{"report_id":"04b24b19-d333-413e-8faa-2f754f1dc8c5","version":6,"status":"done","tags":[],"date":"2026-03-04T16:24:13Z","url":{"schema":"https","addr":"cashback-pumps.fun/","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":0,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"cashback-pumps.fun/","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"title":"Pump.fun Cashback | Get 30% Back on Rug Pull Losses","dom":{"size":35787,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1429)","md5":"1e50d0dedfb97796330fc57b97fe6a54","sha1":"d5333b0a7e69fdf593c15b3bb7271432b8a2a0d1","sha256":"8af7aa49a8b54caeee0e3e4a6b204ae84f15c15616aac9854951157885299c25","sha512":"ad1e613b0bee9b91b4dd6b57d5c2c0719ae77a6387cf05e3cf5fcaf96278148288be112b33cbf5e2f3eb1c55eb602242dcb1291948c60b3754f01099f26960ba","ssdeep":"384:k8so1sFs/HzZXLpiKnBmY8d3hT28lrik3bF0:k8h1OIT9Rmt9c8lFbF0","tlshash":"00f2a3a452f4183e70438395db76733f2eaaa1a3960e5104b6bc06b49f85dcadd371dc","dom_hash":"domhash8e17d2efe2288bf9ec2d2cbe9cb7ebc3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"cashback-pumps.fun/","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":0,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-08T16:24:13Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"pump-helpy.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"pump-helpy.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"pump-helpy.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cashback-pumps.fun","ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-03-02","domain_rank":0,"first_seen":"2026-03-04T16:24:14.22505Z","last_seen":"2026-03-04T16:24:14.22505Z","alert_count":13,"request_count":13,"received_data":975396,"sent_data":6317,"comment":"","tags":null,"fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.3.19","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"pump-helpy.fun","ip":{"addr":"85.137.252.55","port":443,"asn":6739,"as":"Vodafone Ono, S.A.","country":"Spain","country_code":"ES"},"domain_registered":"2026-02-28","domain_rank":0,"first_seen":"2026-03-02T13:24:08.192142Z","last_seen":"2026-03-02T13:24:08.192142Z","alert_count":3,"request_count":1,"received_data":3099,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cashback-pumps.fun/","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"651ac366f9feddc4d14e2e8e8eaa6043","sha1":"5a0b8482475b42672b30a40b4aba691f81820c07","sha256":"359f53445f59a557670afab0d771881e00a57053d0e2b996b165938ea8ee6efd","sha512":"e32e479b0f04a5f87c9f3f692eac37056a13b5bfd5b090b1a245a2277eb61e1d2ffa227a04e514f568e64d072b8847f3d0395afb3a6d256ea1063c44e329aacb","ssdeep":"","tlshash":"a5c0227491f44c311abe00db32709640302024ae4553608682bccfcb22d8e844f04820","size":187,"data":"","first_seen":"2026-03-03T10:32:52.113198Z","last_seen":"2026-03-13T06:09:34.056246Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/XhjIRijk.php?s=%2Fipfs%2FDz18gwzuGzxm9J8lEkk95Q180f5b5bf61bc8808bcbaf69f6ff97d1%3Ft%3D1772641430897","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee727e520ce79599729594139295f79b","sha1":"b01d0b1f859654bb3637a16097bddfe949d06aca","sha256":"b0bd6469c9028ca3e5c8cd3af05b168861816cd4a7216c2125c01708697c59c8","sha512":"4b4e4e68cb54f2b4cab1c2a7244857cc6b3195a236dc3f0d9f7a7fbad2b41178e03d153358267821acb504f288c165f1ab006dc187de5e2851a7bd3c5d2e953f","ssdeep":"6144:fh5gDfJjJJhOb1ntpwro5gxPoGeDtGXsdnrZtF6VHp3JTa:nsf9XhOb1tpDWPQdnrr","tlshash":"04d4aac8873a967b44a013a7053792bfbfca0d7da24f8c607ac09cd2da6571e92f455c","size":610080,"data":"","first_seen":"2026-03-04T16:24:17.787408Z","last_seen":"2026-03-04T16:24:17.787408Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cashback-pumps.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:51.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:51 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"bd94-69a4f87d-77f4323959505562;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Wed, 04 Mar 2026 16:23:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T18:39:08.398345Z","times_seen":206336,"resource_available":false,"data":null}},"time_used":338,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":296,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pump-helpy.fun/images/pump-logomark.svg","fqdn":"pump-helpy.fun","domain":"pump-helpy.fun","tld":"fun"},"ip":{"addr":"85.137.252.55","port":443,"asn":6739,"as":"Vodafone Ono, S.A.","country":"Spain","country_code":"ES"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:51.532Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pump-helpy.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:40:33 GMT","end":"Fri, 29 May 2026 19:40:32 GMT"},"fingerprint":{"sha1":"51:97:73:5B:E0:63:AD:CD:D1:DD:D6:2D:73:9B:14:B5:F3:F3:EF:6E","sha256":"D8:9D:B8:45:17:1D:B6:0F:AA:50:FF:99:63:59:B8:F0:74:3C:5F:02:C3:1D:C4:93:6F:28:83:D5:7E:FB:7B:60"}}},"request":{"raw":"GET /images/pump-logomark.svg HTTP/1.1\r\nHost: pump-helpy.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Wed, 04 Mar 2026 16:23:51 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 2660\r\nConnection: keep-alive\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: DENY\r\nReferrer-Policy: no-referrer\r\nPermissions-Policy: geolocation=(), camera=(), microphone=()\r\nAccept-Ranges: bytes\r\nCache-Control: public, max-age=0\r\nLast-Modified: Fri, 27 Feb 2026 12:45:37 GMT\r\nETag: W/\"a64-19c9f2215bc\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":2660,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3e13e575d784e1c0623f9eec1240b21d","sha1":"b37951e967df5b53bd4446b1a3e48c1bd56d9a42","sha256":"8d3ae3eadbf555b9f5302c2c31429ff8420e90eb8eaee34b3fc0e7781566f1ba","sha512":"218ec60489e62cdd55510bb31f30c9b0b149aeec374501ed9b04d7003409a39df4883038765a7efd829af3e534a83c60ce58ea742bc79065ef0b28879c442279","ssdeep":"","tlshash":"7c5172ff6b444de5de86c2f8eb252ad7782a24d97121464193d43f2a740236c4d8ac93","first_seen":"2026-02-20T15:35:56.995338Z","last_seen":"2026-06-08T13:20:59.079621Z","times_seen":142,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":70,"connect":17,"send":0,"wait":17,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-04","alert":"Phishing Block","trigger":"pump-helpy.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"pump-helpy.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"pump-helpy.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/XhjIRijk.php?s=%2Fjmpd%2F","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:52.824Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"POST /XhjIRijk.php?s=%2Fjmpd%2F HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://cashback-pumps.fun/\r\ncontent-type: application/json\r\nContent-Length: 1454\r\nOrigin: https://cashback-pumps.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1454,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBKAMXAzAAEQCyAtECIgDnAh8AAQIASgMAAO8nhn2XtsKCAdQFER5JrYeSlnp612kCAADnVKuhYLwITTQMAXfaTWWb6B6lwfnJ_joCeGl4x8XdAE2z3TkkoGpqq5Q5_8CkYYokfnKg0FQHv3ViXgLNASWRMfsTN21rJ8fuEQzzxrK8bkVUYqGDqtKOTK5Lh7wn71jiDR4ful5U5ginV7aFFq3dHC1xbjywOKzfxfXLcccRJ12sPn9HwoXdDeVVQpycztqHtVQxmmWDxbohO_bOm7rE2YvX_z1GcfwRgR4NzG4x7PxDbeub0lMS8zGczdlTmFxufPYO92wWFGC_5MqpOlYaAu1oTeVQd3g0pz1rUVl_mnGGgcbLeLNIFIdYNuOxLXV6bhNBqTi774Vap2gUjz_iACK8Qv1gKEJrtdVv9Ncgbr_QlZgcBuvsjogi_1OdcHU9n4QKG1Ar08hV7tK8fJ7kBVwm6ce8mKw-lbTk9dAXCT-bCAkMPN_RniqcDYpYaSslJnwGygKAdL5ZFRZb59yBk7vUYHSbkhlUT_gTRCP5Yt7O7aNTfH9x_x8mxqqITUGxgLfXFa42GxD_ydnxd8t8o2ZFcbqi6xNI5LRBBRrYhGMdnUdTGIm8HbtpNZwqDaGUNK7tcD_WAJU0dgQCqN2jde0IBHzAgmYbvjeK74P4H1mUiLqFkWJqSU4I7bVn7l9WGrZ5-t66ir70x6DGRuw98lJfNRdKh1tKbO4Suj6TU5eeMJMQZolqGIdtcwEZixqxb91_eTMCykKp4tL-meZysXc32FEY-Z8VGU5pD1K8z3A77ug4jS6jnvvY_qktIzYlIjYLANh7FMsvxz8yDINKV8X7Uc9F4jJUD4-KxQm8ZdeJw9_m8B64ZJyyTFTTDF_GUQ9TSb-Xf3vPrp4m_YkXRwlUltYDcEww2l0ZlkS8NHnFFZjM0B94ZpLwPAZ4CXWdhehlhZMdt6pFRArfOIdkEnQLSlGSjRSkEFay8dpkyVUsDsHZXau2PgOP-chOPcR2NiBzDpEhnOUAzWKlOnrKDpbAe8hW2_iXvWQdXSZmgzCrHm_bLhInZzu0i6Reer0JjQjAzVHTrCLQZGUQT2Ouou5KxB8GGocUzVUM9E-FzqR-NiJ3IPV1_U_b2crGL24blOytHRdj0T0RDWXE_iZ1cW3YCcJOO7LaUMZRw0lpL7mFay8RwuS6lPnJpdDQnNU5EA\",\"challenge\":\"eyJpZCI6IldBMlpWV0JXZFM0aEp5elBpeS1JM2ciLCJub25jZSI6MTE3LCJoYXNoIjoiMDAyNjE1OWRmNGJkOGY5YmZjM2ZhMTMzMzI1NTIxYjk5OGJiMzUyMTg2MGMzMTE1N2FjMzQ2YmIwYjNmNzIzZCJ9\"}"}},"response":{"raw":"HTTP/3 400 Bad Request\r\nx-powered-by: PHP/8.3.19\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 15\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 04 Mar 2026 16:23:53 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"PHP:8.3.19","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":11,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"825644f747baab2c00e420dbbc39e4b3","sha1":"10588307553e766ab3c7d328d948dc6754893cef","sha256":"7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa","sha512":"bfe6e8df36c78cbfd17ba9270c86860ee9b051b82594fb8f34a0adf6a14e1596d2a9dcdc7eb6857101e1502aff6ff515a36e8ba6c80da327bc11831624a5daea","ssdeep":"","tlshash":"6550003300c0300cc0000000cc00cf00003000003000003300000cc300000030000c00","first_seen":"2023-04-05T23:04:48Z","last_seen":"2026-06-08T17:44:29.959271Z","times_seen":10309,"resource_available":true,"data":null}},"time_used":754,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":754,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-04T16:23:50.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"8ad7-69a4f87d-65c9e8398406a09c;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7193\r\ndate: Wed, 04 Mar 2026 16:23:50 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":35543,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1317)","md5":"31cca38379ac40a1698e75412a6929bd","sha1":"cf427243308b5742573ad5d6ae61e7bec8593b63","sha256":"05634610a23d2718a80bf5f4057838f4532b51df74a42f0a38427e97a33f2b30","sha512":"0ebb18f3b3f9930bd8f4ce100609be35f0da8fa6302c4c97b6e5f3ccd73792100176e2b3e448fbf4e688e3a269422c616cfd1417ccd414eaaececdba18f930aa","ssdeep":"384:k4so1sFsmzZXLpiKnBmY8d3hT28lrik3bF0:k4h1On9Rmt9c8lFbF0","tlshash":"0cf293a452f4183e70438395db76733f2eaaa1a3960e1104b6bc06b4af85dcadd371dc","first_seen":"2026-03-03T10:32:52.10806Z","last_seen":"2026-03-13T06:09:34.047217Z","times_seen":7,"resource_available":false,"data":null}},"time_used":748,"timings":{"blocked":319,"dns":104,"connect":103,"send":0,"wait":106,"receive":1,"ssl":112},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/chat-support.css","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:50.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /chat-support.css HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"37c4-69a4f87d-f76be7f570c1013f;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2713\r\ndate: Wed, 04 Mar 2026 16:23:50 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":14276,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF, LF line terminators","md5":"e7b1486c350960d2e159fab373273845","sha1":"602259772e9a91c32b4c914e2f1263678967f03f","sha256":"b911a220da794ecf28d5690d69e2799203f9064b844c6b2bb601858976ac4c0c","sha512":"76e8f194e7007e3e0f8e283e03b19c7735508fde045c72ae8fb6fc3e95a5e0e4c80f3b3d515810c1ce902131313af84bdbfd9209ab245112eb82efedd934b60a","ssdeep":"192:1RjmabwEOS9ei+DVDU6NVFnxiTQ+V10yxxpgTVSpcCpBxTV6g/8v49M9V4A6WwcH:JSrSVzBSo+4v+","tlshash":"a5523278d601506a7a77a7b4afa94605e2a910439b03417f7bec51b90fb23fc8261fdc","first_seen":"2026-02-25T13:18:14.499293Z","last_seen":"2026-06-08T13:20:59.082831Z","times_seen":96,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/css2.css","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:50.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"2c6f-69a4f87d-a6de6a6fb4584ffb;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 624\r\ndate: Wed, 04 Mar 2026 16:23:50 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":11375,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"2d16eef99ead716acb3eb2f5e917792e","sha1":"1caaecddcfe59dcb512b1c8436f95a964d7ea006","sha256":"4883188fb11e4c3bca4dc1638922b425bb81733b8a0cf1825a18abbac2ebddc3","sha512":"2b03060becfdcef70d6d52a3036f94201fba068dab01a7bf6912d0af9642fd7fe6c14d8661de5ed0967d63dae5134a8ef5c593f216d08020777c361baddbdc5d","ssdeep":"192:9TNSbO34o5DMTOB0O3/v581Tro9O3iS5lWTEv+O3RB5GXTxePO3kU5Hp:NvWsk1i6kbp","tlshash":"39327a91002b6400a7a71cc277ce3f3aaedd6044a049da782ffd0d8a6cdeda953a575d","first_seen":"2025-09-08T14:20:32.7916Z","last_seen":"2026-06-08T13:20:59.085572Z","times_seen":66,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/XhjIRijk.php?s=%2Fipfs%2FDz18gwzuGzxm9J8lEkk95Q180f5b5bf61bc8808bcbaf69f6ff97d1%3Ft%3D1772641430897","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:50.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /XhjIRijk.php?s=%2Fipfs%2FDz18gwzuGzxm9J8lEkk95Q180f5b5bf61bc8808bcbaf69f6ff97d1%3Ft%3D1772641430897 HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nx-powered-by: PHP/8.3.19\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 04 Mar 2026 16:23:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.19","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":610080,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"ee727e520ce79599729594139295f79b","sha1":"b01d0b1f859654bb3637a16097bddfe949d06aca","sha256":"b0bd6469c9028ca3e5c8cd3af05b168861816cd4a7216c2125c01708697c59c8","sha512":"4b4e4e68cb54f2b4cab1c2a7244857cc6b3195a236dc3f0d9f7a7fbad2b41178e03d153358267821acb504f288c165f1ab006dc187de5e2851a7bd3c5d2e953f","ssdeep":"6144:fh5gDfJjJJhOb1ntpwro5gxPoGeDtGXsdnrZtF6VHp3JTa:nsf9XhOb1tpDWPQdnrr","tlshash":"04d4aac8873a967b44a013a7053792bfbfca0d7da24f8c607ac09cd2da6571e92f455c","first_seen":"2026-03-04T16:24:17.787408Z","last_seen":"2026-03-04T16:24:17.787408Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1092,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:51.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:51 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"bd94-69a4f87d-77f4323959505562;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Wed, 04 Mar 2026 16:23:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T18:39:08.398345Z","times_seen":206336,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":253,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:51.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:51 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"bd94-69a4f87d-77f4323959505562;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Wed, 04 Mar 2026 16:23:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T18:39:08.398345Z","times_seen":206336,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":103,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:51.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:51 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"bd94-69a4f87d-77f4323959505562;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Wed, 04 Mar 2026 16:23:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T18:39:08.398345Z","times_seen":206336,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":335,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/pump-logomark.svg","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:51.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /pump-logomark.svg HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:51 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"a64-69a4f87d-87f25239261274f8;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1050\r\ndate: Wed, 04 Mar 2026 16:23:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2660,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3e13e575d784e1c0623f9eec1240b21d","sha1":"b37951e967df5b53bd4446b1a3e48c1bd56d9a42","sha256":"8d3ae3eadbf555b9f5302c2c31429ff8420e90eb8eaee34b3fc0e7781566f1ba","sha512":"218ec60489e62cdd55510bb31f30c9b0b149aeec374501ed9b04d7003409a39df4883038765a7efd829af3e534a83c60ce58ea742bc79065ef0b28879c442279","ssdeep":"","tlshash":"7c5172ff6b444de5de86c2f8eb252ad7782a24d97121464193d43f2a740236c4d8ac93","first_seen":"2026-02-20T15:35:56.995338Z","last_seen":"2026-06-08T13:20:59.079621Z","times_seen":142,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/styles.css","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:50.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:50 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"c474-69a4f87d-69548752ed8f90fb;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7390\r\ndate: Wed, 04 Mar 2026 16:23:50 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":50292,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF, LF line terminators","md5":"b43c724e6677a1679df9ef3dad996ce1","sha1":"2f71b79e5a1c3bab710e23175f850665086f936f","sha256":"2fc99c040a6ccae1cf1e40364120eb8d84ee06bb5280eaeaa047b770c43795c5","sha512":"0caae2983614aa6dae10db7326d6281cdd03762fb2c394a73144ae4235a8edd973ece9f5b86e3a27df4df5ed8c7d362441dbae985040fdf145186df849ce4b16","ssdeep":"192:evmd5M1c3vV4oUqt6R9AaqHGIL7POqqXiqJcTNNYUPetnkXhBI5Y8oz1S5fFJtUI:e2tt6ix+oz4MH2WDQgb3Q5GfJh9vxvq","tlshash":"17333158a71561a66633bbb4aff60719f298a0539b02456e7fdc22450ff13bc41a2fcc","first_seen":"2026-02-20T23:54:40.355055Z","last_seen":"2026-06-08T13:20:59.084853Z","times_seen":111,"resource_available":false,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/pump-logomark.svg","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:50.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /pump-logomark.svg HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:50 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"a64-69a4f87d-87f25239261274f8;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1050\r\ndate: Wed, 04 Mar 2026 16:23:50 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2660,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3e13e575d784e1c0623f9eec1240b21d","sha1":"b37951e967df5b53bd4446b1a3e48c1bd56d9a42","sha256":"8d3ae3eadbf555b9f5302c2c31429ff8420e90eb8eaee34b3fc0e7781566f1ba","sha512":"218ec60489e62cdd55510bb31f30c9b0b149aeec374501ed9b04d7003409a39df4883038765a7efd829af3e534a83c60ce58ea742bc79065ef0b28879c442279","ssdeep":"","tlshash":"7c5172ff6b444de5de86c2f8eb252ad7782a24d97121464193d43f2a740236c4d8ac93","first_seen":"2026-02-20T15:35:56.995338Z","last_seen":"2026-06-08T13:20:59.079621Z","times_seen":142,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cashback-pumps.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"cashback-pumps.fun","domain":"cashback-pumps.fun","tld":"fun"},"ip":{"addr":"82.29.199.184","port":443,"asn":0,"as":"","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://cashback-pumps.fun/","date":"2026-03-04T16:23:51.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cashback-pumps.fun","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 01:19:03 GMT","end":"Sun, 31 May 2026 01:19:02 GMT"},"fingerprint":{"sha1":"D7:47:CD:82:C5:67:24:75:33:F5:D8:CB:7A:FC:01:D9:11:FD:15:AC","sha256":"0B:44:65:19:36:FE:94:00:AF:7F:93:C4:5F:B6:68:D8:A3:B9:04:5E:39:BA:4E:69:DF:91:BC:A4:B7:AC:E8:86"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: cashback-pumps.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cashback-pumps.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 11 Mar 2026 16:23:51 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Mon, 02 Mar 2026 02:39:57 GMT\r\netag: \"bd94-69a4f87d-77f4323959505562;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Wed, 04 Mar 2026 16:23:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-08T18:39:08.398345Z","times_seen":206336,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":132,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-04","alert":"Sinkholed","trigger":"cashback-pumps.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}