_set_block":23953522,"contenthash_set_tx_hash":"0x6791bd4dd1e7f8b2fd384ef3d4fa7f09b636e0502ae7ee9397d9b2a5a2f95268"}]}