{"report_id":"2e1acc77-2044-4415-afe1-a5ecb761cd83","version":6,"status":"done","tags":[],"date":"2026-03-18T18:51:09Z","url":{"schema":"https","addr":"pumpclaimed.fun/","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"172.67.168.224","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pumpclaimed.fun/","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"title":"Pump","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"pumpclaimed.fun/","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"172.67.168.224","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-22T18:51:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":7,"urlquery":0,"analyzer":10}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-18T18:50:47Z","timestamp":1773859847,"ip_dst":{"addr":"8.8.4.4","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":46780,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Google DNS over HTTPS Domain (dns .google in TLS SNI)","source":"{\"timestamp\":\"2026-03-18T18:50:47.210490+0000\",\"flow_id\":730608095973691,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":46780,\"dest_ip\":\"8.8.4.4\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047866,\"rev\":4,\"signature\":\"ET INFO Observed Google DNS over HTTPS Domain (dns .google in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"8.8.4.4\",\"port\":443},\"target\":{\"ip\":\"172.18.0.18\",\"port\":46780},\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_02_07\"],\"deployment\":[\"Perimeter\"],\"former_sid\":[\"2851058\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_10_05\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"DoH\"],\"updated_at\":[\"2023_10_05\"]}},\"tls\":{\"sni\":\"dns.google\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":912,\"bytes_toclient\":4648,\"start\":\"2026-03-18T18:50:47.184635+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-18T18:50:51Z","timestamp":1773859851,"ip_dst":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56472,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-03-18T18:50:51.130841+0000\",\"flow_id\":35841301533100,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":56472,\"dest_ip\":\"104.18.50.34\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.50.34\",\"port\":443},\"target\":{\"ip\":\"172.18.0.18\",\"port\":56472},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":945,\"bytes_toclient\":1654,\"start\":\"2026-03-18T18:50:51.119212+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-18T18:50:51Z","timestamp":1773859851,"ip_dst":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56512,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-03-18T18:50:51.135702+0000\",\"flow_id\":2143368868778932,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":56512,\"dest_ip\":\"104.18.50.34\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.50.34\",\"port\":443},\"target\":{\"ip\":\"172.18.0.18\",\"port\":56512},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":789,\"bytes_toclient\":2594,\"start\":\"2026-03-18T18:50:51.119732+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-18T18:50:51Z","timestamp":1773859851,"ip_dst":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56518,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-03-18T18:50:51.136247+0000\",\"flow_id\":293028238185502,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":56518,\"dest_ip\":\"104.18.50.34\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.50.34\",\"port\":443},\"target\":{\"ip\":\"172.18.0.18\",\"port\":56518},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2670,\"start\":\"2026-03-18T18:50:51.119838+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-18T18:50:51Z","timestamp":1773859851,"ip_dst":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56480,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-03-18T18:50:51.140454+0000\",\"flow_id\":1854188720738929,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":56480,\"dest_ip\":\"104.18.50.34\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.50.34\",\"port\":443},\"target\":{\"ip\":\"172.18.0.18\",\"port\":56480},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2670,\"start\":\"2026-03-18T18:50:51.119409+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-18T18:50:51Z","timestamp":1773859851,"ip_dst":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56508,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-03-18T18:50:51.141320+0000\",\"flow_id\":889577720763210,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":56508,\"dest_ip\":\"104.18.50.34\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.50.34\",\"port\":443},\"target\":{\"ip\":\"172.18.0.18\",\"port\":56508},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":789,\"bytes_toclient\":1654,\"start\":\"2026-03-18T18:50:51.119626+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-18T18:50:51Z","timestamp":1773859851,"ip_dst":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":56496,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI","source":"{\"timestamp\":\"2026-03-18T18:50:51.144092+0000\",\"flow_id\":1380913389490899,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":56496,\"dest_ip\":\"104.18.50.34\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2062569,\"rev\":1,\"signature\":\"ET INFO Observed Cloudflare R2 Public Bucket (r2 .dev) Domain in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"source\":{\"ip\":\"104.18.50.34\",\"port\":443},\"target\":{\"ip\":\"172.18.0.18\",\"port\":56496},\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2025_05_27\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Major\"],\"updated_at\":[\"2025_05_27\"]}},\"tls\":{\"sni\":\"pub-14c1504681d2427684ac1f489338d075.r2.dev\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":4,\"bytes_toserver\":945,\"bytes_toclient\":2670,\"start\":\"2026-03-18T18:50:51.119507+0000\"}}"}],"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-18","alert":"Hunting_JS_WebAssembly","trigger":"verify-modal-2735.vercel.app/solana?id=69a44c0328d9f4cf47ed21c5\u0026bundle=1","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"pumpclaimed.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-03-15T22:30:49.343058Z","alert_count":0,"request_count":1,"received_data":201804,"sent_data":450,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-23","domain_rank":0,"first_seen":"2026-02-25T03:05:04.781981Z","last_seen":"2026-03-12T20:07:07.154249Z","alert_count":8,"request_count":8,"received_data":40697176,"sent_data":4080,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-15T22:19:58.945817Z","alert_count":0,"request_count":1,"received_data":18375,"sent_data":486,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-15T22:16:12.279722Z","alert_count":0,"request_count":6,"received_data":296202,"sent_data":3330,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pumpclaimed.fun","ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-03-16","domain_rank":0,"first_seen":"2026-03-18T18:51:12.916899Z","last_seen":"2026-03-18T18:51:12.916899Z","alert_count":6,"request_count":6,"received_data":271813,"sent_data":2834,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Chart.js:4.4.1","description":"Chart.js is an open-source JavaScript library that allows you to draw different types of charts by using the HTML5 canvas element.","website":"https://www.chartjs.org","common_platform_enumeration":"","icon":"Chart.js.svg","categories":["JavaScript graphics"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}]},{"fqdn":"pump.fun","ip":{"addr":"104.18.34.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-09-19","domain_rank":17401,"first_seen":"2024-01-16T18:14:36Z","last_seen":"2026-03-13T04:30:07.709653Z","alert_count":0,"request_count":4,"received_data":1072252,"sent_data":2109,"comment":"","tags":null,"fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"verify-modal-2735.vercel.app","ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-03-18T14:13:02.79887Z","last_seen":"2026-03-18T14:13:02.79887Z","alert_count":1,"request_count":8,"received_data":1025032,"sent_data":4382,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-03-15T22:23:30.202114Z","alert_count":0,"request_count":1,"received_data":347180,"sent_data":435,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"dns.google","ip":{"addr":"8.8.4.4","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2018-04-16","domain_rank":158,"first_seen":"2018-10-26T18:11:46Z","last_seen":"2026-03-12T09:01:10.186238Z","alert_count":0,"request_count":1,"received_data":806,"sent_data":499,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"pumpclaimed.fun/","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"eval","is_inline":false,"md5":"b8fc96ef06be8b0b51129a95f25915d9","sha1":"3060a76d1ae6d09a064de0acc8d84e96e374ed5b","sha256":"d536ad466e5ba6813d7fd54a855dc1729f3a24a835d07277a6ca0a97eda9edf7","sha512":"e89131b791041e42348ce0ba2bc45ebe771ff0954597e41210bef271de210702e97d9aa171dfec5ed091d470ae51bf7bc3649c1bb511f697b839b6a57e19b151","ssdeep":"768:ZhCpKfjEZxtky8RWytDMc8yN2ea8kqweQAxZ3MCqqkd:Z/jEZxp8jV8yN2eweQAxlRkd","tlshash":"a0234a09bba31335aa63207f1b7fa66c713940075406c954f9ad9350afa0f86163bbfd","size":50084,"data":"","first_seen":"2026-03-18T18:51:17.508393Z","last_seen":"2026-03-18T22:33:00.687005Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"64778b1659bf530fc338f5e667907d0b","sha1":"b78751a593a9cbcf5baec4d74bbbbf79a84c7555","sha256":"2d8a2662fcc4bda035e885aa0f58e5f719ed6b38365d64131952e1ec4800614c","sha512":"a7f43cc784608a6281f93917fb9ca434db358089f3a88f5e547caed22d95692a530c3a193830cacf91d2c64aabeef03c3ccf596d81011713db00e3e7d53b77a7","ssdeep":"","tlshash":"55516355716d28655a2380ff5e3bc3472260a0477c07f5387bac52055f6ab8ca4bb68e","size":3108,"data":"","first_seen":"2026-03-17T00:22:16.466073Z","last_seen":"2026-04-10T14:52:40.827123Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c67e159599f407d72bafd3581f4ad423","sha1":"60af97e15e7ba3fbb51f8d70a6df31788abd68e8","sha256":"ac27457e49a79bca291abe57f91a09978847500cd1557f948f7b66240ce5763e","sha512":"bb1bdc1413e48693854571ec9633734b45a01a867eee9fd8a7515aef0990b1437f5e9605b12d8fea85b5c752db969c9ef67f17b8052117f8e4311a8dc5d609b8","ssdeep":"","tlshash":"2d019caabe3e363150ffb777b0df5b58373500624544ca1536b94ac50ea0f9010328d3","size":706,"data":"","first_seen":"2026-03-17T00:22:16.468287Z","last_seen":"2026-04-10T14:52:40.827625Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cb89ff9844760e26e49f6f1eb42706aa","sha1":"75f99df996edef7da27ab9badf92a586357b75a0","sha256":"702195e638006bbfc571afc7024a9209af33f71dc01db5be2cf278f11ebe6cc2","sha512":"f2f42283c9d4fd665b40aec1f9d47dd2408d284b3adf622f96ecec78365d51d7b21999bff8c003c1a2e265d4447ed9910e9f8ec6bec16a8726228d2d8355f190","ssdeep":"","tlshash":"8b11c0753b2a5534dac5418b317ee7a93d3260717e029144c36cdc299d28e8714efcbe","size":902,"data":"","first_seen":"2026-03-18T18:51:17.510534Z","last_seen":"2026-03-18T18:51:17.510534Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/noir.js","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f0830df30d6345bcee45a2dd56f7722","sha1":"515d1395de6944be0eccd30af23fa5c364b9d5fd","sha256":"83517b854be605e571c3a1860d16be6315f4028b6d2ac95d7ab84a75e4b0a160","sha512":"c96f16de8ed97731d569e1a1ff892f681cced7dc8bff5a9f4e1b91db6f71e36a0d3715146319ea1b61a28c6a767b7b51079c2842e97dfa4a55dc8289264fa119","ssdeep":"1536:cMKGg2gPKeO3v4BEnbkMKslM/omB4jsjw96Zvg3nnaV7fTInzDZuDTemFHkcXGzo:hPgieOfTnoMkzWSVX5kSx","tlshash":"e7633babcf4f2d42cf741b0613ee1ccd062d5b8bb4d244dd9a1ab2ce825a66714c85ed","size":66887,"data":"","first_seen":"2026-03-18T18:51:17.502438Z","last_seen":"2026-03-18T22:33:00.684211Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"73890f11926df7e252153a55d09a0771","sha1":"f158f0f35f6c70af68c82ab3e84fa4b604a1f400","sha256":"fc242921ab8b0652f84f79fc59edd1996e3981be5a55e76d96d58888d1190d99","sha512":"29c62b99866559ee29d4ca9ee560f666daae671a3f443dbf580996a1c28e660be45d431cf054afa706fcb228bfb2a7f55ce51dad1c9cbc1a2009b03e4a755427","ssdeep":"384:ExquLb+7RDKeeA24TvUSt1D3+ogNQxTXf2L/zUZpsJkciaY0JpmLNuLBin4T12WN:EEuGdht1DuoBTXf2tkIY084pzN","tlshash":"bfc2c68fb5d97e24e33e2474183bb0cae2ae7c5a64184514d300e9a4fce375897a6d9c","size":26229,"data":"","first_seen":"2026-03-18T18:51:17.499581Z","last_seen":"2026-03-18T19:14:13.183563Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"verify-modal-2735.vercel.app/solana?id=69a44c0328d9f4cf47ed21c5\u0026bundle=1","fqdn":"verify-modal-2735.vercel.app","domain":"verify-modal-2735.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"10186255d8b0a887c58dd1e1dad590d3","sha1":"5c6592e5dc07ed292b48ecdc19917afd09ee1888","sha256":"9dd42a94084800bc1364eb741398b5ce5c8b1e812836f58e946b79d5a0886e68","sha512":"acace13c08b820b0231441907137040231036570ee785962a61e3caf13e5a45c6d5ca907f2cfac724e61d8f80e7a687c725909cef617f555ee39f6b74e24a714","ssdeep":"12288:F0ruqE5rmLxtefssu4T1u2p/AVHQ3eSjgZa2bsUn441zu3cEjkuz8knS:F0rRtgu4T1u2pIVHE4GUn31zjEjRz8kS","tlshash":"3c255c5273a2b031439729e910772006f37aac983809407cf7ace8ef7f95599967af74","size":1016822,"data":"","first_seen":"2026-03-18T18:51:17.506433Z","last_seen":"2026-03-18T18:51:17.506433Z","times_seen":1,"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-18","alert":"Hunting_JS_WebAssembly","trigger":"verify-modal-2735.vercel.app/solana?id=69a44c0328d9f4cf47ed21c5\u0026bundle=1","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Chart.js/4.4.1/chart.umd.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"50cf2ab0db25f5d6df90a1046520e68e","sha1":"49aef4c23c3a950e3797d7563f61ad1da9f72642","sha256":"81ffafe13c37e1b25793b020d446f4d9739b949dadb7f9f79d709a0cad781c2f","sha512":"0900569787c91d66ebc8613e3dced403158c50c34c5b35b1178490a3d0a090920dd64c7a7630d066387763c499d5dfba23ed73cdee99ee41d73bbab75326405b","ssdeep":"6144:RieI/uVly3/7ilUbJDrhm6EbLDIzXuJmKa+/b8AaHmeIhpQqOzzH9jxOJHq7S0HC:kx2ly3/7ilUbJDrhlEbLDIzuJ7a+/b86","tlshash":"fa1406d57302b12682d252d6183e050be2367a582547886cf6b89ddf386d98b71fff38","size":200807,"data":"","first_seen":"2024-11-06T09:11:16.169756Z","last_seen":"2026-06-13T16:39:11.177334Z","times_seen":259,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"38d45789c989dbcf23004a055214e891","sha1":"717cd67c7ef3e90dea2609de9a68e0620d07b994","sha256":"2d2ea1f85bcc9959708090f4d14bb225307f75f3b8b2f6e0a39b1fc7ff595850","sha512":"058c5a4802be2a8473d9d5ddd01057114e3e209209243483b422f9fe75b61936e95a3a2c5c49f3e5f080c9d70a99a1bfc228e5f54661d4a1beb713128b6fb153","ssdeep":"","tlshash":"31d023951d75c43176dd02465076d3a4257231607b11d600c6c9cc2f7f32dd344f157c","size":217,"data":"","first_seen":"2026-03-18T18:51:17.511563Z","last_seen":"2026-03-18T18:51:17.511563Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800;900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.646Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Inter:wght@300;400;500;600;700;800;900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 18 Mar 2026 18:50:46 GMT\r\ndate: Wed, 18 Mar 2026 18:50:46 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17689,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"30e76aaeae29f594433bc728a08b4d8f","sha1":"ac1b677b4d702295e7802802376ddd8c84acbc13","sha256":"395e51e3dc84faf99710da8cf316e573703addd6eb598e1b334eff76653e820d","sha512":"93b1661d34210abbdb2c6cca46bb229254b615ba07c05dbcadb65199b9d1e61e18dbb4302236e89188ddc34be20528f503f6140358f82385b1f0e621f93ec4d8","ssdeep":"192:wNA1cO3lnxirNNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGfNx0NO3kV:8KYXuM0p2+g7GQK","tlshash":"b1828892002ba400ab971dc233cf7f3aaece10896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-11T05:09:40.151737Z","last_seen":"2026-06-13T16:41:39.279399Z","times_seen":4297,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":107,"dns":0,"connect":7,"send":0,"wait":21,"receive":0,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/Chart.js/4.4.1/chart.umd.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/Chart.js/4.4.1/chart.umd.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 18:50:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 60109\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"656e8584-eacd\"\r\nlast-modified: Tue, 05 Dec 2023 02:05:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 390280\r\nexpires: Mon, 08 Mar 2027 18:50:46 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sj7WIUxUzDEA68uKuGxg3aK%2F8DMsjBQi94%2BAeGGI2uXJfKiSN6m7ZWtS%2BaSAn3ZUig784mgDPgL82E%2FTvB%2B6QOt1epu6F6KLQPl3EJdM%2FAoC7Ts%3D\"}]}\r\ncf-ray: 9de66cc9b92835a6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":200807,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"50cf2ab0db25f5d6df90a1046520e68e","sha1":"49aef4c23c3a950e3797d7563f61ad1da9f72642","sha256":"81ffafe13c37e1b25793b020d446f4d9739b949dadb7f9f79d709a0cad781c2f","sha512":"0900569787c91d66ebc8613e3dced403158c50c34c5b35b1178490a3d0a090920dd64c7a7630d066387763c499d5dfba23ed73cdee99ee41d73bbab75326405b","ssdeep":"6144:RieI/uVly3/7ilUbJDrhm6EbLDIzXuJmKa+/b8AaHmeIhpQqOzzH9jxOJHq7S0HC:kx2ly3/7ilUbJDrhlEbLDIzuJ7a+/b86","tlshash":"fa1406d57302b12682d252d6183e050be2367a582547886cf6b89ddf386d98b71fff38","first_seen":"2024-11-06T09:11:16.169756Z","last_seen":"2026-06-13T16:39:11.177334Z","times_seen":259,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":14,"receive":7,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 15 Mar 2026 05:29:56 GMT\r\nexpires: Mon, 15 Mar 2027 05:29:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 307251\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T19:31:26.473349Z","times_seen":209993,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":107,"dns":1,"connect":7,"send":0,"wait":8,"receive":2,"ssl":126},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/pump-logomark.svg","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:47.006Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumpclaimed.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 19:52:42 GMT","end":"Sun, 14 Jun 2026 19:52:41 GMT"},"fingerprint":{"sha1":"4C:0A:51:E5:0A:43:93:BC:25:9F:E8:50:A1:B2:B2:22:28:BE:2B:A6","sha256":"8A:9D:E9:B9:DF:21:A8:05:D8:4D:4A:21:D1:F8:56:2F:38:7C:A2:D2:73:9C:F8:E9:F9:28:CF:74:72:70:CC:63"}}},"request":{"raw":"GET /pump-logomark.svg HTTP/1.1\r\nHost: pumpclaimed.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 18:50:47 GMT\r\ncontent-type: image/svg+xml\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KV4gsBCv4kYCAS0yAONiRMDazLNfLNqtprY0j%2FzD44yvxlL518N6reST6PS6QCKUtU5woo85HfkVmsHmku%2F7dglcSgYQRKrQpER75OXKzA%3D%3D\"}]}\r\nlast-modified: Mon, 16 Mar 2026 20:40:55 GMT\r\npriority: u=4,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69b86ad7-a5d\"\r\ncf-ray: 9de66ccbda4f618c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2653,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7ac045d44726d3ecd7d70cc10fd98c72","sha1":"d3e2dbb1530f6a00a41c9467e977fb61048ed08d","sha256":"2c72b8e06bbd7be8823c2cce4bbe652ba7a36e35074b8a1b27fd668304816379","sha512":"488d3da62f6ba30a36f8bb106262c3342583a719402680e34ce6d99ba26db1aea5d14496d7427aa39544527a3d5f63a0030d6e32d48e4366e07aacd5db5d12a8","ssdeep":"","tlshash":"395171ff7b5448e5de86c2f8eb2a2adb782a24d97120464193d42f29780176c4d8ac93","first_seen":"2025-11-15T00:25:53.758655Z","last_seen":"2026-06-13T15:05:21.526579Z","times_seen":366,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"pumpclaimed.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.099Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 07:41:58 GMT","end":"Fri, 12 Jun 2026 07:41:57 GMT"},"fingerprint":{"sha1":"C0:16:76:CB:73:59:54:FD:EE:F5:98:D9:1E:84:2C:64:5E:69:4A:C1","sha256":"EB:7F:C6:00:94:82:C3:E3:51:75:19:72:94:30:B8:60:5D:EE:9D:90:4D:0A:8E:6F:2C:9A:F7:84:10:1D:65:C5"}}},"request":{"raw":"GET /phantom-bypass1-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Mar 2026 18:50:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 2031700\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nETag: \"a22dc9face81ff1665651f1052a0a99f\"\r\nLast-Modified: Fri, 23 Jan 2026 22:55:18 GMT\r\nVary: Origin\r\nServer: cloudflare\r\nCF-RAY: 9de66ce5e9ef0731-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2031700,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"37d621b0888b9c9acaadc1142424a21c","sha1":"cbb67a69d5c908ed0643897721984ff71bf7a0d8","sha256":"b69becaf20ae2c964f0068c915b5d036da7dc363b1ea662f069f53f647706314","sha512":"474aad76d233471363cdabd9efc14cc91b32e291fc0e70d5bac4f9e5e20c36399f05f2f099795fa60cc9a7147632933594604474935b1e73923115ea8eaf7391","ssdeep":"24576:/2TAaRkFipRWRSlpAzUWOsWWvbLqhDVtxB6Ewq4zG:ZhZv4JsZDL8Da1a","tlshash":"e925333bc65d46417aa900115b2162708d3368ac58ffe63383edde72d78ba3c7d643a9","first_seen":"2026-03-08T18:49:18.127937Z","last_seen":"2026-06-01T09:54:50.06681Z","times_seen":62,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":83,"dns":21,"connect":1,"send":0,"wait":142,"receive":185,"ssl":59},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 07:41:58 GMT","end":"Fri, 12 Jun 2026 07:41:57 GMT"},"fingerprint":{"sha1":"C0:16:76:CB:73:59:54:FD:EE:F5:98:D9:1E:84:2C:64:5E:69:4A:C1","sha256":"EB:7F:C6:00:94:82:C3:E3:51:75:19:72:94:30:B8:60:5D:EE:9D:90:4D:0A:8E:6F:2C:9A:F7:84:10:1D:65:C5"}}},"request":{"raw":"GET /phantom-bypass1-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Mar 2026 18:50:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 2031700\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nETag: \"a22dc9face81ff1665651f1052a0a99f\"\r\nLast-Modified: Fri, 23 Jan 2026 22:55:26 GMT\r\nVary: Origin\r\nServer: cloudflare\r\nCF-RAY: 9de66ce5dd62120a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2031700,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"37d621b0888b9c9acaadc1142424a21c","sha1":"cbb67a69d5c908ed0643897721984ff71bf7a0d8","sha256":"b69becaf20ae2c964f0068c915b5d036da7dc363b1ea662f069f53f647706314","sha512":"474aad76d233471363cdabd9efc14cc91b32e291fc0e70d5bac4f9e5e20c36399f05f2f099795fa60cc9a7147632933594604474935b1e73923115ea8eaf7391","ssdeep":"24576:/2TAaRkFipRWRSlpAzUWOsWWvbLqhDVtxB6Ewq4zG:ZhZv4JsZDL8Da1a","tlshash":"e925333bc65d46417aa900115b2162708d3368ac58ffe63383edde72d78ba3c7d643a9","first_seen":"2026-03-08T18:49:18.127937Z","last_seen":"2026-06-01T09:54:50.06681Z","times_seen":62,"resource_available":false,"data":null}},"time_used":543,"timings":{"blocked":75,"dns":22,"connect":1,"send":0,"wait":164,"receive":223,"ssl":51},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 07:41:58 GMT","end":"Fri, 12 Jun 2026 07:41:57 GMT"},"fingerprint":{"sha1":"C0:16:76:CB:73:59:54:FD:EE:F5:98:D9:1E:84:2C:64:5E:69:4A:C1","sha256":"EB:7F:C6:00:94:82:C3:E3:51:75:19:72:94:30:B8:60:5D:EE:9D:90:4D:0A:8E:6F:2C:9A:F7:84:10:1D:65:C5"}}},"request":{"raw":"GET /solflare-bypass2-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Mar 2026 18:50:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 8319275\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nETag: \"ffdbd9550fb16af66a8cf7717da03833\"\r\nLast-Modified: Fri, 23 Jan 2026 22:07:07 GMT\r\nVary: Origin\r\nServer: cloudflare\r\nCF-RAY: 9de66ce85ac4120a-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8319275,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"c7f02284ef4c6c534add4f4cf923bd2e","sha1":"a8a1b5efc7188d57767b8c10dd21a5bdaba1aa4d","sha256":"ec27d89fbe8d16080062e2d897533f7eb588857b3955dfd53a7d5d240121bc2a","sha512":"7821407b7deebbbd4ded8b8d19129e39ca67ca223f89605a6491de9e2b3344d9b3598bf0561f71ee60690509852fe5534812d49fd9e4caa5953bc2035f08b73b","ssdeep":"24576:bDYQNB1s7x5nT9wysI0jlfn8CUBJRzdUkkIrCfh2SA8RMT0Y:bDYCBsTqTjl0TBLWLZ2SA840Y","tlshash":"0925336db03d9653ebaf30223e5a13c0aedb901c8dbd3e213384ad21875b5ed1d6865d","first_seen":"2026-03-07T00:53:06.700379Z","last_seen":"2026-06-01T09:54:50.069305Z","times_seen":64,"resource_available":false,"data":null}},"time_used":1552,"timings":{"blocked":458,"dns":0,"connect":0,"send":0,"wait":264,"receive":830,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"pump.fun/logo.png","fqdn":"pump.fun","domain":"pump.fun","tld":"fun"},"ip":{"addr":"104.18.34.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pump.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Mar 2026 18:24:50 GMT","end":"Sat, 13 Jun 2026 19:24:48 GMT"},"fingerprint":{"sha1":"9C:68:9D:50:54:A7:B9:54:07:33:EE:49:F6:EE:2B:4C:20:0A:DA:2A","sha256":"F1:28:49:57:1F:64:AD:53:FF:86:81:FE:D5:EA:A0:3C:2E:8F:F6:72:5E:0C:F7:CD:F9:98:33:B8:E0:DD:BE:28"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 18:50:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 15689\r\ncf-ray: 9de66cca0cd8120a-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-disposition: inline; filename=\"logo.png\"\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval' https://*.appsflyer.com https://*.awswaf.com https://*.fullstory.com https://vercel.live https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com https://www.google.com/recaptcha/ https://challenges.cloudflare.com https://unpkg.com https://*.cloudflareinsights.com https://www.tiktok.com https://lf16-tiktok-web.tiktokcdn-us.com https://*.facebook.net https://*.intercom.io https://*.intercomcdn.com https://www.youtube.com https://www.instagram.com https://auth.privy.io https://cdn.jsdelivr.net https://*.onelink.me https://*.lantern-echo.com https://*.vercel-scripts.com https://src.litix.io 'unsafe-inline' blob:; style-src 'self' https://vercel.live https://lf16-tiktok-web.tiktokcdn-us.com 'unsafe-inline'; img-src 'self' https://imagedelivery.net https://pbs.twimg.com https://downloads.intercomcdn.com https://gifs.intercomcdn.com https://static.intercomassets.com https://js.intercomcdn.com https://vercel.live https://pump.mypinata.cloud https://*.pump.fun https://prod-livestream-thumbnails-841162682567.s3.us-east-1.amazonaws.com https://ipfs.io https://*.appsflyer.com https://*.onelink.me https://vercel.com https://image.mux.com https://*.litix.io https://*.padre.gg https://axiomtrading.sfo3.cdn.digitaloceanspaces.com https://raw.githubusercontent.com blob: data:; media-src 'self' https://*.pump.fun https://video.twimg.com https://js.intercomcdn.com https://s3.amazonaws.com/media.pump.fun/ https://s3.us-east-1.amazonaws.com/media.pump.fun https://*.mux.com blob:; child-src 'self' https://auth.privy.io https://privy.devnet.pump.fun https://privy.pump.fun https://verify.walletconnect.com https://verify.walletconnect.org https://www.google.com https://meet.google.com https://www.youtube.com https://www.instagram.com https://www.facebook.com https://www.tiktok.com https://assets.pinterest.com https://vercel.live https://www.geckoterminal.com https://challenges.cloudflare.com https://app.bubblemaps.io https://app.insightx.network https://intercom-sheets.com https://connect.solflare.com https://widget.solflare.com data: blob:; connect-src 'self' blob: https://pump.fun wss://*.pump.fun https://*.pump.fun https://uploads.intercomcdn.com wss://bundles.jito.wtf https://api-js.mixpanel.com https://inviting-charity-4d7317bea8.strapiapp.com https://react-tweet.vercel.app https://browser-intake-datadoghq.com https://www.tiktok.com https://vercel.live https://*.intercom.io wss://*.intercom.io wss://*.intercom-messenger.com wss://ws-us3.pusher.com wss://10.0.140.169:9222/ https://*.awswaf.com https://ipfs.io https://bam.eu01.nr-data.net https://s3.amazonaws.com/media.pump.fun/ https://s3.us-east-1.amazonaws.com/media.pump.fun https://mainnet.block-engine.jito.wtf https://*.mainnet.block-engine.jito.wtf https://*.secure.nozomi.temporal.xyz https://*.helius-rpc.com wss://*.helius-rpc.com https://pump.mypinata.cloud https://gateway.pinata.cloud https://uploads.pinata.cloud https://*.livekit.cloud wss://*.livekit.cloud https://auth.privy.io wss://relay.walletconnect.com wss://relay.walletconnect.org wss://www.walletlink.org https://*.rpc.privy.systems https://api.relay.link https://analytics.google.com https://google-analytics.com https://www.google-analytics.com https://*.analytics.google.com https://www.google.com/recaptcha/ https://meet.google.com https://*.google.com https://api.testnets.relay.link https://*.quiknode.pro https://pulse.walletconnect.org https://explorer-api.walletconnect.com https://*.fullstory.com https://pulse.walletconnect.com https://cdn.jsdelivr.net https://*.lantern-echo.com https://*.appsflyer.com https://*.litix.io https://*.mux.com https://*.launchdarkly.com https://*.padre.gg data:; frame-ancestors 'self'; font-src 'self' https://pump.fun https://fonts.intercomcdn.com https://*.appsflyer.com data: https://vercel.live https://assets.vercel.com; worker-src 'self' blob:;\r\netag: \"1f0f65e2788a9785479d354d9d8981f7\"\r\nlast-modified: Wed, 18 Mar 2026 16:48:45 GMT\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-matched-path: /logo.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: fra1::44jzm-1773859846764-a3c5fc46f29f\r\nexpires: Wed, 18 Mar 2026 22:50:46 GMT\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=j5DyXGhOo3GQVG0eWIAiVvoPsfJIxHIdp1Y67BkKZ.k-1773859846-1.0.1.1-VunWrLXv0qPEEEaOOSq7ZmiXBt3STVNQ.i4Y05qcRvjhp54VPW7jOgiUXNBbc0VgPkGyFWTgCwtDrS5.8sdHC.xQPgcIPqteX6akHpGB3mo; path=/; expires=Wed, 18-Mar-26 19:20:46 GMT; domain=.pump.fun; HttpOnly; Secure; SameSite=None\n_cfuvid=21ReEI5pV_qow2ZH5RnCSmeVdMC66rJA52sdgzHEy3Q-1773859846793-0.0.1.1-604800000; path=/; domain=.pump.fun; HttpOnly; Secure; SameSite=None\r\nvary: Accept-Encoding\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15689,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 475 x 475, 8-bit/color RGBA, non-interlaced","md5":"1f0f65e2788a9785479d354d9d8981f7","sha1":"413af43076e6b305fd4becc1a406fcf033945d55","sha256":"760c155758f9ed317e91affdaec817a47e3567a0852ab0bb1db27ff65825a00b","sha512":"1763b66a2017105d870910ae282b0d9e2e4b0fa2ae2b9e18806009fb2691e461224ace9ff168eef25671e76eb0d2ba778c0ad7cba169c4e16c91d1ef58f2f134","ssdeep":"384:95sBkBfKq706HvMmI962xZaS1iGoup1X54I/dde00fyrtbesxI:8BqfK16HpW6gr03uzB/pwyrVesxI","tlshash":"2662d1acf98e2440ea6854781058c9a25e930ee02d15cf3b793c3c758ac6f8b1e837e4","first_seen":"2025-03-05T20:42:39.911763Z","last_seen":"2026-06-09T12:48:41.396235Z","times_seen":242,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":65,"dns":17,"connect":4,"send":0,"wait":79,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 15 Mar 2026 05:29:56 GMT\r\nexpires: Mon, 15 Mar 2027 05:29:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 307251\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T19:31:26.473349Z","times_seen":209993,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":48,"dns":1,"connect":7,"send":0,"wait":9,"receive":15,"ssl":97},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 15 Mar 2026 05:29:56 GMT\r\nexpires: Mon, 15 Mar 2027 05:29:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 307251\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T19:31:26.473349Z","times_seen":209993,"resource_available":false,"data":null}},"time_used":100,"timings":{"blocked":24,"dns":1,"connect":9,"send":0,"wait":22,"receive":2,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.105Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 07:41:58 GMT","end":"Fri, 12 Jun 2026 07:41:57 GMT"},"fingerprint":{"sha1":"C0:16:76:CB:73:59:54:FD:EE:F5:98:D9:1E:84:2C:64:5E:69:4A:C1","sha256":"EB:7F:C6:00:94:82:C3:E3:51:75:19:72:94:30:B8:60:5D:EE:9D:90:4D:0A:8E:6F:2C:9A:F7:84:10:1D:65:C5"}}},"request":{"raw":"GET /phantom-bypass2-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Mar 2026 18:50:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 3967947\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nETag: \"5a6a3867cbfe36845cfc495e5ca7f0ea\"\r\nLast-Modified: Fri, 23 Jan 2026 15:05:42 GMT\r\nVary: Origin\r\nServer: cloudflare\r\nCF-RAY: 9de66ce5d9c80731-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3967947,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"d93576ba91ca34c6a838ecb0a2007171","sha1":"c4e5bde21d173bd4fcd9129fbdbde6222c276da2","sha256":"bd3b1e09eca059acc8e0bbb505184eb2e25f7d41b27842fc776734881d4742df","sha512":"1757d06e3d6fcf45d5a48f8f6339866791fe4add35e57b447144d7b3bc7c7b25a851adda4b4abfdadc8dc7134f21016a79f7405bb79e50115dce6a8c93a59ef6","ssdeep":"24576:avufiMHLszpYKMLHl4XSjC3h+NeQo3QSlw:oFMHLsMl/CzsAw","tlshash":"db2523ae806d4dc1229501a12516783c14a5a07e8df2bc3db5a8df8dc29ff7b9ce90f5","first_seen":"2026-03-07T01:35:12.450999Z","last_seen":"2026-06-01T09:54:50.000032Z","times_seen":63,"resource_available":false,"data":null}},"time_used":791,"timings":{"blocked":72,"dns":20,"connect":7,"send":0,"wait":197,"receive":445,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"verify-modal-2735.vercel.app/api/v2/binary","fqdn":"verify-modal-2735.vercel.app","domain":"verify-modal-2735.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:50.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"POST /api/v2/binary HTTP/1.1\r\nHost: verify-modal-2735.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pumpclaimed.fun/\r\nContent-Type: application/octet-stream\r\nX-Session-Id: 3a1367c63a21916bbdf1675eb56bf9b2\r\nX-Config-Id: 69a44c0328d9f4cf47ed21c5\r\nContent-Length: 111\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/octet-stream\r\ndate: Wed, 18 Mar 2026 18:50:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jyvPUrKMzwtL8nzNxHUJwPSN2Ir%2BSqklCqpm64BKSzAHaf8u97d8vzpziUleDNBaxNebZIn4wilJNvY1QnqeeedUgUmfHu%2Bbwf9nRGBVtFufgcdUc20bak8%2BaoIToAh8LZP7vpzE\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin,Accept-Encoding\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::cbjqb-1773859850960-237dfa000a62\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":1135,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"294d0b5052f46f4769143f3138bbba13","sha1":"97b23b6b37be686e8cf431c94c3ecd2e07dbff67","sha256":"a84ee903c3629ad17ab9c30120b6bb8d48708862d277e471ae613d93d2f51a8c","sha512":"dcd8c695016fde7146a63518d142c3a23fbd6117c521ebd51f6d65d07bf5b30a95e6865554b5a995342b1fb83c7df017317fa6205c740d1ad742e13713ebb714","ssdeep":"","tlshash":"47219671a3659646f82c00380b6ad5238563e9c8dcce2809f118776b5115745f22e5b6","first_seen":"2026-03-18T18:51:17.496056Z","last_seen":"2026-03-18T18:51:17.496056Z","times_seen":1,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 07:41:58 GMT","end":"Fri, 12 Jun 2026 07:41:57 GMT"},"fingerprint":{"sha1":"C0:16:76:CB:73:59:54:FD:EE:F5:98:D9:1E:84:2C:64:5E:69:4A:C1","sha256":"EB:7F:C6:00:94:82:C3:E3:51:75:19:72:94:30:B8:60:5D:EE:9D:90:4D:0A:8E:6F:2C:9A:F7:84:10:1D:65:C5"}}},"request":{"raw":"GET /solflare-bypass2-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Mar 2026 18:50:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 8319275\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nETag: \"ffdbd9550fb16af66a8cf7717da03833\"\r\nLast-Modified: Fri, 23 Jan 2026 22:06:40 GMT\r\nVary: Origin\r\nServer: cloudflare\r\nCF-RAY: 9de66ce7fc410731-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8319275,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"c7f02284ef4c6c534add4f4cf923bd2e","sha1":"a8a1b5efc7188d57767b8c10dd21a5bdaba1aa4d","sha256":"ec27d89fbe8d16080062e2d897533f7eb588857b3955dfd53a7d5d240121bc2a","sha512":"7821407b7deebbbd4ded8b8d19129e39ca67ca223f89605a6491de9e2b3344d9b3598bf0561f71ee60690509852fe5534812d49fd9e4caa5953bc2035f08b73b","ssdeep":"24576:bDYQNB1s7x5nT9wysI0jlfn8CUBJRzdUkkIrCfh2SA8RMT0Y:bDYCBsTqTjl0TBLWLZ2SA840Y","tlshash":"0925336db03d9653ebaf30223e5a13c0aedb901c8dbd3e213384ad21875b5ed1d6865d","first_seen":"2026-03-07T00:53:06.700379Z","last_seen":"2026-06-01T09:54:50.069305Z","times_seen":64,"resource_available":false,"data":null}},"time_used":1355,"timings":{"blocked":398,"dns":0,"connect":0,"send":0,"wait":190,"receive":767,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass2-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T18:50:46.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumpclaimed.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 19:52:42 GMT","end":"Sun, 14 Jun 2026 19:52:41 GMT"},"fingerprint":{"sha1":"4C:0A:51:E5:0A:43:93:BC:25:9F:E8:50:A1:B2:B2:22:28:BE:2B:A6","sha256":"8A:9D:E9:B9:DF:21:A8:05:D8:4D:4A:21:D1:F8:56:2F:38:7C:A2:D2:73:9C:F8:E9:F9:28:CF:74:72:70:CC:63"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pumpclaimed.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 18:50:46 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 16 Mar 2026 20:40:54 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F5iFsrrek3h10zOnjALfgO%2BS%2B6sqAzVFKJso97DgiUmytenfsxrFJOFOJSbVY26W0L0DIR6gp2slEDDbUWCnC63xbo1UB%2BnuIphQax3aeQ%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9de66cc7eb1b0d2b-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Chart.js:4.4.1","description":"Chart.js is an open-source JavaScript library that allows you to draw different types of charts by using the HTML5 canvas element.","website":"https://www.chartjs.org","common_platform_enumeration":"","icon":"Chart.js.svg","categories":["JavaScript graphics"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}],"data":{"size":146223,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15960)","md5":"2967a4ef2eda1d49276db6122ff8a4d6","sha1":"174f51a0f18d3ffe4ba03fa9259db268dfb80abe","sha256":"6876dcdeb2dca16e559218b8f097a6f98ee0aba5060275550da3096d93eb02d6","sha512":"cfbdca29d7a035d311efb94a2fe565e647f0a7346ebbe9abf9a26f7cc759eb731a97cdf23fa419be5c09be13f6a9f97c0d80217c301881ea5228714b4b1b1bbe","ssdeep":"1536:Uebx/c64Jysq7vQBz3+Mfs7uinc4NI0xEgTk6dEmlVQZdDPzLFdKVxCWyx/W:UeGz3rfi6HFQVwWsW","tlshash":"c5e3fa46f254112c30274394a5a6737c7a2db093d706c9ba7adc2378cfc67f66972ac8","first_seen":"2026-03-18T18:51:17.497162Z","last_seen":"2026-03-18T18:51:17.497162Z","times_seen":1,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":95,"dns":67,"connect":8,"send":0,"wait":63,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"pumpclaimed.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 15 Mar 2026 05:29:56 GMT\r\nexpires: Mon, 15 Mar 2027 05:29:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 307251\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T19:31:26.473349Z","times_seen":209993,"resource_available":false,"data":null}},"time_used":163,"timings":{"blocked":64,"dns":1,"connect":7,"send":0,"wait":8,"receive":2,"ssl":78},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"verify-modal-2735.vercel.app/api/v2/handshake","fqdn":"verify-modal-2735.vercel.app","domain":"verify-modal-2735.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:50.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"POST /api/v2/handshake HTTP/1.1\r\nHost: verify-modal-2735.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pumpclaimed.fun/\r\nContent-Type: application/octet-stream\r\nContent-Length: 71\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/octet-stream\r\ndate: Wed, 18 Mar 2026 18:50:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a89hzFtLjm%2FE5pK9vNhI3ZGXRQpzuFTvLYDn1R0GBjjHyEL8%2BYP5uhhzng4dYvnuuRRuHbf1oGaY319rAotmjk9p3iTMB3Q6YR1NjUleEoMA8ENEekzJM8ixHH6cnnR9f6Y8Y245\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin\r\nx-session-id: 3a1367c63a21916bbdf1675eb56bf9b2\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::bxfps-1773859850726-2b6906182b7b\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":80,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"1989904494ba0cdb69439ff24f45aa1f","sha1":"570adf64abccc5f6a30731ee78139f7115a6471f","sha256":"e61e4074b0f0d3ee95722ca2564d8e98de0ef6d95b7d32dacc27b9b36b45527a","sha512":"d3821d58b42a9b6adcf7f8eed45e220e82b5c5576775f70d3f7e32e460d37b0a7abc880346c9eebe0312125ee2489f00f335de8f4b3fd1772961918764b9f7d3","ssdeep":"","tlshash":"e2a0125580584025845181324003c4052415ebc2f0f9c42190c0304c80c14c476053ac","first_seen":"2026-03-18T18:51:17.498099Z","last_seen":"2026-03-18T18:51:17.498099Z","times_seen":1,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 07:41:58 GMT","end":"Fri, 12 Jun 2026 07:41:57 GMT"},"fingerprint":{"sha1":"C0:16:76:CB:73:59:54:FD:EE:F5:98:D9:1E:84:2C:64:5E:69:4A:C1","sha256":"EB:7F:C6:00:94:82:C3:E3:51:75:19:72:94:30:B8:60:5D:EE:9D:90:4D:0A:8E:6F:2C:9A:F7:84:10:1D:65:C5"}}},"request":{"raw":"GET /solflare-bypass1-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Mar 2026 18:50:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 6028322\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nETag: \"cf5ac8fca45e5d0409fef8923c179975\"\r\nLast-Modified: Fri, 23 Jan 2026 22:54:15 GMT\r\nVary: Origin\r\nServer: cloudflare\r\nCF-RAY: 9de66ce5ed2e4e4c-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6028322,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"702758821d82f5549c2922f81710886f","sha1":"f318b7afd08f139ed22ac505130fc66efcc40962","sha256":"8b093466588a613d01fdfa9d301866c5a064d3f7e8b8d0105c6b3df4972c15bb","sha512":"27b892bfafa582e0d5b19eb7d7c7e714c468c58aecb3bc69f81b37b273f9222cb302f34045e4bfb3d436e6be55a3fa54b223cd6f801045bed2a8ba6dc3c41c90","ssdeep":"24576:WKS1/OBbi61/Vvx5qYONFC9VGM60S15tk+ebyMyRfMdlE:38h+tvxpOXC9VBTOFR0dS","tlshash":"412533b9b82a3481eb0179507d6f2522a9f7746f487b7f734354fa2363eae85d2c1018","first_seen":"2026-03-08T18:49:18.14445Z","last_seen":"2026-06-01T09:54:50.017658Z","times_seen":62,"resource_available":false,"data":null}},"time_used":945,"timings":{"blocked":69,"dns":14,"connect":7,"send":0,"wait":189,"receive":614,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/833f25fde7cb/main.js?","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:47.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumpclaimed.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 19:52:42 GMT","end":"Sun, 14 Jun 2026 19:52:41 GMT"},"fingerprint":{"sha1":"4C:0A:51:E5:0A:43:93:BC:25:9F:E8:50:A1:B2:B2:22:28:BE:2B:A6","sha256":"8A:9D:E9:B9:DF:21:A8:05:D8:4D:4A:21:D1:F8:56:2F:38:7C:A2:D2:73:9C:F8:E9:F9:28:CF:74:72:70:CC:63"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/833f25fde7cb/main.js? HTTP/1.1\r\nHost: pumpclaimed.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public\r\nx-content-type-options: nosniff\r\ncontent-encoding: br\r\ndate: Wed, 18 Mar 2026 18:50:47 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9de66ccfeb16618c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26229,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (26229), with no line terminators","md5":"73890f11926df7e252153a55d09a0771","sha1":"f158f0f35f6c70af68c82ab3e84fa4b604a1f400","sha256":"fc242921ab8b0652f84f79fc59edd1996e3981be5a55e76d96d58888d1190d99","sha512":"29c62b99866559ee29d4ca9ee560f666daae671a3f443dbf580996a1c28e660be45d431cf054afa706fcb228bfb2a7f55ce51dad1c9cbc1a2009b03e4a755427","ssdeep":"384:ExquLb+7RDKeeA24TvUSt1D3+ogNQxTXf2L/zUZpsJkciaY0JpmLNuLBin4T12WN:EEuGdht1DuoBTXf2tkIY084pzN","tlshash":"bfc2c68fb5d97e24e33e2474183bb0cae2ae7c5a64184514d300e9a4fce375897a6d9c","first_seen":"2026-03-18T18:51:17.499581Z","last_seen":"2026-03-18T19:14:13.183563Z","times_seen":2,"resource_available":true,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":13,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"pumpclaimed.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"verify-modal-2735.vercel.app/api/v1/config/mode?id=69a44c0328d9f4cf47ed21c5","fqdn":"verify-modal-2735.vercel.app","domain":"verify-modal-2735.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:48.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /api/v1/config/mode?id=69a44c0328d9f4cf47ed21c5 HTTP/1.1\r\nHost: verify-modal-2735.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pumpclaimed.fun/\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/json\r\ndate: Wed, 18 Mar 2026 18:50:49 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zr7RgBgVO8HvzbT3OjQ4RcMfHgg%2BSL2S1od6tRKaqEMOrBJS4tl594WMZX0581Kr7X2VdAIR6fkIjXsAiaR5ZFJAOGgzV%2FhGXkrwXSn2noUBtSS9zpLNhcr%2BUpUVSqyrIHCG02Qn\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin\r\nx-ratelimit-limit: 60\r\nx-ratelimit-remaining: 59\r\nx-ratelimit-reset: 60\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::cbjqb-1773859848096-feb983104154\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":37,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"6c8933ec6f2be0acd8db0fa1e80cd843","sha1":"4cc03cca7268d0f15e6f55b4e32b9960503ab006","sha256":"fd290ac098e76d9c60331d6fef354045796061cff05f3ac267ca4dc1db06cacf","sha512":"eb275b329c6df26de422358d034f2b1b69f5c0210497b0be1b0be7c91a9be5be20b24b7dac7583a22125d3b49d42571bfca013ade0ed6dc28265ca4d7e3d3610","ssdeep":"","tlshash":"f58004c435c51445040141c54414404455100031500cd01c44557d0050555505014c5f","first_seen":"2026-03-14T12:30:42.283723Z","last_seen":"2026-04-29T15:31:57.767322Z","times_seen":34,"resource_available":false,"data":null}},"time_used":1888,"timings":{"blocked":51,"dns":20,"connect":1,"send":0,"wait":1785,"receive":0,"ssl":26},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pump.fun/_next/static/media/inter-s.p.b9981368.ttf","fqdn":"pump.fun","domain":"pump.fun","tld":"fun"},"ip":{"addr":"104.18.34.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pump.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Mar 2026 18:24:50 GMT","end":"Sat, 13 Jun 2026 19:24:48 GMT"},"fingerprint":{"sha1":"9C:68:9D:50:54:A7:B9:54:07:33:EE:49:F6:EE:2B:4C:20:0A:DA:2A","sha256":"F1:28:49:57:1F:64:AD:53:FF:86:81:FE:D5:EA:A0:3C:2E:8F:F6:72:5E:0C:F7:CD:F9:98:33:B8:E0:DD:BE:28"}}},"request":{"raw":"GET /_next/static/media/inter-s.p.b9981368.ttf HTTP/1.1\r\nHost: pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pumpclaimed.fun/\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 18:50:46 GMT\r\ncontent-type: font/ttf\r\ncontent-length: 415539\r\ncf-ray: 9de66cc9fd9bb1b8-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31536000\r\ncontent-disposition: inline; filename=\"inter-s.p.b9981368.ttf\"\r\ncontent-encoding: br\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval' https://*.appsflyer.com https://*.awswaf.com https://*.fullstory.com https://vercel.live https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com https://www.google.com/recaptcha/ https://challenges.cloudflare.com https://unpkg.com https://*.cloudflareinsights.com https://www.tiktok.com https://lf16-tiktok-web.tiktokcdn-us.com https://*.facebook.net https://*.intercom.io https://*.intercomcdn.com https://www.youtube.com https://www.instagram.com https://auth.privy.io https://cdn.jsdelivr.net https://*.onelink.me https://*.lantern-echo.com https://*.vercel-scripts.com https://src.litix.io 'unsafe-inline' blob:; style-src 'self' https://vercel.live https://lf16-tiktok-web.tiktokcdn-us.com 'unsafe-inline'; img-src 'self' https://imagedelivery.net https://pbs.twimg.com https://downloads.intercomcdn.com https://gifs.intercomcdn.com https://static.intercomassets.com https://js.intercomcdn.com https://vercel.live https://pump.mypinata.cloud https://*.pump.fun https://prod-livestream-thumbnails-841162682567.s3.us-east-1.amazonaws.com https://ipfs.io https://*.appsflyer.com https://*.onelink.me https://vercel.com https://image.mux.com https://*.litix.io https://*.padre.gg https://axiomtrading.sfo3.cdn.digitaloceanspaces.com https://raw.githubusercontent.com blob: data:; media-src 'self' https://*.pump.fun https://video.twimg.com https://js.intercomcdn.com https://s3.amazonaws.com/media.pump.fun/ https://s3.us-east-1.amazonaws.com/media.pump.fun https://*.mux.com blob:; child-src 'self' https://auth.privy.io https://privy.devnet.pump.fun https://privy.pump.fun https://verify.walletconnect.com https://verify.walletconnect.org https://www.google.com https://meet.google.com https://www.youtube.com https://www.instagram.com https://www.facebook.com https://www.tiktok.com https://assets.pinterest.com https://vercel.live https://www.geckoterminal.com https://challenges.cloudflare.com https://app.bubblemaps.io https://app.insightx.network https://intercom-sheets.com https://connect.solflare.com https://widget.solflare.com data: blob:; connect-src 'self' blob: https://pump.fun wss://*.pump.fun https://*.pump.fun https://uploads.intercomcdn.com wss://bundles.jito.wtf https://api-js.mixpanel.com https://inviting-charity-4d7317bea8.strapiapp.com https://react-tweet.vercel.app https://browser-intake-datadoghq.com https://www.tiktok.com https://vercel.live https://*.intercom.io wss://*.intercom.io wss://*.intercom-messenger.com wss://ws-us3.pusher.com wss://10.0.140.169:9222/ https://*.awswaf.com https://ipfs.io https://bam.eu01.nr-data.net https://s3.amazonaws.com/media.pump.fun/ https://s3.us-east-1.amazonaws.com/media.pump.fun https://mainnet.block-engine.jito.wtf https://*.mainnet.block-engine.jito.wtf https://*.secure.nozomi.temporal.xyz https://*.helius-rpc.com wss://*.helius-rpc.com https://pump.mypinata.cloud https://gateway.pinata.cloud https://uploads.pinata.cloud https://*.livekit.cloud wss://*.livekit.cloud https://auth.privy.io wss://relay.walletconnect.com wss://relay.walletconnect.org wss://www.walletlink.org https://*.rpc.privy.systems https://api.relay.link https://analytics.google.com https://google-analytics.com https://www.google-analytics.com https://*.analytics.google.com https://www.google.com/recaptcha/ https://meet.google.com https://*.google.com https://api.testnets.relay.link https://*.quiknode.pro https://pulse.walletconnect.org https://explorer-api.walletconnect.com https://*.fullstory.com https://pulse.walletconnect.com https://cdn.jsdelivr.net https://*.lantern-echo.com https://*.appsflyer.com https://*.litix.io https://*.mux.com https://*.launchdarkly.com https://*.padre.gg data:; frame-ancestors 'self'; font-src 'self' https://pump.fun https://fonts.intercomcdn.com https://*.appsflyer.com data: https://vercel.live https://assets.vercel.com; worker-src 'self' blob:;\r\netag: \"32204736a4290ec41200abe91e5190d1\"\r\nlast-modified: Wed, 18 Mar 2026 05:06:29 GMT\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-matched-path: /_next/static/media/inter-s.p.b9981368.ttf\r\nx-vercel-cache: HIT\r\nx-vercel-id: fra1::kn5z9-1773848759175-b61c477f9cd2\r\nvary: accept-encoding\r\nexpires: Thu, 18 Mar 2027 18:50:46 GMT\r\ncf-cache-status: HIT\r\nset-cookie: __cf_bm=5rqGPTzSWJaMp6QaamAdPwArVyV2n1Pt.B2faA1W3_8-1773859846-1.0.1.1-ik7puXrlRiJSDU.z03.6gocnB7SZers0qyCRPL863dtXByxypBrvWEh4xdQPAwxUErEyJzgT92u53EG7yYCPj55DrLRI3dAZwJHVWMQCm3A; path=/; expires=Wed, 18-Mar-26 19:20:46 GMT; domain=.pump.fun; HttpOnly; Secure; SameSite=None\n_cfuvid=HgMDiEZP4.QFQJecdfO_XoC_fVH9eD28huRXWF9eVU4-1773859846855-0.0.1.1-604800000; path=/; domain=.pump.fun; HttpOnly; Secure; SameSite=None\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":804612,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 19 tables, 1st \"GDEF\", 50 names, Microsoft, language 0x409","md5":"32204736a4290ec41200abe91e5190d1","sha1":"26752c31bd3be24b0608ee27ac8c9a9a27245268","sha256":"cf3cb43b0366e2dc6df60e1132b1c9a4c15777f0cd8e5a53e0c15124003e9ed4","sha512":"fc6ee5429ce64f9144f27be67cdd572d8a2f543ab92ee292e757bbce55a35b0058f3006fc680a45ce8cbac8e39748338d9a8562e3a21e8afa2f9b88b87ff228f","ssdeep":"12288:SXpgXHcNAygxZJ6/gVROEODDI9BWDOL5I8F5wrMXjSL2tr23t5HC2yOU8:S5gXcNAygxZJ64V4DDYZWmY5MOU8","tlshash":"5d058d37f796a91dd12e0b74c3f3cf6267357861af27530baa1639639e433e42608285","first_seen":"2023-10-14T00:46:20Z","last_seen":"2026-06-13T19:18:42.252487Z","times_seen":910,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":73,"dns":21,"connect":1,"send":0,"wait":140,"receive":25,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pump.fun/mobile-upsell.svg","fqdn":"pump.fun","domain":"pump.fun","tld":"fun"},"ip":{"addr":"104.18.34.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pump.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Mar 2026 18:24:50 GMT","end":"Sat, 13 Jun 2026 19:24:48 GMT"},"fingerprint":{"sha1":"9C:68:9D:50:54:A7:B9:54:07:33:EE:49:F6:EE:2B:4C:20:0A:DA:2A","sha256":"F1:28:49:57:1F:64:AD:53:FF:86:81:FE:D5:EA:A0:3C:2E:8F:F6:72:5E:0C:F7:CD:F9:98:33:B8:E0:DD:BE:28"}}},"request":{"raw":"GET /mobile-upsell.svg HTTP/1.1\r\nHost: pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 18:50:46 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 22363\r\ncf-ray: 9de66cca0ce1120a-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-disposition: inline; filename=\"mobile-upsell.svg\"\r\ncontent-encoding: br\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval' https://*.appsflyer.com https://*.awswaf.com https://*.fullstory.com https://vercel.live https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com https://www.google.com/recaptcha/ https://challenges.cloudflare.com https://unpkg.com https://*.cloudflareinsights.com https://www.tiktok.com https://lf16-tiktok-web.tiktokcdn-us.com https://*.facebook.net https://*.intercom.io https://*.intercomcdn.com https://www.youtube.com https://www.instagram.com https://auth.privy.io https://cdn.jsdelivr.net https://*.onelink.me https://*.lantern-echo.com https://*.vercel-scripts.com https://src.litix.io 'unsafe-inline' blob:; style-src 'self' https://vercel.live https://lf16-tiktok-web.tiktokcdn-us.com 'unsafe-inline'; img-src 'self' https://imagedelivery.net https://pbs.twimg.com https://downloads.intercomcdn.com https://gifs.intercomcdn.com https://static.intercomassets.com https://js.intercomcdn.com https://vercel.live https://pump.mypinata.cloud https://*.pump.fun https://prod-livestream-thumbnails-841162682567.s3.us-east-1.amazonaws.com https://ipfs.io https://*.appsflyer.com https://*.onelink.me https://vercel.com https://image.mux.com https://*.litix.io https://*.padre.gg https://axiomtrading.sfo3.cdn.digitaloceanspaces.com https://raw.githubusercontent.com blob: data:; media-src 'self' https://*.pump.fun https://video.twimg.com https://js.intercomcdn.com https://s3.amazonaws.com/media.pump.fun/ https://s3.us-east-1.amazonaws.com/media.pump.fun https://*.mux.com blob:; child-src 'self' https://auth.privy.io https://privy.devnet.pump.fun https://privy.pump.fun https://verify.walletconnect.com https://verify.walletconnect.org https://www.google.com https://meet.google.com https://www.youtube.com https://www.instagram.com https://www.facebook.com https://www.tiktok.com https://assets.pinterest.com https://vercel.live https://www.geckoterminal.com https://challenges.cloudflare.com https://app.bubblemaps.io https://app.insightx.network https://intercom-sheets.com https://connect.solflare.com https://widget.solflare.com data: blob:; connect-src 'self' blob: https://pump.fun wss://*.pump.fun https://*.pump.fun https://uploads.intercomcdn.com wss://bundles.jito.wtf https://api-js.mixpanel.com https://inviting-charity-4d7317bea8.strapiapp.com https://react-tweet.vercel.app https://browser-intake-datadoghq.com https://www.tiktok.com https://vercel.live https://*.intercom.io wss://*.intercom.io wss://*.intercom-messenger.com wss://ws-us3.pusher.com wss://10.0.140.169:9222/ https://*.awswaf.com https://ipfs.io https://bam.eu01.nr-data.net https://s3.amazonaws.com/media.pump.fun/ https://s3.us-east-1.amazonaws.com/media.pump.fun https://mainnet.block-engine.jito.wtf https://*.mainnet.block-engine.jito.wtf https://*.secure.nozomi.temporal.xyz https://*.helius-rpc.com wss://*.helius-rpc.com https://pump.mypinata.cloud https://gateway.pinata.cloud https://uploads.pinata.cloud https://*.livekit.cloud wss://*.livekit.cloud https://auth.privy.io wss://relay.walletconnect.com wss://relay.walletconnect.org wss://www.walletlink.org https://*.rpc.privy.systems https://api.relay.link https://analytics.google.com https://google-analytics.com https://www.google-analytics.com https://*.analytics.google.com https://www.google.com/recaptcha/ https://meet.google.com https://*.google.com https://api.testnets.relay.link https://*.quiknode.pro https://pulse.walletconnect.org https://explorer-api.walletconnect.com https://*.fullstory.com https://pulse.walletconnect.com https://cdn.jsdelivr.net https://*.lantern-echo.com https://*.appsflyer.com https://*.litix.io https://*.mux.com https://*.launchdarkly.com https://*.padre.gg data:; frame-ancestors 'self'; font-src 'self' https://pump.fun https://fonts.intercomcdn.com https://*.appsflyer.com data: https://vercel.live https://assets.vercel.com; worker-src 'self' blob:;\r\netag: \"20e346583b6756a13559f1583009b9e2\"\r\nlast-modified: Wed, 18 Mar 2026 16:48:46 GMT\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-matched-path: /mobile-upsell.svg\r\nx-vercel-cache: HIT\r\nx-vercel-id: arn1::srtw8-1773859846789-d8c6056a3494\r\nvary: accept-encoding\r\nexpires: Wed, 18 Mar 2026 22:50:46 GMT\r\ncf-cache-status: MISS\r\nset-cookie: __cf_bm=wnA.bTIuFywN1JtGi3wCDwhe7RQy9JkA6HrzexLHDQk-1773859846-1.0.1.1-DvjF.AQE5xnufBIcpeazKxlB2K.qL0MWMaamwhKhGHBwpps.lGfwwrNTJm72sa.I8IWaB4zoox6g0xKz0uzw_w91svOwlEnUaCnuJp.pXvo; path=/; expires=Wed, 18-Mar-26 19:20:46 GMT; domain=.pump.fun; HttpOnly; Secure; SameSite=None\n_cfuvid=RS.RmKY7.pwWQGk_V78gifnuOizVBm8MLm_H6UxrJ0M-1773859846836-0.0.1.1-604800000; path=/; domain=.pump.fun; HttpOnly; Secure; SameSite=None\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":60488,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"20e346583b6756a13559f1583009b9e2","sha1":"9b7703a462a9c20fb947cc1fd724a75d61ba3238","sha256":"d2161f883307c949aa8149a3de14fe1571e050c577c8af6b38a4a3b56c3cba83","sha512":"ede21f2d59a546e212d8dedd1afdde210ddcbb5706a55325bbb4ca132f96b848fefedaa394b97e4b8843792cc031fc53614e501378a620f4acea8146bab9ca3c","ssdeep":"768:hFj6oZjZWzlcH6iVbSCqjew8xrGfKsqaI4:1ZjZS2RMSRxriH","tlshash":"7c43ab30778c1509d270abdd831ca496e833a0839a1b0594cb433dea5f6a795fd7b1ee","first_seen":"2025-08-29T22:10:37.955387Z","last_seen":"2026-06-07T04:18:21.534364Z","times_seen":197,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":65,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/noir.js","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumpclaimed.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 19:52:42 GMT","end":"Sun, 14 Jun 2026 19:52:41 GMT"},"fingerprint":{"sha1":"4C:0A:51:E5:0A:43:93:BC:25:9F:E8:50:A1:B2:B2:22:28:BE:2B:A6","sha256":"8A:9D:E9:B9:DF:21:A8:05:D8:4D:4A:21:D1:F8:56:2F:38:7C:A2:D2:73:9C:F8:E9:F9:28:CF:74:72:70:CC:63"}}},"request":{"raw":"GET /noir.js HTTP/1.1\r\nHost: pumpclaimed.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 18 Mar 2026 18:50:46 GMT\r\ncontent-type: application/javascript\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cXf%2B%2FcOvPzFZ3JvnDhSXe97HlEPDXTde6r0tldfJQ%2BsGh8tTdjcmLOSXERAFCNnAoLJL5kzTZyuDYqct9pswL%2B8zRvjAVfvQU6v7Hyur%2Bg%3D%3D\"}]}\r\nlast-modified: Mon, 16 Mar 2026 20:40:56 GMT\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\netag: W/\"69b86ad8-10547\"\r\ncf-ray: 9de66cc98a05618c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":66887,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4f0830df30d6345bcee45a2dd56f7722","sha1":"515d1395de6944be0eccd30af23fa5c364b9d5fd","sha256":"83517b854be605e571c3a1860d16be6315f4028b6d2ac95d7ab84a75e4b0a160","sha512":"c96f16de8ed97731d569e1a1ff892f681cced7dc8bff5a9f4e1b91db6f71e36a0d3715146319ea1b61a28c6a767b7b51079c2842e97dfa4a55dc8289264fa119","ssdeep":"1536:cMKGg2gPKeO3v4BEnbkMKslM/omB4jsjw96Zvg3nnaV7fTInzDZuDTemFHkcXGzo:hPgieOfTnoMkzWSVX5kSx","tlshash":"e7633babcf4f2d42cf741b0613ee1ccd062d5b8bb4d244dd9a1ab2ce825a66714c85ed","first_seen":"2026-03-18T18:51:17.502438Z","last_seen":"2026-03-18T22:33:00.684211Z","times_seen":2,"resource_available":true,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"pumpclaimed.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 15 Mar 2026 05:29:56 GMT\r\nexpires: Mon, 15 Mar 2027 05:29:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 307251\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T19:31:26.473349Z","times_seen":209993,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":23,"dns":1,"connect":9,"send":0,"wait":20,"receive":3,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pump.fun/icon2.png?icon2.c689dd9a.png","fqdn":"pump.fun","domain":"pump.fun","tld":"fun"},"ip":{"addr":"104.18.34.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:47.533Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pump.fun","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 15 Mar 2026 18:24:50 GMT","end":"Sat, 13 Jun 2026 19:24:48 GMT"},"fingerprint":{"sha1":"9C:68:9D:50:54:A7:B9:54:07:33:EE:49:F6:EE:2B:4C:20:0A:DA:2A","sha256":"F1:28:49:57:1F:64:AD:53:FF:86:81:FE:D5:EA:A0:3C:2E:8F:F6:72:5E:0C:F7:CD:F9:98:33:B8:E0:DD:BE:28"}}},"request":{"raw":"GET /icon2.png?icon2.c689dd9a.png HTTP/1.1\r\nHost: pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nCookie: __cf_bm=wnA.bTIuFywN1JtGi3wCDwhe7RQy9JkA6HrzexLHDQk-1773859846-1.0.1.1-DvjF.AQE5xnufBIcpeazKxlB2K.qL0MWMaamwhKhGHBwpps.lGfwwrNTJm72sa.I8IWaB4zoox6g0xKz0uzw_w91svOwlEnUaCnuJp.pXvo; _cfuvid=RS.RmKY7.pwWQGk_V78gifnuOizVBm8MLm_H6UxrJ0M-1773859846836-0.0.1.1-604800000\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 18:50:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 171040\r\ncf-ray: 9de66ccf185e120a-OSL\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=14400\r\ncontent-disposition: inline; filename=\"icon2.png\"\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'wasm-unsafe-eval' https://*.appsflyer.com https://*.awswaf.com https://*.fullstory.com https://vercel.live https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com https://www.google.com/recaptcha/ https://challenges.cloudflare.com https://unpkg.com https://*.cloudflareinsights.com https://www.tiktok.com https://lf16-tiktok-web.tiktokcdn-us.com https://*.facebook.net https://*.intercom.io https://*.intercomcdn.com https://www.youtube.com https://www.instagram.com https://auth.privy.io https://cdn.jsdelivr.net https://*.onelink.me https://*.lantern-echo.com https://*.vercel-scripts.com https://src.litix.io 'unsafe-inline' blob:; style-src 'self' https://vercel.live https://lf16-tiktok-web.tiktokcdn-us.com 'unsafe-inline'; img-src 'self' https://imagedelivery.net https://pbs.twimg.com https://downloads.intercomcdn.com https://gifs.intercomcdn.com https://static.intercomassets.com https://js.intercomcdn.com https://vercel.live https://pump.mypinata.cloud https://*.pump.fun https://prod-livestream-thumbnails-841162682567.s3.us-east-1.amazonaws.com https://ipfs.io https://*.appsflyer.com https://*.onelink.me https://vercel.com https://image.mux.com https://*.litix.io https://*.padre.gg https://axiomtrading.sfo3.cdn.digitaloceanspaces.com https://raw.githubusercontent.com blob: data:; media-src 'self' https://*.pump.fun https://video.twimg.com https://js.intercomcdn.com https://s3.amazonaws.com/media.pump.fun/ https://s3.us-east-1.amazonaws.com/media.pump.fun https://*.mux.com blob:; child-src 'self' https://auth.privy.io https://privy.devnet.pump.fun https://privy.pump.fun https://verify.walletconnect.com https://verify.walletconnect.org https://www.google.com https://meet.google.com https://www.youtube.com https://www.instagram.com https://www.facebook.com https://www.tiktok.com https://assets.pinterest.com https://vercel.live https://www.geckoterminal.com https://challenges.cloudflare.com https://app.bubblemaps.io https://app.insightx.network https://intercom-sheets.com https://connect.solflare.com https://widget.solflare.com data: blob:; connect-src 'self' blob: https://pump.fun wss://*.pump.fun https://*.pump.fun https://uploads.intercomcdn.com wss://bundles.jito.wtf https://api-js.mixpanel.com https://inviting-charity-4d7317bea8.strapiapp.com https://react-tweet.vercel.app https://browser-intake-datadoghq.com https://www.tiktok.com https://vercel.live https://*.intercom.io wss://*.intercom.io wss://*.intercom-messenger.com wss://ws-us3.pusher.com wss://10.0.140.169:9222/ https://*.awswaf.com https://ipfs.io https://bam.eu01.nr-data.net https://s3.amazonaws.com/media.pump.fun/ https://s3.us-east-1.amazonaws.com/media.pump.fun https://mainnet.block-engine.jito.wtf https://*.mainnet.block-engine.jito.wtf https://*.secure.nozomi.temporal.xyz https://*.helius-rpc.com wss://*.helius-rpc.com https://pump.mypinata.cloud https://gateway.pinata.cloud https://uploads.pinata.cloud https://*.livekit.cloud wss://*.livekit.cloud https://auth.privy.io wss://relay.walletconnect.com wss://relay.walletconnect.org wss://www.walletlink.org https://*.rpc.privy.systems https://api.relay.link https://analytics.google.com https://google-analytics.com https://www.google-analytics.com https://*.analytics.google.com https://www.google.com/recaptcha/ https://meet.google.com https://*.google.com https://api.testnets.relay.link https://*.quiknode.pro https://pulse.walletconnect.org https://explorer-api.walletconnect.com https://*.fullstory.com https://pulse.walletconnect.com https://cdn.jsdelivr.net https://*.lantern-echo.com https://*.appsflyer.com https://*.litix.io https://*.mux.com https://*.launchdarkly.com https://*.padre.gg data:; frame-ancestors 'self'; font-src 'self' https://pump.fun https://fonts.intercomcdn.com https://*.appsflyer.com data: https://vercel.live https://assets.vercel.com; worker-src 'self' blob:;\r\netag: \"f1bd488f76adea521d1cfd37122ca30e\"\r\nlast-modified: Wed, 18 Mar 2026 16:49:03 GMT\r\nstrict-transport-security: max-age=15552000; includeSubDomains\r\nx-matched-path: /icon2.png\r\nx-vercel-cache: HIT\r\nx-vercel-id: fra1::5w2tx-1773859847585-b3fbf21de220\r\nexpires: Wed, 18 Mar 2026 22:50:47 GMT\r\ncf-cache-status: MISS\r\nvary: Accept-Encoding\r\nexpect-ct: max-age=86400, enforce\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":171040,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"f1bd488f76adea521d1cfd37122ca30e","sha1":"1bbb7d1e1f5307bc38c179d1da114edebf2cc75e","sha256":"7dc9c4c4c538d66db7cb3a92f6481c57cb1d435742ec651e6db3d3953431707d","sha512":"c03166a137e07787b923e1683e7b02199be51f7e41d9497c6f33bc9ab0ccc4111895692be41c36f9c1810d76e1c761d3397e35fa72e4267c73d4aaaad48c66cb","ssdeep":"3072:Cd5h51rQK4TzyXx20z6RqAicPFqIcM5gRy1xNfXE0wBBLhO0y+0pVxX1Hilw:C/1EtyX40z6Y4PAVSCsxNfXElBJ/y+iL","tlshash":"d3f323da1e689adceb1302917db05ded37a670e45ba1b640fcc80d14b5d3379a891bf0","first_seen":"2025-02-16T19:20:16.384713Z","last_seen":"2026-06-08T13:06:30.141201Z","times_seen":176,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/cdn-cgi/challenge-platform/h/b/jsd/oneshot/833f25fde7cb/0.17275346515886933:1773857678:PR3A-of3ftDMUyxnyHG-xIAjqXu3S6bZkF_MucN420c/9de66cc7eb1b0d2b","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:47.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumpclaimed.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 19:52:42 GMT","end":"Sun, 14 Jun 2026 19:52:41 GMT"},"fingerprint":{"sha1":"4C:0A:51:E5:0A:43:93:BC:25:9F:E8:50:A1:B2:B2:22:28:BE:2B:A6","sha256":"8A:9D:E9:B9:DF:21:A8:05:D8:4D:4A:21:D1:F8:56:2F:38:7C:A2:D2:73:9C:F8:E9:F9:28:CF:74:72:70:CC:63"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/jsd/oneshot/833f25fde7cb/0.17275346515886933:1773857678:PR3A-of3ftDMUyxnyHG-xIAjqXu3S6bZkF_MucN420c/9de66cc7eb1b0d2b HTTP/1.1\r\nHost: pumpclaimed.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 12146\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":12146,"data":"EhB$31me2wPCCRHUemYUnb$3UE$PV$mCU3UM5yUbwU9UvxjesBI2DUSUKsXxAUem3DUPwDmUwhmqlURwyB1lyhzUn$iAzUMNjUURDURu2hu$Xwxi31P-7YhL$Xz8-CsKCF+U2pjZ9i2kNj+MPVbmUUKjAfRhIbUcAD2bnh$UzbyUMAijjjJeVn1++n1i$U5hABj$zYCU2AWkmKjioX8NzHO8U2FEUmvUM3Y7$PDfKQEBjuZU5qPMjp75HXmmU25jUUvH5N3IFtQfUmWXvou6jMbUUAW0d21BU2-8EP-BTf1URgczo3nlRt1mUUN2y$k$W2QIlOnk$b6VUzVBh$-i9UURj-DxLyPHe0He7HVUgKAUlpswVUBfPxlC5qbzVm0kRbAnnRDPpf0pAsljbCdZVHAfnhFbA-IxCn4lUUMdvbBU$70I$Pv$UyTd1LnL5nh2bW8dwhLC7Lefnw$X2CYZlbUeVNBUVwtFA72sEMjE7dU6D3Mc7NiwRxoE4E6YJvuEJPBMm7OSwg4BUH9j1CzHnO3qKX1UzUSB85WL+QpXHYrc+9HiI4inCEn2rn5g+wSUXveUrqHHwF6K1OrmAI-+3H4przykqjNtfmZIx4fBcQAhR1V32r3oSKWUSYPip7zNPssjq6iRdeXr6m6MUPPfx8kIdNQdp9snAbZQ-RP8ThxPO0rsxaX7Dps2J30kDU-a1UWm0$mz-XNRiAPAoxRYdDi3DyLRHBk8jSVvTyAs1Ktq3TeT3-1mMIPXvDDZXRtVAo-xht$eiUz2V-$UTSwvBKDCjB6UL3w4jD2vF1+y-3SWRU71vEht$nJD+mn$HhdFUhq9dmd83kjBI$+UWHmumH$$WPs7QhwxtbYXzi$Y2B7yMjBE2CBBlULmWbimmWkmMPxMPpmbE21RU5Q1DBAyOXoW1cRUtX132rQB1OB2QU1jU+3jczYjbH2Pkchy+22PLOlLKBvVxh9IBwHUITjhQUdeVpIXxjUYjWeYuwuEmseI$nh3wAycEWhy7quxpZvBpzEBCBVqKLmmPVCw49l$d0LdzjmWUVIBW20bnNO023qzCppjjHxzX+bppnRj20ZVE7ieiMRBYXVkPIw2njrzefPIUNqNlv26UvVW8VU1E4qzk7xWUBgWwjH2ZTA2BA1BmmzmVz1emj4XakP1kB-9-wY3wWTxSDfmcbe8YCXRMUzb1jy+RxpxbDqgkUI20wW4qxWcPVMm$32lRcsH0m-zu4m-0VVE$Ezgk1TMZkM+Vw7Bt3a9gkWbLLRcB$D8BQbKSHFCbmHswxcCnsmRUDzH5UNitrWisiwIlm$beZq8RUM2njjCQI21I$FUO8inEO-yxnjR3XVji1FBq1B6qjb6$jXPFsZIl21BAHmnRN94hwIEPmXffUYR+rWYk1UEzRnBU0qgM$Y2Ps1xdCSC$U3ViLk$mCLDxB$6W3825CHs1QwHrWPu4S6Rgk96CjbCah2P$1FbHp53Sp+$HoCRarfoRZWLIR85ns59DnVcVusf+UnQq4z$X+ux4-lZcKsm7aDmH9cHoa3cYmfRbkS4FadUVmlZcmsNzw2wm6c32V3zRUrUdU$jl5ltSYdoguUAkQ7hPY+PCb$R6CHbm8PxRbExpnbUgx$yfXtnHkYSm0y7F5LLwo0CUmIlms2CVCBwMVXiKPR4xkV1$SUYbYRA07PTuzhsYmbkuEdPLdhOWZnVyy5cp21XsmVP+8Uw-53MyMqBMUMPxTmwH1VRC3PmVOfoM-E$U1cRIIcv5fsP-ZRC6sqehy4X$N57hZsszvHFbAYtUM+A$LTYimH6xuiN9jXeDSU$cMbqikx3b8MOBzhJDiMV8I9zEhOTDBwiVfUeNJMUbzaMjm5dzwRTxIW$sYBosQ$1pM+V1n0XbRCwUMcZKuD+3LU$MuOiWUK9VBM2MDKg5+DbvM1+xUcmmCqUDw+hnjPMwgpDvL+mDURiHKAEEY21bw1gTov7p3hXT3HPARe8ATV+y0DI$x1mjRq1A7Od+8mtXFvLZOeOvH6j8+UjbSHWiWUsbwkKh$UqfYI7z$UWoBMV2z1nDy+9jEJjqV1pqw24r5x0SLN5orHzgnWt$s2AmB3YEe1noPEj15yZ2ImYdDk6rJawLhYmOyq6dw53UANZC1iIHySAzmTNkvJ9qc9U7-R+OzNDUmYF5DIcFInwhJ7$iY9+nI2ZCWDpNtwrCjHMTLanswoJQHjyZEpwqTMKFd2zK+bYH7+$0P5fHHLRkVb$pscqvEhVWnNru6fuFwBRsJnCfPRmqJc9OBIKPEWOzLD0BwcfUo0928vJWyg9Emk-uhbrBLyTNLeLg7$hxVf5n5gE4Dx2vxLvD9b55HKfkxjKYdhyjPIXktY$I8m0zW51mR5husH4dAFlLe0Hy$pw7OrDK7e081RYgpdd$6yvrC2dVY-IvIUzHLoNw1+S2i277yiPbUUMIyv9URBVgrmw-csqVWF6h$YpjXHrOrJV2NprB90KTY+M0XUIt+1Kg7$oBFRflFFo6UiKBuFOgwb05-$0VnN5$6VK5Hz4bwCR$WQK4hP4VgwUeHZH84b2v$$O-hzYPCmVTD35nbLm4VD91Hm3yZzJyRtyU9$9Ut4Ki7RuzJ06M-OsNFSEA4UoIVUiiyfCc6BmObB9h6XBjRM6naJJ$uObx3y1tkzX2IvASBzLXgOyIWyH+nhvT9hldyXs$ZjUZNbDSw0AJPhMg6dmQfKPRcX4Bi7eRdj121VDBTS$zKfMbOURj+TuBdSOs-IUX$yRzzKx2q4Xc2BoiYyIDA$db0xHZhHb$cVp7LoNbeZu04UIEgtlOHefv1pPgnR-dnKYji6szVbRAyuAJJR3xnOHz3w$R6rz6$MVkLgrDAurutbtyWrlK5c8NZMzETI2z7$8neIci6LA+hx5JmDbhebP3HF1n-Kx-QXKme1gCj3ITj7CwBFfjbTxlq0CVi+2m2HYf-QkUKRLhgLJiVQycBsDctII3udatqHgo05Az+c0b3QmxO$Iwx5vcCEEHUVHKm1DxU$ZZfLoqovQl36mXLyr0Vj8XPnzNuBKp9nXcdEPaxioBjKRyydmWChY+MpXw0w-+jisxm4coSIH$wU$Mqynu7CDsA9XWDN+C3wImbpuOYTsbg79Nx3in9kOqWWoYZKKljbbb4IKTYwm7QvwyuN5IRLCmHQeVFzK0D4M7R1iSNJb$F06mCJRXDnfD-igj$bNftldHNEcQ9dINRPAD8ZZHdDwYj+-AmdNwC7cCjNkKJU59v$$YS-cV5oV2gKzRJ1+XVjulm2yB-9s$fUbTIYd4dfsQwjSRQoJqDdkeAff4HX507dP1bX8eFdbr$WSpteeCNUaAV1r$SeQNjqaOv6AwsqV8mn0uF9zJCnO34vpYowfp48mWa4ti19cV+dLKCRuIBbRpW7zdmEFU+zhAMWsRcxcd12bEC9gttfjoWntPB1tfpA1w7o8tMfHklMWoPP29VDsPX933v13oWyHDsR8ox2SPK$DoFP0LJ$tNsn5IXNzJoPMnEyVb9BAjVE2MMCjwoCyy0AwP0IpTcMc3ytyJVizLuf5Mm1UVgREnuIEM+7+njEwDEmpEhfWMfR0NkDmfWjcba$uDZbHyU7UekA1ThRxjQyRono5y13DtDdx7Vm1yBIS1gTSIC2VPrPbUbE2jXfQMpnIL1LABBMQwjjxiTtMty7$HBr3MUv4nVV$HJ1AdENknAiWMCfwXNUu$H0ZmvNnoNJqR1j4nByM3PtbLjjrPXAYMY7sjKPXt2ww9xDNBg9l9qXl79yTfFnJRzA9tDJ81HoQ21P3$tDX7z7kCSNhO6oX1$e2JHvV+t2VBAH1bJLzAdEbHnoXnzOZ$CiKCsjLPqPxbVDw0CLL0JLioFjhqhOFth+UTx$IwA9mNDn+EzK39HqgMoMckinj3x9-NcR7ywla3fCSDS3xRa747RNa$ey517DhN2fwPkJOnkd032DxXj9qENdXtbCIU5feiTAwDABQ9$qN$xmNJ41sDoASdCiWb0J26y1RJpUBfHBa7JBnRf1jf2USDEAgICRHkbC2C$ik7NwXo5lcNx92juAgnTCzMDXciaCHB2rE$umVjhzj2jDEIXnkoQTe2xbAk9MZIXnINsUuMq2epILc$12ezzdpotBD+7CzNtPBRUqsmUr3XQ70bDKD+VjVmlmcV3f22z0B3Dw2Jxtu1BMx7x9QRuJDHuUziAw2R3wjNOdDmnPx2xjcTWLxC2AD9oXJwVqFRYJM9mNt9xPt1sRENDN2q5lbfD2bbUV1wXfxfo3NbVMPdH2EDBTxNeb7CRiVkW+p9Vmg12X4MqMpLzJxIcPVkJIcYE2-0+qEJRvwH2ddHIqmtWPxUxkdq6f5dBHDOo9pRiC2Ejb6JcD6I2jXoQ2PBRYUUpTAklTFioAh0wfkd+iMMT+gPXII9xDnI5Awm$$1m7NROCtbEq$a7MjFzdI1H1ezPcXNEjU862$MfAvJ$L6C$u$q74ddi4fiCBIctcREo1yBTFiDzmO$V1DwvUe1muCHj10VC2bVPanR7z2$VxViAmvLqnIUzmp+mxmoDs2WHmza1a9i6jXWOSmeJYvP9Y0tXYqPAo0KDqwHmvNDC6PHwsjKPJNxdHqz6rk6PETo0mpp9mrCpCJJtlw-IQtCHwkMlVkx2HBKvCA5VtDPJEwQT2vBpfDZmkNumMkWKJzCPpmBVEjBHrPpPTe+1U3D3VXQRgeUrIdx2atMePyzfwVxkTO1iz1ldSN9PwJl$4btUg+$lWYd6AL1MnwM1e00AEmd6wNVvCAdHgIm113OXxbgPn70b9tWDcRCmHEpIgL+o-CaCbPBrFpPJgwOeZw2$NNFyQLtEvduvg9H9gUUlgHeLzki$VkXnUyJH1Bk92KAyHBerhr2MlXNXRJH6LAgngOdnKiRAYR+bbPxbsoAR$idf3RELE6FfDRCmnXynjbwlbCzEVRyKPLo+R$rjbjkw-$S3RK3yNL2Krt$PNY0Po1+VaU2wzPb1NbVjW6ddEfLBWDxMs+N2uH+djDuLL3sv2iW3loI6jvC9MeCHmzzoF+myNO5psrqDyPbw1VgqpDk1SMNVQlbK7UEoQOfUedYd+tW+7wBUE1jv8K662MfDwKTBl1H3P0D9wjgtjpLCufDKjPWizCIRzRICs0UoXmz1qYM+5qgwuzid9DcATdjTPHjkLPgjBUN2ZdF1S1VDlN9Eg0Sd70beS0hrdVrOVL2Twt4oTzD06qpjDf1JfTs+i0DJjOCOr9XL6LAwH2o0qewikLUqMtVmBPwbCTZezjij7qZ0KDOC8NKm+6pjkbKimHgCzmLHsrzY9TxPwvC1vpCAgywDmom1V2BiYltoRvwrHjweSC-14jcEErxLs3SmvH7OO1-n1C5pVlWYE$w94BjnLezMd1m7vJH+9r3990Dp1VyqNCu9b3jVxRsdeXfNRq3XyKKv8JBIkm2+SYS0cDNvR74kDtaLHkDLSiWd0eswqwbOV172IOp7pytb3Jd+X$NpzwZMfLOjEtSzLj-P-j5V1v2y1U$pVERnpRZwHkl3bvJAk1LzHY-zUrQ2rrcbzv-0Y11+izDiuL1w-v7nRAaqr9MCu$4A+n7vRe2npv9DCX4UPK6rVZswIBnYiqXN2vAEVCjPgrDMnECL2kNB4Ev$2BC7NTaNkRe6v$Wv434fWq1OqmSqBiHP1NBWrXVwA+ueunTVx3PHDd0wD9fR1qNU9Amvn92K20k3W3WU22JJfMpA4VqP$7PmABbWftrLmr2M+p2BgnIJZzAj2dZTW1eKmd+XbnRjAcl+UDXzsE4nBuBmnTQU2nHzLTeXmC6Nhzh-cm12D9r+26hNkTFvczwwTvUS9OfOVLz$prqYRlqzqzQ+Q+CdpKz2HRHbJJO6QoRKBaU9Vi0YE6ZIaNFL8JnJF7Ftd0YiPCM6PynMkREL9191Ho0nICPz81eVYqvY0Tw-HTHBOlI6QfN2xk2Hszzn+U6Hmi0DtPVM6jwmh0kY9MfMHpUA2JHlnpBWYezBMArdoJFqLvQMpJ46vdAOsBHHhTp2FVx6Vwx+2PdAVIAM3bkbj0NUjIhgR0-ep6OfoPs2c4Ofh2PAmzBO5TlHj3xwHH3H214lbtafi+iHNpH09bj2NEjRA5DbCYMKjfQMCYN$VZBZe8A3egw8T09KBMXrHkglmOQzq+3Y7m7kmig6v74r4OqD1FEnWH+Asz9nRb2xuyHU$uV2tznwKlKYKesq005apqmf5hse-NVFrVjYo1nPX2WFoJBA4nu2HREC-Ippidk7IsefIF3+idJ0pHP$g6KfWREyI$CLCoBDw5NesMNDonYlzQnfQXuIKNUVKKQHpnV+7mcjcRxKBZz3sw-0f1KYnlbdzsW2j0rogp4ORYzepqBspYQYKpviWRid0RIqs18IW+w-F1d7CWM0PtYp+BfLeCFORqMeUxqlYQxH4neKaip10okMqTaeK96TBDHSHjSz$vqvBjbEfAgCIpVD4tgvff2mF7qnuRxMffsPVusRcjuryC2Dr6t+1mA4ducEcoXl+Kpl+5fizFxRh3FrYhc1wPbPgw1RPVTAbwfvRh+oh6bcgVaLHXeZ$S$gSk$alDMy59uLdq39H2C3HUPOpoxh+tnzx4ocK$w-JNQzds7T3lm8p0pRTeS0D13KBbd6qnJb2CdCA$jXCvE$kH3rgVxDcdYcArDBf$j31+K$c7lzIaeWmYYKBlgvlCFtdWoWJyFNHMpo11VMBd4wCwHxBz5dKH-V2+iy5IBgCtJgXX8zdvFXy7WPj7Ke12ee5aH-xAvQvQyZt20iz7wZcYSPr6hcWuNHOYDyDoL8AhCoVrmFHgOLnpKq3r97CLJnQVdca0iiZ7VI2RkLAXt6WWLw57-o9kLEvr6d0UOeJd2Sw-E0-jLSzPHDuS+OVnIeZbvKaCyvEITk-amzq1qdDStesFyVIqvp597rwtwtYnd-w4+3RYAXtdO8j+NPX7wc2$D8+9j3JpRIqRe3Qj2uiinlcwLCpHX+DJjrJLJHmHjeJW24ZCT$T$zF$V2BpbLU2CORMqBsMivoFiHUBQr29$jj7TK-bqok0lDoVz2hs0r0bbBFj3hFOyBwXfvFdaLlLXvalV11SXIt-cECcIyizSHp6ZAycTvxqxWIR0AqzCpigNBPV89qDN+S1RsSsZ4RqsOgqav-2s1PKuc2xnpiARM+1wgjJj3up7nOEWLUZiAUH6gJ-KmqHatITDpe7cqdvHj11NbhY9AV1bJLp7sBy97MDcDj7wbC1BkVnysvFMD2gZ0l1860LREtFp3wIeARIvQ$ftlwIbbmAUQUjXt+s5YuJQZ9J5jE0zAAOcefodSQVjh+TfuUAWA4N2A-2wvWN0cXuCTOvcBJoNv+FYFYo1-gpoFVOd0X2o0mWZbQoJb-R8wdWukbw1wdo7y+PZ03V0DlW+qO444xS5UT9+wDIZggafgQWyiiTfj8HeIjh0ksRt-v$+CezXW$3W5Wt0Q+qYdHMLfQ2tEZznOsCsAbWYBK0lbLfOg3VpD0bDnacbYLIDw6Xw6aHqTBLwJMErU2P6R2e022PmE-iXbDT01oDRMB22ziUORFwPZmNT4CUnohxiBvLb+PTKsbrUC2j7xC4pHijHRoAcMBKWq23njy-rfBRmMjROM$soU70FYMD0F9pFn-yhP$XxD$k2YI$XmjzPRRJX4UnsneP$dzU47ZUCUXU1H+SON7x5rQhUP$bxUPRURoDFmIL2$aHmB289KWWHwRiVqOuy17zh1I$yDPBk529BZBCOOVEoiTQ-2shD1YxMB9W9FV2UJP2YoAkFmYsf$wMjUd6xy2OVmLA$3IjiYwmVWIVhVgEMbDzPi2AK8BVHXb3j-1gby-2bD3bwnPsPiepzvRj+P79igXwbBbApou+XjPx+bLj$Hi+XVL05yEVxKm5LfsEP5wSWPABWwyPE2wmWKrUOSjxbxHBVgwBcdWkFUKU-$HUeHiz3RQ724Aya+emzM4iqjh+gYvHrv0dP1mgICZzwmzEVrUiWR9jPHvBjWgiJn+FykHeW3Tb8V3yjvEBpLB5X7MbyoVWwMOXcfN2K+0B01RkdeqSUly3ClhmckFmwiiUwkKnj+R-+gi1AnWzBlCRM1SBHiyyHB0BDJUB1YoXWVxAuiJhoVWi2dPb0WwwM+hci1mMb0ZbRUQenWOzbLH1wsjlVCelxJDXfULPe0O$0B2H2xdogNPBV1CHAOjPUJMxbAbBMLi1ydi29Z$4+jFMYy2UHuFikVMabQRNj5hyCLh+zis1omdHzvLB5VVMsOgtBxitweUpCkHsghXBuw3K3RWnPA9CAgOXOP+MfQhPvHMOB3Rbk5UF13T0BzbHquTj+UBF0BMVrPRZXYPBi5KeWiWb7Ry$eAQxCwiRE6RZM7oP56BeviAmfmFec$JHVgmLM$UWsHHdHOdECyhgesWqeAld3g1NW1s+a2bU+N4maiMxtURCp2Ed2TPu2iUKbTAXh902Ty8DR4weM-b6Pzy6lU$20W9jYEwYAHqDMP4xQ9PVipiECqonjjYmIzsgXYd53fbcURsChdbk-DSisNTBfHfeOTjdU7VZsrHILmoPC3PBmAsV$Tmpd3XSUwhfgMbTwkFryw2UvH95msPIbXJaBWPHA+i1rq190UEU6$wZPLOTVUFbBB2+mMhmVWcIpxpsMTUQy26JynKT2pcBWPBE$Fr$reevMdiH+KhbBmIXNYQyrbozRHwb28ULUbmmUj$0Cv9szSRigTbV1xEn$55AxJho+TPwsU12FUWe$Y61Y6mi1oJ6BdgzVUMkxm-i$$hLLUbe05fRBDLCLSpn42ggdZrHx5ObRxpDKwzTzRfeNfDBzPCZ4ej$Ph3-VBPXc95ZwVt$WmpKuLZd2z01p3yR5$Z3US8khTAXNqWx3K83UBBOdwsUx4wPLrWr$YAjAjxVmj+yDsBiBT2wAy3bVEzPALYUUUzAw2g2ePnUWtYZwKLb2F1-Wz1mFnUzzH+UmbI4V5tqUvijxjm8VisXHncRSy5eUzhgkAEoiB$Wm8$Fwo8WpjE+-2F3M$$f1hVFPP$mSi7t1xT20U-dBBTVkADW9rhuU8Mlxz1jn-Y7qm8xrkTxURnWqfKLh+DrFERXMAcTAHK-Jj48S6PKUJgqWVg+J2CxA$hAsbEpXqRyyFJXSV20HPYNz$5zhAQQMgXjRtmiKRWHaN+bOybmvHhA8C0w$8LRJYv32P-qOzOr62VV+Bb-nYwpqKcBVUzkz003vLLOsizBRbmFwnmTVqb5Xqep2MHUmVmLswhAlokzPQ14JQLjkNqDJ2LQzVPw9wXRbW$WLQo1xbDEyFcmYmv$KTDkE+kcjhbIUSHoPNkUy22muAH$jzKRUdmD1O$0VqWHhPIKF$-UQx6hmz$yVa+qAd$Pwwuqb$u1KhPL0hwED-UBLqOcppdBJY85w03OxW-FryWJ9zUmOJz25MB3YrhUXBOLDvUgbw9Ri4OKWEHEEE2H$mtODhfxDxP1fo5RHzeNz9X3H2T2NUO$BBT8uwhTVQ$FKRTe6y7$O5typCfsM2y-+e+Hg6Vv8mnMy1OQaCwe18$pkzPwUVgoef-bTn6n71xA7HCTe4krncW-gV-ODwc0SNOUbhtCfoeHXWgmNTgSHa+XpEh$OHIgQLIMmgPsOneALS8jvHgbmqcZ4O0$KTVpDCmRsXUSCIrbAmAX8zXBsc$NRAwSnXQnASCaYnlETgNV7gmeaYd02UsyLfHPc9VTkD+UTVo$kgz8vSkaL+mLVsCu$wUJ5$wOIAlc4pCvDUY-Z0Hne1mekk$zaNrgmeu1Dy+2xTijUWe6FHAma3h3hgmeJT0lLSnvibWEo6FeBknnV3YUJlp8lV7myWD7$zWUoKxIuQfQ5v8F+IPQRTsDUk$gF2Fln4bmBE4OB2$$dNzSNz+aWS29bfVtb0Ys$2p27l2SXbpzhRsSC8RvBRvyKb-jBXK9b1UzzH3szageil$Mand3riSwHsO43W$9x3WT29zOfj9NwscjQ1FxBUJBzvDtHreMs6emoVMs4jU+uTHxJg$yDzj41LMKUJXnyDQwaeoy+nzYV83rbRvj8lgR+zy3zNAfUoiw2NL51i$71dm6WX5z557yr$qoBXBqXei4eF2toEzIwPf5FU7FDqbAYbpE3N5s5DFmkMqHkJARf1$UVpMASXMAR9+fie0pOyvxQgddkJOqbCzH3c2XEmJi4Be$1522nIjJVgbmRtwHwI5sOiCC-pQ3TgK5NFwwAADfQug7$+JVpBAPNmrU4Lp5UpTf1nBoWZeiyecf0VVJSgmeWbzV2Dpbgghu9DBkc75AKW-jADCDjetDxTVKUcViRO4Be9xIejHz0CztFipp+$O7UcypzXW-p2XBCxBkMqmNsehojqLoyi2dMzByFsh$VNprEy3bgqoSCcvBN1qhTVAwTWMN+aQP$OsSBUxkDb3BTNRivjlxajVgYXstirjbBeT+cC8L+Va$kb+h0DfSy4DqbmXq5j2B00a2vBlbObjaWsUq2Fjrxs5E3BsI+fZ$lCLu+w2yz+QQ0zensK73Ep83hN1PKu0+bQbNEvJmFwuzQwvKRA4iNUWwbbXxQUAIsk1NX1RtF2NDwKbK8Y63w0NRUBuPLK$MSDEz8540Rc$TOT2q0Wm$gTeZEic7dUSQKgiIFTznkqYNI0+De8$PhX3p6bi04bkE0dArp8i-utDo0KSRqQNI5ggK5opYJSp-IqOPes7zKfrLlWiuV-wOzF7Xzs3WuA-yMrTIX+i3suYVBgzIInN7xuuCc5dB-JCm35obeB1gVDI00LJngiIA7VTfM9kggbm-9$w11c0RI3g02J7qlB4YFftNiIu8YX2RhlfXg-$68KvI0p-u0u7I1mlvI0zVDOuqK1mlTI$FxD$NCRncA$tUWB3ys5R7mK87Y0H3Wuo2s0rKAB0dA90OKJ7KVIL0DIDjAcXyLFJA0ZIIEc92ZruPLMEITj-K9yOTIEpe3dol2neABt43PPr0b1AZlsID2+Dsu+Idir7+H45DKESRJi0+JHFID3uaYMiy4D0pK36jHhJ0VHf1xSfFBLdz9zM77XUK9Tu19T6M7zFMJMDZKoM+h7IpHKljHRtPqhtVYbKlje2h9qhIVFTKBNIRfQYOL$WoKVNwRAuzLoCFFmCNIhnZVjj2F8J8ibYgP+zC7pND6uv+s30zj60EITNecFQiNoYz4fw7NwrOl7D0pgrFHiddO+wo4pOK90O5WO+J77zurDHz5ZEVu7D46D3uM5$giN9HuDIT7MYfOYW7SjSDIU-5tf0WoH97rZN3Y1gvdt+ut2FD7$3clICzPciJy6hgrpJdgbbJmjuTlQwxPBzV$rUk+prpQNb4SUExfxmL0+XrYdbBURHKAwcjDpsfaDPhtr3wRxAXUpA$$Hanvsub2fiJyeU$t6s2X-2XBoSE-KNAqYaKhiCKLBbZJij5rbMarkNi5AQ28mjLA$+UUUXJw6cgP5jJXjV3qBubDOhErBaKFyKB3hjmTJmWqkm7bRLPwwo1CUXOn$9TxsBMUQU5zeuUUU9YmBmCUiBMmwcUTP8VJUcgYWRjueMEVRBbxZeY1jv2sPuB0zFsXoRN4u1j68UjUkCRWme-UUjDb2lUUmDBpq3JhP7jFIRHmxDxUx9RSXmHUwNT3J-2+Sw6doSpqfC7WWPiUpTxLjQ7kmK-UU4jQC7uBBUZKxHk0QIu$xUbUdU3pVrIgWUOWHEUqXODRW2n$zZDvfnrBNd2RVu$dT-UjXIu4R-l5MUHvEb$QPsSFUjb$xmZI2mRO6IRHBxUUjA-VKV-p+xmwmUIZxZvu$b4CR2hUfBfvxj06j7PMIRUqUEtOx2$ybjMxyWs$6AD02FyWz6834oH1$9FVks$zUEmdP0ms$RZZb32Mn3IDKx9igVIvALboNi5j5p1mIU4UQP7fw6t$PAwrjpF8ewVLmYW39JhPhSOHLChn0mRoJXUfU7AYhwaoUNeMrVF$mU3nIVmMSyBFUX4z$b$UAm7ULUqUBF2$yw5cwPzM5E+BQUVAd6bW5c6+D$9$Nq5sBc1lbU62tU8As$0$M$eS4hUqMlU2lU-bHTvfDAOmaUU-bdXIf6A-w9$idUUPbw8nUNmXTFnC-HIT$Sy9osWl-tZyTIYKxbsWTyzHb$psXeUU28-yAUU"}},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/plain; charset=UTF-8\r\ncf-chl-out-s: UNFv09ofxTWjNgUZrahHfQ==$pcztR6/xqSW/C4HfDTadmw==\r\nset-cookie: cf_clearance=9FsPbkSR0FAgJAPGfQfPrW2DuUGs8IAEYFY.4rdoDVc-1773859848-1.2.1.1-AKHEbzIsCCvxAdxzfuNzRVi6bzEdtiSB.1o7EvHb.cfeIEoGh4MrpbM.8X8UfUtoEE3VDwgMB9Qtd1k.BXaH.ptQfzGFqOxWn2J4ejr7WB9afiW6C4ekcGUnSld0V1cuMJT.7r42fvoVngSaf.FOV78.W_hoHvtsYO7hMQvwHSXYW9KAgYlq35MX.AvVxknZkGQXn.l9RVV7mhDpx9Ln5FxB3627uuRNS7Ei3WFXX3UAuFmySbzZnvCGGTK3eQcUbdSFmiG6eOeYQnQDUE73sbz9uM.wE0HOGY2ITX8jE7adRDLhGVnm5HIrryf1srG6zrluGD2tVklS0W9IT4v6pQ; HttpOnly; SameSite=None; Partitioned; Secure; Path=/; Domain=pumpclaimed.fun; Expires=Thu, 18 Mar 2027 18:50:48 GMT\r\ntiming-allow-origin: https://pumpclaimed.fun\r\ndate: Wed, 18 Mar 2026 18:50:48 GMT\r\ncontent-length: 0\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9de66cd1fb6c618c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"pumpclaimed.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"verify-modal-2735.vercel.app/api/v2/binary","fqdn":"verify-modal-2735.vercel.app","domain":"verify-modal-2735.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:50.838Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"OPTIONS /api/v2/binary HTTP/1.1\r\nHost: verify-modal-2735.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-config-id,x-session-id\r\nReferer: https://pumpclaimed.fun/\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ndate: Wed, 18 Mar 2026 18:50:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y3Y9jMdub8aUxKMkvgWzPjSQeRi3oZi3rKBZsnIj7QBBti7Ujbb5YIiWigAxaoUxhwbCWecTYJuxt19JOkMGZUNE%2BpTQ9efVyjNZfDFWfBDVm%2F05lLi0BUsHgj%2FLIxHuSuB5Xjt5\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::cbjqb-1773859850844-deae4dacbef3\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 07:41:58 GMT","end":"Fri, 12 Jun 2026 07:41:57 GMT"},"fingerprint":{"sha1":"C0:16:76:CB:73:59:54:FD:EE:F5:98:D9:1E:84:2C:64:5E:69:4A:C1","sha256":"EB:7F:C6:00:94:82:C3:E3:51:75:19:72:94:30:B8:60:5D:EE:9D:90:4D:0A:8E:6F:2C:9A:F7:84:10:1D:65:C5"}}},"request":{"raw":"GET /solflare-bypass1-desktop.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Mar 2026 18:50:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 6028322\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nETag: \"cf5ac8fca45e5d0409fef8923c179975\"\r\nLast-Modified: Fri, 23 Jan 2026 22:54:30 GMT\r\nVary: Origin\r\nServer: cloudflare\r\nCF-RAY: 9de66ce5ddd132fa-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6028322,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"702758821d82f5549c2922f81710886f","sha1":"f318b7afd08f139ed22ac505130fc66efcc40962","sha256":"8b093466588a613d01fdfa9d301866c5a064d3f7e8b8d0105c6b3df4972c15bb","sha512":"27b892bfafa582e0d5b19eb7d7c7e714c468c58aecb3bc69f81b37b273f9222cb302f34045e4bfb3d436e6be55a3fa54b223cd6f801045bed2a8ba6dc3c41c90","ssdeep":"24576:WKS1/OBbi61/Vvx5qYONFC9VGM60S15tk+ebyMyRfMdlE:38h+tvxpOXC9VBTOFR0dS","tlshash":"412533b9b82a3481eb0179507d6f2522a9f7746f487b7f734354fa2363eae85d2c1018","first_seen":"2026-03-08T18:49:18.14445Z","last_seen":"2026-06-01T09:54:50.017658Z","times_seen":62,"resource_available":false,"data":null}},"time_used":1082,"timings":{"blocked":69,"dns":15,"connect":7,"send":0,"wait":135,"receive":804,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/solflare-bypass1-desktop.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-WPXVCX8X","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"GET /gtm.js?id=GTM-WPXVCX8X HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Wed, 18 Mar 2026 18:50:46 GMT\r\nexpires: Wed, 18 Mar 2026 18:50:46 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Wed, 18 Mar 2026 18:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 118281\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":346530,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5360)","md5":"78fd03b056c16a0368341755625af148","sha1":"63c45364ed3d66c42a76994a84efe04a8e9db283","sha256":"8b8496a91cb77e41a2d3f3e179c38d807c56efd3bd7ffd5a2235033c0f177610","sha512":"c7682696bfbe582b758b7911946def21781e61902b461e0556662adbb8efc6921d87569814693f8deb28cc10f204b14505e33939f262c20ffb8215b33310e6ee","ssdeep":"6144:h14foB4afx/U1fL9brL38L7rC6nifcZH/xqry:h1xBfx/Ul9b88y","tlshash":"d57407cdb7d670624393a478503f018ba27a7892f84cc899f186d8d43e74a9a4277f7d","first_seen":"2026-03-18T18:51:17.504476Z","last_seen":"2026-03-18T18:51:17.504476Z","times_seen":1,"resource_available":false,"data":null}},"time_used":436,"timings":{"blocked":168,"dns":12,"connect":26,"send":0,"wait":41,"receive":57,"ssl":127},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"verify-modal-2735.vercel.app/api/v2/handshake","fqdn":"verify-modal-2735.vercel.app","domain":"verify-modal-2735.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:50.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"OPTIONS /api/v2/handshake HTTP/1.1\r\nHost: verify-modal-2735.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://pumpclaimed.fun/\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ndate: Wed, 18 Mar 2026 18:50:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MUPjUnNB6rsh%2B43H4JfQRe%2BmhH5hgPHRXBr5Demi%2BPgWTUf%2FOxvPL29q643hd8xzAtoF%2FtpksjQhLFUbUCM88KvjmTSWx0WbN7xFfWd7oNIZku3hug4PDEY5jT7a8PZ6yVL28Ssr\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::bxfps-1773859850607-e4907c383afb\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.19.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:46.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 15 Mar 2026 05:29:56 GMT\r\nexpires: Mon, 15 Mar 2027 05:29:56 GMT\r\ncache-control: public, max-age=31536000\r\nage: 307251\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T19:31:26.473349Z","times_seen":209993,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":51,"dns":3,"connect":21,"send":0,"wait":9,"receive":2,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dns.google/resolve?name=_r.chrome-extension-da0e5-bc.com\u0026type=TXT","fqdn":"dns.google","domain":"dns.google","tld":"google"},"ip":{"addr":"8.8.4.4","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:47.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"dns.google","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:49 GMT","end":"Mon, 27 Apr 2026 08:38:48 GMT"},"fingerprint":{"sha1":"7B:14:9F:95:9B:62:01:0D:83:AE:13:A0:48:E7:3B:56:77:BC:5F:66","sha256":"00:25:2D:7B:8F:77:43:5E:EE:50:B0:FE:0E:63:88:A2:7E:E7:23:1D:05:50:39:E8:87:1C:4C:34:D9:40:FC:F8"}}},"request":{"raw":"GET /resolve?name=_r.chrome-extension-da0e5-bc.com\u0026type=TXT HTTP/1.1\r\nHost: dns.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/dns-json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pumpclaimed.fun/\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\ndate: Wed, 18 Mar 2026 18:50:47 GMT\r\nexpires: Wed, 18 Mar 2026 18:50:47 GMT\r\ncache-control: private, max-age=60\r\ncontent-type: application/json; charset=UTF-8\r\ncontent-encoding: gzip\r\nserver: HTTP server (unknown)\r\ncontent-length: 200\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":288,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"d63181bc3279495ad956323f1c5aa417","sha1":"aa57d52da3de8c449b7ca44452d8d07054bf56f6","sha256":"765012ef3cf82d7d0939545d2e01319d55f7661e4c8d77da0ebad051556c3905","sha512":"236941188efffa04b9147938554c58a28b295a3b87829f2d34e576c7650f00921b477c7b1ab045e4475e49912bd401f175f675a2c40658e160e67101bc36da81","ssdeep":"","tlshash":"e1d0c284948884ed771767a0c48b0486df7c22a272dcbe5996841e64eadb345a896227","first_seen":"2026-03-18T18:51:17.505462Z","last_seen":"2026-03-18T18:51:17.505462Z","times_seen":1,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":110,"dns":14,"connect":8,"send":0,"wait":51,"receive":1,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumpclaimed.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"pumpclaimed.fun","domain":"pumpclaimed.fun","tld":"fun"},"ip":{"addr":"104.21.27.38","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:47.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumpclaimed.fun","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Mar 2026 19:52:42 GMT","end":"Sun, 14 Jun 2026 19:52:41 GMT"},"fingerprint":{"sha1":"4C:0A:51:E5:0A:43:93:BC:25:9F:E8:50:A1:B2:B2:22:28:BE:2B:A6","sha256":"8A:9D:E9:B9:DF:21:A8:05:D8:4D:4A:21:D1:F8:56:2F:38:7C:A2:D2:73:9C:F8:E9:F9:28:CF:74:72:70:CC:63"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: pumpclaimed.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\nlocation: /cdn-cgi/challenge-platform/h/b/scripts/jsd/833f25fde7cb/main.js?\r\ncache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public\r\naccess-control-allow-origin: *\r\ncontent-length: 0\r\ndate: Wed, 18 Mar 2026 18:50:47 GMT\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\ncf-ray: 9de66ccf1aea618c-ARN\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26229,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"pumpclaimed.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"verify-modal-2735.vercel.app/solana?id=69a44c0328d9f4cf47ed21c5\u0026bundle=1","fqdn":"verify-modal-2735.vercel.app","domain":"verify-modal-2735.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:49.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"GET /solana?id=69a44c0328d9f4cf47ed21c5\u0026bundle=1 HTTP/1.1\r\nHost: verify-modal-2735.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\nage: 0\r\ncache-control: no-cache\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=utf-8\r\ndate: Wed, 18 Mar 2026 18:50:50 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mOap4JFM%2FasWGarn32hmRnIWmWWi5kvNouGQBLx%2FFsIpUsa49l4a0AjvK7JFKhz6zuEunT3hqWnpFUH9jQ%2Bx5M0iPBLOqjZVsjIaFoCk6IZgUqujuTAe%2FNKIXSqS2Tjt%2FUJzUtvl\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin,Accept-Encoding\r\nx-ratelimit-limit: 60\r\nx-ratelimit-remaining: 59\r\nx-ratelimit-reset: 60\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::7zrtx-1773859849926-8476065943e4\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1016822,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65223)","md5":"10186255d8b0a887c58dd1e1dad590d3","sha1":"5c6592e5dc07ed292b48ecdc19917afd09ee1888","sha256":"9dd42a94084800bc1364eb741398b5ce5c8b1e812836f58e946b79d5a0886e68","sha512":"acace13c08b820b0231441907137040231036570ee785962a61e3caf13e5a45c6d5ca907f2cfac724e61d8f80e7a687c725909cef617f555ee39f6b74e24a714","ssdeep":"12288:F0ruqE5rmLxtefssu4T1u2p/AVHQ3eSjgZa2bsUn441zu3cEjkuz8knS:F0rRtgu4T1u2pIVHE4GUn31zjEjRz8kS","tlshash":"3c255c5273a2b031439729e910772006f37aac983809407cf7ace8ef7f95599967af74","first_seen":"2026-03-18T18:51:17.506433Z","last_seen":"2026-03-18T18:51:17.506433Z","times_seen":1,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":31,"dns":2,"connect":1,"send":0,"wait":165,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":[{"sensor_name":"user_akbkyowd9geqr98","sensor_type":"yara","title":"Private YARA rules","description":"Private YARA rules","scan_date":"2026-03-18","alert":"Hunting_JS_WebAssembly","trigger":"verify-modal-2735.vercel.app/solana?id=69a44c0328d9f4cf47ed21c5\u0026bundle=1","verdict":"audit","severity":"audit","comment":"","link":"","meta":{"description":"Looking for manual construction of JS wasmCode used in exploits","rule":"Hunting_JS_WebAssembly"},"detection_meta":{"user_id":"akbkyowd9geqr98","detection_id":"01K9VTTZ58QH7V4PSKSDDP3N4H","visibility":"private"}}],"urlquery":null}},{"url":{"schema":"https","addr":"verify-modal-2735.vercel.app/api/v2/binary","fqdn":"verify-modal-2735.vercel.app","domain":"verify-modal-2735.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"OPTIONS /api/v2/binary HTTP/1.1\r\nHost: verify-modal-2735.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type,x-config-id,x-session-id\r\nReferer: https://pumpclaimed.fun/\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ndate: Wed, 18 Mar 2026 18:50:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8OMLYzONhriM1fV9EFdznNuPBwRhSkRDctBY%2FaWDqiUd%2Fd25bB3jaZAMpsAhoCIYF7%2BCPVFtkJaoWzJZPBIHLBm4kzJgo%2B47LASPPxTJtQ0rL1R2zXqn9Zi5KXwsTsQyerVNCzHW\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Access-Control-Request-Method, Access-Control-Request-Headers, Origin\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::bxfps-1773859851103-7e6bf3ec241d\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-13T19:33:38.803897Z","times_seen":16394044,"resource_available":true,"data":null}},"time_used":109,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":109,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif","fqdn":"pub-14c1504681d2427684ac1f489338d075.r2.dev","domain":"pub-14c1504681d2427684ac1f489338d075.r2.dev","tld":"r2.dev"},"ip":{"addr":"104.18.50.34","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2.dev","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 14 Mar 2026 07:41:58 GMT","end":"Fri, 12 Jun 2026 07:41:57 GMT"},"fingerprint":{"sha1":"C0:16:76:CB:73:59:54:FD:EE:F5:98:D9:1E:84:2C:64:5E:69:4A:C1","sha256":"EB:7F:C6:00:94:82:C3:E3:51:75:19:72:94:30:B8:60:5D:EE:9D:90:4D:0A:8E:6F:2C:9A:F7:84:10:1D:65:C5"}}},"request":{"raw":"GET /phantom-bypass2-mobile.gif HTTP/1.1\r\nHost: pub-14c1504681d2427684ac1f489338d075.r2.dev\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://pumpclaimed.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Wed, 18 Mar 2026 18:50:51 GMT\r\nContent-Type: image/gif\r\nContent-Length: 3967947\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nAccess-Control-Allow-Origin: *\r\nETag: \"5a6a3867cbfe36845cfc495e5ca7f0ea\"\r\nLast-Modified: Fri, 23 Jan 2026 15:28:10 GMT\r\nVary: Origin\r\nServer: cloudflare\r\nCF-RAY: 9de66ce5df051525-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3967947,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 480 x 807","md5":"d93576ba91ca34c6a838ecb0a2007171","sha1":"c4e5bde21d173bd4fcd9129fbdbde6222c276da2","sha256":"bd3b1e09eca059acc8e0bbb505184eb2e25f7d41b27842fc776734881d4742df","sha512":"1757d06e3d6fcf45d5a48f8f6339866791fe4add35e57b447144d7b3bc7c7b25a851adda4b4abfdadc8dc7134f21016a79f7405bb79e50115dce6a8c93a59ef6","ssdeep":"24576:avufiMHLszpYKMLHl4XSjC3h+NeQo3QSlw:oFMHLsMl/CzsAw","tlshash":"db2523ae806d4dc1229501a12516783c14a5a07e8df2bc3db5a8df8dc29ff7b9ce90f5","first_seen":"2026-03-07T01:35:12.450999Z","last_seen":"2026-06-01T09:54:50.000032Z","times_seen":63,"resource_available":false,"data":null}},"time_used":655,"timings":{"blocked":70,"dns":16,"connect":7,"send":0,"wait":122,"receive":389,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"Nextron YARA rules","description":"Public Nextron YARA rules","scan_date":"2026-03-18","alert":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","trigger":"pub-14c1504681d2427684ac1f489338d075.r2.dev/phantom-bypass2-mobile.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/Neo23x0/signature-base","meta":{"author":"Florian Roth (Nextron Systems)","date":"2020-07-02","description":"Detects files with GIF headers and format anomalies - which means that this image could be an obfuscated file of a different type","reference":"https://en.wikipedia.org/wiki/GIF","rule":"SUSP_GIF_Anomalies","score":"60"}}],"urlquery":null}},{"url":{"schema":"https","addr":"verify-modal-2735.vercel.app/api/v2/binary","fqdn":"verify-modal-2735.vercel.app","domain":"verify-modal-2735.vercel.app","tld":"vercel.app"},"ip":{"addr":"64.29.17.3","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pumpclaimed.fun/","date":"2026-03-18T18:50:51.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.vercel.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 26 Feb 2026 06:28:03 GMT","end":"Wed, 27 May 2026 06:28:02 GMT"},"fingerprint":{"sha1":"D6:62:1A:52:B7:FD:F6:BB:FA:AC:01:9E:BB:CD:40:86:5F:04:95:51","sha256":"4B:37:7D:7D:8E:17:70:BB:E1:51:9B:58:96:24:6C:11:6A:B3:AE:A9:68:43:46:58:B3:30:F0:54:F7:EA:43:38"}}},"request":{"raw":"POST /api/v2/binary HTTP/1.1\r\nHost: verify-modal-2735.vercel.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://pumpclaimed.fun/\r\nContent-Type: application/octet-stream\r\nX-Session-Id: 3a1367c63a21916bbdf1675eb56bf9b2\r\nX-Config-Id: 69a44c0328d9f4cf47ed21c5\r\nContent-Length: 111\r\nOrigin: https://pumpclaimed.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=0, must-revalidate\r\ncontent-encoding: br\r\ncontent-type: application/octet-stream\r\ndate: Wed, 18 Mar 2026 18:50:51 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Cd5x%2FqUpxIf%2FLHcFcipbLRKuxgCgMiAcX1kj0stBVObc8dOq80pxZDcJ4W%2F7VeqIgP%2FfUvR1DUVsx4Z4xxq%2F5dPxndAtG5sHR4NVFLHnv8%2BUh4GJpggixXrCwrUnlO56vvDFF9oN\"}]}\r\nserver: Vercel\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nvary: Origin\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::arn1::cbjqb-1773859851215-d7f815f07032\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":111,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"003dd975e4d4fed40a51c2f8dbd97ae8","sha1":"028c925f0996467b4adc8998762c1fa72d873245","sha256":"a28522c837cc3a14914c4f439fabb935104712307354f4a63fc169cc73f84b4d","sha512":"2066d3527a7d82d430a109a07ed094db9713586e45f19ced95c8691e01e0a6d96549b47fea8c7845b733d6cb14b098ac79adc833adb21977cab8eb13b96826ee","ssdeep":"","tlshash":"2eb012182e5bec42c0b02374cb0043000754e0584ca3f24729c14dd250ac11f2018880","first_seen":"2026-03-18T18:51:17.507444Z","last_seen":"2026-03-18T18:51:17.507444Z","times_seen":1,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":255,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}