fatcousin

if you or someone you are helping is in crisis

contact crisis support first — not forensic tooling. this page documents synthetic reference data only; it is not legal advice.

  • US suicide & crisis lifeline: 988
  • report sextortion to local law enforcement — they coordinate takedowns, payment freezes where possible, and referral to victim services in your jurisdiction.
  • do not pay. preserve evidence, then report — payment rarely stops the demands and funds the actor.
// reference investigation

hayes-sextortion — email + mobile threat + BTC demand

Morgan Hayes sextorted via burner email, iMessage/WhatsApp threads, AI-generated intimate imagery + face-swap still, deleted iMessage artifacts in sms.db, and a BTC peel payment path. Fully synthetic.

what this proves

  • all eight sextortion primary engines produce deterministic, fixture-locked output — verified by npm run check:flagship (280/280 fleet · 8 for this scenario).
  • every output is generated 100% locally in your browser — save .eml and backups first, never forward threat material.
  • burner email authentication gaps, imessage deletion artifacts, parallel ios/android whatsapp threads, ai composite provenance, face-swap still cues, and btc peel graph surface without uploading evidence.

primary engines locked to this fixture

build the case binder

runs all eight primary engines on the synthetic evidence zip and opens a self-contained html binder. uses the default binder renderer for sextortion — no upload.

runs all 8 primary engines locally on the synthetic evidence zip · opens a self-contained html binder · no upload

download the synthetic evidence

MIT-licensed, fully synthetic. includes extortion .eml, sms.db deletion artifacts, ios/android whatsapp databases, a1111-parameter composite png, face-swap still, btc payment tx, and peel-flow json.

download evidence zip →download goldens zip →run this kit in your browser →

built deterministically from scripts/fixtures/build-hayes-sextortion.mjs. seed: hayes-sextortion:v1.

methodology

sextortion is email + chat + image pressure — save the .eml first, then walk header analyzer → imessage deletion artifacts → ios/android whatsapp → ai provenance → face-swap → btc decode → crypto graph. read the full sextortion guide →

after the playbook

run each primary locally — or export findings from the binder — then drop every csv/json into fatcousin-multi-tool-super-timeline-correlator. one timestamp-sorted timeline across extortion mail, imessage deletion artifacts, whatsapp pressure, synthetic image markers, and BTC peel flow — still zero upload.

methodology articlesextortion playbookforensics home

synthetic scenario only · no real victim · no real imagery · grading rubric

ready