{"report_id":"3aea1a6d-31b9-4f67-8ee9-142abfdfa451","version":0,"status":"done","tags":[],"date":"2026-07-12T17:01:17Z","url":{"schema":"http","addr":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","fqdn":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.15","port":0,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"final":{"url":{"schema":"https","addr":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/","fqdn":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","domain":"arweave.net","tld":"net"},"title":"Loadingâ€¦","dom":{"size":463,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2258f024fa1704843aafa2d9acfc90ef","sha1":"d990c530d3b6006218be110316801d492bb6cf26","sha256":"c0be3ec43c9597f65c15e4f5cafdf2ddf3deb68a2340f54dc2c489185cc9b1d0","sha512":"50e8e8bc3117db719f5b23ba4d400802f7d9e5b0f4a8d4f6a7b5ec7d196d077ab68dfbc24133078cd939369ec29c2b158fc01a51035a9126bc219afbcc17e540","ssdeep":"","tlshash":"0df0d4b76921ac4de61082c00dc2774c9733d11e5a86ec80f605901c78e476e9c932cc","dom_hash":"domhash9c074de5cfd76cc56ea13397d34be287","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","fqdn":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.15","port":0,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-16T17:01:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"solana-rpc.publicnode.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"2018-01-25","domain_rank":0,"first_seen":"2026-07-10T08:51:41.678979Z","last_seen":"2026-07-10T08:51:41.678979Z","alert_count":2,"request_count":2,"received_data":18708,"sent_data":1137,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"gist.githubusercontent.com","ip":{"addr":"185.199.109.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":207679,"first_seen":"2014-02-19T20:29:28Z","last_seen":"2026-07-10T08:07:55.56684Z","alert_count":0,"request_count":1,"received_data":15718,"sent_data":624,"comment":"","tags":null,"fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"benchonionderive.com","ip":{"addr":"104.21.67.49","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-24","domain_rank":0,"first_seen":"2026-06-14T23:58:19.64133Z","last_seen":"2026-07-08T12:06:55.616672Z","alert_count":0,"request_count":1,"received_data":876,"sent_data":615,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"solana-rpc.publicnode.com","ip":{"addr":"104.20.24.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-08-16","domain_rank":7186759,"first_seen":"2024-12-24T12:29:30.153505Z","last_seen":"2026-07-08T12:06:57.048618Z","alert_count":2,"request_count":2,"received_data":1159,"sent_data":1273,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/","fqdn":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":true,"md5":"c9429169bb3912b422a22442305ddb22","sha1":"05ad2ce28b049ae63fe606b6e18e1818f735a52c","sha256":"e1b024a64a09985ebd51ae99119abe6720e8a97ce6a43c9a9cb2595e99d48c08","sha512":"739dfa9916b5a77e295801231883f577700a284e72d5667b32846a89f4bf5cd4e3c0d37a9ec00eeaf48a24e82db45504ebc210023d3310b2cda1447f1b2050aa","ssdeep":"384:DNoWvwHyoVEfSWO64yWmU8x1Vd9CS9WXX0gXYQe2Q+jlrLVe:DReL+SjCRxdZ2Tlle","tlshash":"ab52f96d28f72232466730bd4bdba054b125a0033849de993e5cd3149fd99788af6fbc","size":13601,"data":"","first_seen":"2026-07-10T08:51:43.332285Z","last_seen":"2026-07-12T17:01:18.121718Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"error","text":"[arweave shell error]bundler 404","filename":"https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/","line_number":539,"column_number":17}]},"http":[{"url":{"schema":"https","addr":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/favicon.ico","fqdn":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/","date":"2026-07-12T17:00:50.965Z","timestamp":1783875650965,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"arweave.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 11:43:37 GMT","end":"Mon, 24 Aug 2026 11:43:36 GMT"},"fingerprint":{"sha1":"81:4C:0F:97:80:83:B9:8F:CC:D4:99:28:25:1F:51:87:F4:FA:79:C4","sha256":"BF:8C:52:59:64:87:68:F5:12:83:B1:8C:A4:AB:54:21:4C:DC:21:29:26:F8:9C:90:E4:8A:51:EF:00:4E:1A:32"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ndate: Sun, 12 Jul 2026 17:00:51 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nx-77-nzt: kzsOxguHpytUWp+KygkrS79fCckkTWTv/ZIb8tQVNK6C2+QPqfeGghzLe7+q\r\nx-77-nzt-ray: 2a494a155542d20c67c8536aeb068f39\r\nx-77-cache: MISS\r\nserver: CDN77-Turbo\r\naccess-control-allow-headers: *\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":2035,"size_decoded":2487,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"dc7707d2b730ffd749bd0ca6d407e5e6","sha1":"03f2bd287e09a1470ae6304bc608e707c62016e8","sha256":"2fa33a34e1ad20fc69c804532cb26b974805882da0f1c48a45150111a88fe3fa","sha512":"36efc7918ea1c1a35960fcb9cfa33b25ec027e07c35fc11e8e108e44805218d3d46454b99209f014063b7abdd6ac8a29ba4914abecd126ccb7a8467c8d774f37","ssdeep":"","tlshash":"324162d888f710eb1164c1d5aa817f294c82804b97e6c960b26c43629f9aca5acd7cdd","first_seen":"2026-03-22T12:51:43.382504Z","last_seen":"2026-07-12T21:39:47.947912Z","times_seen":114,"resource_available":false,"data":null}},"time_used":230,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gist.githubusercontent.com/mw3ha31q/06d4655ad00be73c01fff6d233316455/raw/polyfill.js","fqdn":"gist.githubusercontent.com","domain":"gist.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.109.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/","date":"2026-07-12T17:00:51.016Z","timestamp":1783875651016,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 23:26:07 GMT","end":"Wed, 02 Sep 2026 23:26:06 GMT"},"fingerprint":{"sha1":"3F:87:BE:75:1A:02:3B:A4:D2:51:D2:72:92:A0:00:61:D1:D0:D7:12","sha256":"32:49:1B:26:BF:AF:7B:FB:55:60:29:EF:32:29:9A:C4:37:4D:B3:4D:09:EE:CD:4F:FD:01:F2:1B:2C:5A:85:67"}}},"request":{"raw":"GET /mw3ha31q/06d4655ad00be73c01fff6d233316455/raw/polyfill.js HTTP/1.1\r\nHost: gist.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/\r\nOrigin: https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"7856228f65a0e33bd315b8a7b36b6f4fea1d22f64b56a6218a145aba0eee662a\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: 1F44:3C4411:403217:818FB5:6A53C7F4\r\naccept-ranges: bytes\r\ndate: Sun, 12 Jul 2026 17:00:51 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-bma-essb1270065-BMA\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1783875651.053059,VS0,VE2\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: 2cf29ec060ce58276435bc393c49ece2f013bac0\r\nexpires: Sun, 12 Jul 2026 17:05:51 GMT\r\nsource-age: 78\r\ncontent-length: 14826\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14826,"size_decoded":15718,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"06e6a5b0605e52c5c45877fa659a5281","sha1":"587d5534c261e166ca797e895d6bc6b09f072f83","sha256":"ae21c17f62e2dd4ab9ceaae6f52c199952f874ec954133cfd3872e048e086268","sha512":"9f18b3734a07d5b0165d7845c684e9231ff8c74a11150d7491524553b8bfedf3ccca33df1476eb2802a33905386cd74ed521f95c82ef30819db8ced838339ca4","ssdeep":"192:8QHTcGE0C763vU5xS0Jqy1iPErHXYoiOnJnCn/dnhVnU6pNnrySnFvlqc6n93TH0:86QlJqydnCnFn/nVNnRnBon93TsnF","tlshash":"fd62e0396af220657563f1bc8b0f6008b2787427701cd9a0795db6a05fed13846eaff8","first_seen":"2026-07-08T12:06:59.835386Z","last_seen":"2026-07-12T21:39:47.944101Z","times_seen":28,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":0,"dns":2,"connect":9,"send":0,"wait":11,"receive":1,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benchonionderive.com/content?id=-TZt_GGAysISOet5S9oefm4s6CQnMpuiqJZkZ9C6pNc","fqdn":"benchonionderive.com","domain":"benchonionderive.com","tld":"com"},"ip":{"addr":"104.21.67.49","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/","date":"2026-07-12T17:00:51.080Z","timestamp":1783875651080,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benchonionderive.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 13:13:23 GMT","end":"Sat, 22 Aug 2026 13:13:22 GMT"},"fingerprint":{"sha1":"C5:0C:AA:B8:55:96:F7:1E:30:39:3C:ED:85:22:8A:94:32:7C:DF:81","sha256":"4F:50:C0:F7:04:C5:B6:BB:8F:A7:15:C8:A6:84:63:CB:60:BD:D8:A1:65:E7:4B:1A:93:92:82:EF:9D:67:58:EA"}}},"request":{"raw":"GET /content?id=-TZt_GGAysISOet5S9oefm4s6CQnMpuiqJZkZ9C6pNc HTTP/1.1\r\nHost: benchonionderive.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/\r\nOrigin: https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Sun, 12 Jul 2026 17:00:51 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver-timing: cfExtPri\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\ncache-control: public, max-age=300\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T74UXt89zVyM3Hby%2B80%2FwWAnEaJ8n2KA%2BJr50o2DJg5G8Au%2Frs5S37XMH3woks0ZUvpfpplatWGfcQjM%2BwQW7wIQB1UsuBGIWJtHJvpvYfOvs%2FxzDAOg%2Ff8F4aX%2Fp0EVW9hlhhzFdQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a19b436d445ebd-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 21\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":876,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f2220cea887456b53bf947402f24672e","sha1":"de396fe0bb6f494a10aee026af779fecfc74eaed","sha256":"51d0a9e3bd9ffc25483790aaffe7a3597e642edd040dddb16aafc324e6e922ed","sha512":"eedf2a65c400202674cef29c91816d20be13bac0adca5051a102d2fe72da04f97209d2499c34bd8763629eb17722f54669eefa6fd9fbbf2fcfa01ac2b86e88e5","ssdeep":"","tlshash":"1b70000c0082030e0002e8a0088828b000c80a8008208f200030800800002838c00288","first_seen":"2023-05-06T06:57:39Z","last_seen":"2026-07-12T21:39:47.944973Z","times_seen":444,"resource_available":true,"data":null}},"time_used":129,"timings":{"blocked":0,"dns":8,"connect":18,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/","fqdn":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.15","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-12T17:00:47.266Z","timestamp":1783875647266,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"arweave.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 11:43:37 GMT","end":"Mon, 24 Aug 2026 11:43:36 GMT"},"fingerprint":{"sha1":"81:4C:0F:97:80:83:B9:8F:CC:D4:99:28:25:1F:51:87:F4:FA:79:C4","sha256":"BF:8C:52:59:64:87:68:F5:12:83:B1:8C:A4:AB:54:21:4C:DC:21:29:26:F8:9C:90:E4:8A:51:EF:00:4E:1A:32"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 12 Jul 2026 17:00:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nao-body-key: data\r\nao-types: status=\"integer\"\r\ncontent-digest: sha-256=:+kHOqq9eVbHeK3AlhxJQSowE9G8Q6uqhUOEEbL9ait8=:\r\nsignature: comm--tzt_ggaysisoet5s9oefm4s6cqnmpuiqjzkz9c6pnc=:az42oWkBBPujp28kikAMMcPp1V2bE/d5QPKnFhMz0kIjbJlQSimzsTGosB7rwNKZUWWXnDl2QyNx/kgKYlxQJw1nAPkNQfX1TVMeO8JmXgER/aJH6+tFDq5Dj6pgUyCMefwKUk7bzjWJbWV8rCUF0i6YI/dQTZUpHB20Oldcv3pquLVxVWIIBOXjQSwoAZmjzH1+9BzkomzyzXnBicE6va9tFUTf7WWmif8aXVvosyGdqTePtb64Eb3hftagiMrOp3V+9uD6YGlJoapRk688lCqP35wzkv+XfkEhOQ2MybjxEXkDsuljqbAD1lyb4c+oOH1uNT0ScNHEPoQzhBL7kYOh743SEy2+dTlWGcQL63L4abz98Rei5YtPbOxHqAZV6/mcETUkpE1sDsRVp7LAdUf1mtHJjwOWX4jOrO99sVUNfAi/kPteuRguHVktUm+QFg1aQAeGefLkTjRIURuqKdBn4R0h12ddok+JQG/0yzWnj0Zt+XuBPkLLVXwar7v1BXQrZMnhgw4ds6I92OIh74QTAorOOWedD5qT0UWVthfzWXbZHl5S/hSS+3rREjXTlgdeoZbyRigrpVJFNzeSQbVYeVvlW1dF3lAolgiW7PeL4afoSKk9NoNUiT9K3C/+ZcGAKMk5jHl+ywKDTKaXMM0rEJvs+qrykW4twyJH3LE=:\r\nsignature-input: comm--tzt_ggaysisoet5s9oefm4s6cqnmpuiqjzkz9c6pnc=(\"ao-body-key\" \"content-digest\" \"content-type\");alg=\"ans104@1.0/rsa-pss-sha256\";keyid=\"publickey:xybdVKiKfafVR-KP2SNTJnjqhndd8YiPxmXatRP2DVOlX0QwROUL5IrDceg8culGF2Fo2JfuBVewq67qNw1QDRDsHvFVNwaM4DBrh4s_5EEDMYEK8g0cXi213SijczXeigbAALvKuxzz0HiY31U0G-LgdQAs2QQqvOdxcqApVlkef4hySJGMqN5XEdKXCBtLcmwjcIlBw5_hW8T19c36uzOcIS2d5nnLzP_v_DAjGNAdw-0wjslm5QoLfdxynFzt3Q_XtwihIttfPxo3iXjZsxX78WSwWOlx1xj0lydvxdkoCTdBcl-6QTUWrarVG5CJHd3jq-2eOJ8vlgm8JzXor8rnAtaoxLeg2sFYzty3dwGwBgWFX1FJ3-VkYbX36Lv07jJBRWwtCLZc9-sPI2Cwbbo1PiNLDvTm_gwqIe_s2TIUyTRuc-vbQC-R_Tyi3D0nVW_gQGNaZUZixpiXe0waA7ntUIv-3-8Zq9053s3xwAi1jle23ZWH3VNT07oZT93_1GDaXrszBCD18gpqNEVH9jS8ldipwLU5WzJIG6STacjwwAroWEcQeXCupKIn0WEidXdLsi3k8F_XoZ-qjZ8GTFpOrWy3KmjF5FBTcXPW3Wv1R_rPnUnw7qClfimJG24v-P774oCC_URCNAGXlYq32hyan7qVt0LB2TKRjL39qdc\";bundle=\"false\";original-tags=\"1:Content-Type:dGV4dC9odG1s\"\r\nstatus: 200\r\nx-77-nzt: k5vqNPizX3To2giC/KZ2/pEMFFjhuf+gIhHshzG+4GHW8U8nQbN3L7cWsoWlzN/K7w\r\nx-77-nzt-ray: 2a494a155542d20c67c8536a4682391f\r\nx-77-cache: HIT\r\ncontent-encoding: gzip\r\nx-77-age: 0\r\nserver: CDN77-Turbo\r\naccess-control-allow-headers: *\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":13939,"size_decoded":6540,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"a9c2338bb4a10cca06be9d11eb4d0cfe","sha1":"c0f0c7abeba67b740c8a99e77cbbbac81ffc5aef","sha256":"f2bd8e2a5c4dda8563953835745629ca73cbed536225c46aea8ea2a845e28dff","sha512":"ad85794afcebf8281c723c24acbd4407c78a39dba88105a63a3b87e78992435e0a2271f01244f1812f2c5099482e1d99ee1fd3abc3aafadd6a168bf3d0cd05e1","ssdeep":"384:0sGJXNoWvwHyoVEfSWO64yWmU8x1Vd9CS9WXX0gXYQe2Q+jlrLVp:0ReL+SjCRxdZ2Tllp","tlshash":"66520b6d28f72232466730bd4bdba054b135a0033849dd993e5cc3149fd99788af6bbc","first_seen":"2026-07-10T08:51:43.3285Z","last_seen":"2026-07-12T17:01:18.119693Z","times_seen":2,"resource_available":true,"data":null}},"time_used":3282,"timings":{"blocked":-1,"dns":99,"connect":1,"send":0,"wait":27,"receive":0,"ssl":3155},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solana-rpc.publicnode.com/","fqdn":"solana-rpc.publicnode.com","domain":"publicnode.com","tld":"com"},"ip":{"addr":"104.20.24.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/","date":"2026-07-12T17:00:50.865Z","timestamp":1783875650865,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"publicnode.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Jun 2026 01:05:04 GMT","end":"Mon, 07 Sep 2026 02:05:00 GMT"},"fingerprint":{"sha1":"39:B4:D5:B4:26:71:60:64:13:47:CC:54:ED:BC:AD:E1:33:77:19:00","sha256":"65:A9:40:31:FB:2A:25:C7:3B:B6:B3:F0:4E:96:B9:08:CE:FC:27:5A:F6:DB:32:E8:7E:64:C7:51:34:DA:93:85"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: solana-rpc.publicnode.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/\r\nContent-Type: application/json\r\nContent-Length: 155\r\nOrigin: https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":155,"data":"{\"jsonrpc\":\"2.0\",\"id\":1,\"method\":\"getSignaturesForAddress\",\"params\":[\"2Lvd4NwKjESPwkNFkZN43eJ3o86gdDUrPtGnakKKM4sU\",{\"limit\":25,\"commitment\":\"finalized\"}]}"}},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 12 Jul 2026 17:00:50 GMT\r\ncontent-type: application/json\r\ncontent-length: 37\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 1728000\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Origin, accept-encoding\r\nx-envoy-upstream-service-time: 2\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nx-content-type-options: nosniff\r\ncf-ray: a1a19b424df01ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37,"size_decoded":543,"mime_type":"application/json","magic":"JSON text data","md5":"0a345e49055fb6b1ee55f7a03cdf90c7","sha1":"90481fe7c757af186842ae8c442a3069ebe2b1f7","sha256":"d5d4570915ae356dcee912806f2822465692ce1aa3533894cc2fc1e8385455f6","sha512":"a39e3fe5a83ec4457c8071c802d578fa30ed30fde1f20bae947e3e09178816f04df4209d252976d979453ac1011009dc066b2d3409943e6231cfc250f7583fb7","ssdeep":"","tlshash":"4d8000c02a0a0b30820c0c03e0080880ac803ea823080f000b0c088c228a2abab283ba","first_seen":"2025-07-15T02:55:42.432989Z","last_seen":"2026-07-12T21:11:39.566322Z","times_seen":86,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":2,"connect":0,"send":0,"wait":49,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"solana-rpc.publicnode.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solana-rpc.publicnode.com/","fqdn":"solana-rpc.publicnode.com","domain":"publicnode.com","tld":"com"},"ip":{"addr":"104.20.24.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/","date":"2026-07-12T17:00:50.868Z","timestamp":1783875650868,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"publicnode.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Jun 2026 01:05:04 GMT","end":"Mon, 07 Sep 2026 02:05:00 GMT"},"fingerprint":{"sha1":"39:B4:D5:B4:26:71:60:64:13:47:CC:54:ED:BC:AD:E1:33:77:19:00","sha256":"65:A9:40:31:FB:2A:25:C7:3B:B6:B3:F0:4E:96:B9:08:CE:FC:27:5A:F6:DB:32:E8:7E:64:C7:51:34:DA:93:85"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: solana-rpc.publicnode.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net/\r\nOrigin: https://7e3g37dbqdfmeerz5n4uxwq6pzxcz2bee4zjxiviszsgpuf2utlq.arweave.net\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 \r\ndate: Sun, 12 Jul 2026 17:00:50 GMT\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: content-type\r\naccess-control-allow-methods: GET,HEAD,OPTIONS,POST\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 172800\r\nallow: OPTIONS, POST\r\nvary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers\r\nx-envoy-upstream-service-time: 0\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncf-ray: a1a19b420d9c1ae6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":616,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-13T22:29:39.743253Z","times_seen":17221996,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":38,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"solana-rpc.publicnode.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
