{"report_id":"6910a983-6b50-4cd6-9472-fffe2e7b9a97","version":6,"status":"done","tags":[],"date":"2026-05-25T16:08:27Z","url":{"schema":"http","addr":"bardcauft.run/","fqdn":"bardcauft.run","domain":"bardcauft.run","tld":"run"},"ip":{"addr":"40.91.108.115","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/domainseizurenotice.htm","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"title":"This website domain has been seized by Microsoft","dom":{"size":4751,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (451)","md5":"62c404ae004cdb39dfa325057693b557","sha1":"14892566060093917d708d0cb2030fd6221239c0","sha256":"0b3dd8f2b754301065a20bc60e220da385d1e009b7e26fe74297b306a893355f","sha512":"fa25902d891a188b421d90a9a073d47564abc6ae41f38977f94250d56620a9a338227706f7e41a964708a88ea7ad1b911b7ca7bad075593b00e2e643492e4283","ssdeep":"96:Wewe5LfAnARZaEx1wJDkev3oa5Zwj3yAWuo6OXpryDv8UV3m:WeBtfPRt6wa5XI8UV2","tlshash":"97a16501e6d5762bb042848166273fa53bc8410bc36e89a4b5e563ad1fc7cd6c6b3798","dom_hash":"domhasha07e67cf02ee7481032e804d162bfe26","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bardcauft.run/","fqdn":"bardcauft.run","domain":"bardcauft.run","tld":"run"},"ip":{"addr":"40.91.108.115","port":0,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-29T16:08:27Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":4}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-25T16:08:05Z","timestamp":1779725285,"ip_dst":{"addr":"40.91.108.115","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":52066,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"high","alert":"ET MALWARE Observed Win32/Lumma Stealer Related Domain (bardcauft .run) in TLS SNI","source":"{\"timestamp\":\"2026-05-25T16:08:05.081911+0000\",\"flow_id\":1945403086109168,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":52066,\"dest_ip\":\"40.91.108.115\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2061928,\"rev\":1,\"signature\":\"ET MALWARE Observed Win32/Lumma Stealer Related Domain (bardcauft .run) in TLS SNI\",\"category\":\"Domain Observed Used for C2 Detected\",\"severity\":1,\"source\":{\"ip\":\"40.91.108.115\",\"port\":443},\"target\":{\"ip\":\"172.18.0.16\",\"port\":52066},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2025_04_28\"],\"deployment\":[\"Perimeter\"],\"malware_family\":[\"Lumma_Stealer\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1071\"],\"mitre_technique_name\":[\"Application_Layer_Protocol\"],\"signature_severity\":[\"Critical\"],\"tls_state\":[\"TLSEncrypt\"],\"updated_at\":[\"2025_04_28\"]}},\"tls\":{\"sni\":\"bardcauft.run\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"263c859c5391203d774bc0599793d915\",\"string\":\"771,49200,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":915,\"bytes_toclient\":4434,\"start\":\"2026-05-25T16:08:04.752112+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-05-25T16:08:05Z","timestamp":1779725285,"ip_dst":{"addr":"40.91.108.115","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":52082,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"high","alert":"ET MALWARE Observed Win32/Lumma Stealer Related Domain (bardcauft .run) in TLS SNI","source":"{\"timestamp\":\"2026-05-25T16:08:05.421521+0000\",\"flow_id\":805508028387294,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.16\",\"src_port\":52082,\"dest_ip\":\"40.91.108.115\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2061928,\"rev\":1,\"signature\":\"ET MALWARE Observed Win32/Lumma Stealer Related Domain (bardcauft .run) in TLS SNI\",\"category\":\"Domain Observed Used for C2 Detected\",\"severity\":1,\"source\":{\"ip\":\"40.91.108.115\",\"port\":443},\"target\":{\"ip\":\"172.18.0.16\",\"port\":52082},\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2025_04_28\"],\"deployment\":[\"Perimeter\"],\"malware_family\":[\"Lumma_Stealer\"],\"mitre_tactic_id\":[\"TA0011\"],\"mitre_tactic_name\":[\"Command_And_Control\"],\"mitre_technique_id\":[\"T1071\"],\"mitre_technique_name\":[\"Application_Layer_Protocol\"],\"signature_severity\":[\"Critical\"],\"tls_state\":[\"TLSEncrypt\"],\"updated_at\":[\"2025_04_28\"]}},\"tls\":{\"sni\":\"bardcauft.run\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"263c859c5391203d774bc0599793d915\",\"string\":\"771,49200,65281-0-11-16-23\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":4434,\"start\":\"2026-05-25T16:08:05.085982+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"bardcauft.run","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"bardcauft.run","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"bardcauft.run","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bardcauft.run","ip":{"addr":"40.91.108.115","port":80,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2025-04-08","domain_rank":0,"first_seen":"2025-04-14T23:43:28.36515Z","last_seen":"2025-12-16T11:43:26.465474Z","alert_count":6,"request_count":2,"received_data":5145,"sent_data":880,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:7.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"www.noticeofpleadings.net","ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2017-10-25","domain_rank":0,"first_seen":"2021-01-05T00:22:25Z","last_seen":"2026-05-24T04:01:41.259599Z","alert_count":11,"request_count":11,"received_data":2830640,"sent_data":5696,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"Bootstrap:5.2.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Azure Edge Network","description":"Azure Edge Network is a global network infrastructure provided by Microsoft Azure. It is designed to deliver content, applications, and services to end-users with low latency and high performance. The Azure Edge Network consists of a combination of Azure Content Delivery Network (CDN), Azure Front Door, and Azure Traffic Manager.","website":"https://learn.microsoft.com/en-us/azure/cdn/cdn-overview","common_platform_enumeration":"","icon":"Azure.svg","categories":["Miscellaneous"]},{"name":"Microsoft Ajax Content Delivery Network","description":"Microsoft Ajax Content Delivery Network hosts popular third party JavaScript libraries such as jQuery and enables you to easily add them to your web applications.","website":"https://docs.microsoft.com/en-us/aspnet/ajax/cdn/overview","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"bardcauft.run/","fqdn":"bardcauft.run","domain":"bardcauft.run","tld":"run"},"ip":{"addr":"40.91.108.115","port":80,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-25T16:08:05.543Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: bardcauft.run\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx/1.14.2\r\nDate: Mon, 25 May 2026 16:08:05 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/7.2.30\r\nLocation: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:7.2.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":4871,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-25T19:18:26.508161Z","times_seen":15696543,"resource_available":true,"data":null}},"time_used":512,"timings":{"blocked":162,"dns":1,"connect":162,"send":0,"wait":187,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"bardcauft.run","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"bardcauft.run","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"bardcauft.run","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/domainseizurenotice.htm","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-25T16:08:05.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/domainseizurenotice.htm HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: text/html\r\ncache-control: public, must-revalidate, max-age=30\r\ncontent-encoding: br\r\netag: \"71902876\"\r\nlast-modified: Tue, 19 May 2026 13:48:25 GMT\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007mu3\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":4871,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (451), with CRLF line terminators","md5":"5bf03021ec9f7fd1ac74f41abdb3cd52","sha1":"beac0e1d9bc671bde79031161579fcbf17ec3feb","sha256":"7cc3aa12f10775e23002e972d2ad2ac3695b11c11d7353a4b4b712df33292671","sha512":"634f89426bea46ceb7d046ba45e23da96039425f5972b0b700d58bf97986ca5d5a5d922ed3b47f6bebd4bd26c3419b7a117fd4f8bb2ebbf1b3c3cfc21835eec2","ssdeep":"96:GewZriqMPvh7oiAcTYhQ11wJ8Nev4PZKZACWMOXprBDv8UeBt:GeEeXPvh7oiAcaIBwQdz8Uef","tlshash":"7ba17315d6c4b52b917245a0a3332fa4fec84146975a0ae4b5f6139b2fc7cc6c7b3b88","first_seen":"2025-05-22T21:33:18.825058Z","last_seen":"2026-05-25T16:08:28.953045Z","times_seen":1119,"resource_available":true,"data":null}},"time_used":581,"timings":{"blocked":224,"dns":108,"connect":7,"send":0,"wait":117,"receive":0,"ssl":122},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/images/Europol_EC3_RGB_transparent_Horizontal%20version.png","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/images/Europol_EC3_RGB_transparent_Horizontal%20version.png HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 22738\r\ncache-control: public, must-revalidate, max-age=30\r\netag: \"71902876\"\r\nlast-modified: Tue, 19 May 2026 13:48:25 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007mud\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":22738,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1885 x 413, 8-bit/color RGBA, non-interlaced","md5":"0f2dc5963b33a57f296375e8f7fc2f65","sha1":"6243eb5dbb036ff44936cda4c5379a69ff30989b","sha256":"a7d556b2b5e2fc9ec8f3a02341fb04c2209c30b4d544c1c450036194b347b8df","sha512":"ba2f65120bbc1a14168abcee8a8795917ba4b2acf177a25f539c22f268682f9f234be3803c79824ae7d224d05e7c4368869505e62aff28e186dcc751e2527db2","ssdeep":"384:P7V8bdfwHZrAfPlD9PiIUehVGe+5zpIiKhiq8B0TtVQHH27:zGfY94TPiIUe/+wioistVaW7","tlshash":"e5a2bf9c3b0d540ad726177b183a2a2632fe6ab10613739c9f754331eefc7a9249c4c9","first_seen":"2025-05-22T21:33:18.817926Z","last_seen":"2026-05-25T16:08:28.954712Z","times_seen":1118,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/images/Orrick-RGB-Transparent.png","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/images/Orrick-RGB-Transparent.png HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 46736\r\ncache-control: public, must-revalidate, max-age=30\r\netag: \"71902876\"\r\nlast-modified: Tue, 19 May 2026 13:48:25 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007mue\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":46736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1801 x 1013, 8-bit/color RGBA, non-interlaced","md5":"d33053d4dcb104f9595b27fe79ba8b8e","sha1":"a41b1ab9ce5a8161345599685a6b5561e2a845e5","sha256":"09fb057900346976a567ff98ffffa4e1ffff02e03f67dc5ac0b9db8800c91fca","sha512":"17e016cbcf5301eedcc455d10dffe95af7180b4b7c1befcb8d1c909780c43033da67945fbef4633c80c7593a4d919c3190191d8f52ed6f625ef27b17152a07ca","ssdeep":"768:V0md731phvY79z3ID29SYL4S81lMJ4CEHMGvQ6DqRbOHZK8jvLN0V3S4Kpm+1IQw:Vj7nhvYpLR9kMJ9Es35WjZUXKpm+eRN3","tlshash":"6623cf47c4b7ae8bf180a531b4d51b72366097c4cd919f08cebb97706e063af86a7172","first_seen":"2025-05-22T21:33:18.819394Z","last_seen":"2026-05-25T16:08:28.95616Z","times_seen":1118,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/images/Bitsight_Logo_trademark_Black.png","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/images/Bitsight_Logo_trademark_Black.png HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 7200\r\ncache-control: public, must-revalidate, max-age=30\r\netag: \"47172087\"\r\nlast-modified: Tue, 19 May 2026 13:48:12 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007muf\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":7200,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1366 x 248, 8-bit/color RGBA, non-interlaced","md5":"5ed5de8dc9462bbbe6f983d5f8050b98","sha1":"4ef57248e384f3314e9e7c05ea3b144063f927ef","sha256":"3b463a7fbc3b845536c78a93f28d84ff13286fd38cfdde89a08ce43315bd4167","sha512":"8c75c5349530270fbbf034428b13efdfde3baa38c71b6ee8e70d2c2bda365b4172295056106013b1d86c979bb353898679322c1ae889965b601779f8532f9a0d","ssdeep":"192:dSfOTP72vCl18S73T7uL4gRSopU9O+8XpuqD7o1ztiygcal:gfOr7nl18S6LBw9t8Xpu08zts3","tlshash":"b8e18d62636ab90ac4869cb9765148d6e834d161d403eff7d63291c061b7cec5e32e1b","first_seen":"2025-05-22T21:33:18.820673Z","last_seen":"2026-05-25T16:08:28.958998Z","times_seen":1119,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/images/Lumen%20Logo%20Blue_Black%20Domestic.png","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/images/Lumen%20Logo%20Blue_Black%20Domestic.png HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 2732\r\ncache-control: public, must-revalidate, max-age=30\r\netag: \"47172087\"\r\nlast-modified: Tue, 19 May 2026 13:48:12 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007muh\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":2732,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 492 x 131, 8-bit/color RGBA, non-interlaced","md5":"f86604d9f5069dcf3afba2168fae4151","sha1":"d30d6f5357c4f11a7f32ed86971c8e62ff668d6a","sha256":"dc91eeb326c7ee12f618ffc9d48ffcf8adbec7e793e6d5d82bf9d87133e7fb45","sha512":"dcca66a305c62abe385ba77b7fc9804d781f36cb33623e8c2c3f42f336b7a32208c3638d1b64d74c8481632e0e9eafcc0dfbfe76159b66dd08fbff40aef64700","ssdeep":"","tlshash":"1e514acf6966829efacc20325a0026fdfedf51fa2034a95c14e85048e99770499eba06","first_seen":"2025-05-22T21:33:18.821827Z","last_seen":"2026-05-25T16:08:28.960106Z","times_seen":1120,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/images/Endgame%20Logo%202025.png","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/images/Endgame%20Logo%202025.png HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 2678215\r\ncache-control: public, must-revalidate, max-age=30\r\netag: \"47172087\"\r\nlast-modified: Tue, 19 May 2026 13:48:12 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007mun\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2678215,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2540 x 1500, 8-bit/color RGBA, non-interlaced","md5":"d049fe0d9764110bec0702a610ccafa2","sha1":"24b9438333276e610c6678a2967a5bdb1d0a2107","sha256":"c72c98de0191eb9b8116c78fbd8252e55c00009e3762f11d3faab76122672a8f","sha512":"fbaaf8157fdc3778152d36027180123e27e02cbb18150cec1cc92dfda0445a339d40e497179890e2c234de70a776cf8b8a2fcc02ea7b5db0191990ad86dafb3f","ssdeep":"24576:BcIHVKb7zCoW+e3Zc1sJyw6vPNxklGANvdAESJw6l4CjOU:Z1oLReqaJy3dxkUosZiCjOU","tlshash":"732523496b9bee8acc1f5065ceb51592a32fce0242c46478d8f9e60bb5434ad8f43d7c","first_seen":"2025-07-27T16:38:06.887331Z","last_seen":"2026-05-25T16:08:28.96207Z","times_seen":1023,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":234,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/images/Microsoft-logo_rgb_c-gray.png","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/images/Microsoft-logo_rgb_c-gray.png HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 20816\r\ncache-control: public, must-revalidate, max-age=30\r\netag: \"47172087\"\r\nlast-modified: Tue, 19 May 2026 13:48:12 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007muc\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20816,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2008 x 389, 8-bit/color RGBA, non-interlaced","md5":"1669c31d80fa78bbfd85dd4e61b87e0f","sha1":"8ea9cfd106d0970de143711088cef4ad6ed57da1","sha256":"631e791afae910ac13b7acee4a98560702aa308199be0c52dd02a2dc911b14c2","sha512":"1826f99b9b99bff3627512c28593d13677bd10a2022929d48f4dd54cbc2edd32d386c6387d0d6a448fcf8eb53833368ec2574fc4518be51678d5b31c8b45113e","ssdeep":"384:oJcsYkEIUU+ANgGPcpsXaJnHK4boKzwMWDSqv7V2Kk5Glo0ASncTLb:6csYjlANgELXaZHjoKzXAsKUGuK4Lb","tlshash":"a292c092f82db89eca5a2cf140df075d749da8858417446a73fb814daac6836fd37cc0","first_seen":"2025-05-22T21:33:18.82631Z","last_seen":"2026-05-25T16:08:28.962733Z","times_seen":1139,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":108,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/images/CF_logo_horizontal_blktype.png","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/images/CF_logo_horizontal_blktype.png HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 16365\r\ncache-control: public, must-revalidate, max-age=30\r\netag: \"71902876\"\r\nlast-modified: Tue, 19 May 2026 13:48:25 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007mug\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":16365,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1955 x 285, 8-bit/color RGBA, non-interlaced","md5":"7fec1a0db3a931330a55f159141bad3a","sha1":"4df39ebed58c154f5ef6f1db9a34c565f6024d49","sha256":"9e2da5c66eb64fb6c33f317cc844cd67cffb52f733f577f3d0c57d31b41f3503","sha512":"73a0a4d8522e03a24aa396727ccc84cd52991b34c2ccfc15dcf3b58be7d0400bd8ce89b108abf877b95171bda2250c0e29d95fb1b95a4afbd69538f331506cef","ssdeep":"384:tvWMzV+5BsswghmCXn9CXdiTiCvK3w/NrvsVkQyfjv:tuA+0gN9CX8Ti9AZsVkQyfr","tlshash":"1e72cf2142f69c11f94f15bb5c264e507822c9fc44267b5863fab0c4a6ca65aa83fc5b","first_seen":"2025-05-22T21:33:18.827501Z","last_seen":"2026-05-25T16:08:28.963432Z","times_seen":1327,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/images/ESET_logo_DS_PP_centered_color_RGB.png","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/images/ESET_logo_DS_PP_centered_color_RGB.png HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 8609\r\ncache-control: public, must-revalidate, max-age=30\r\netag: \"71902876\"\r\nlast-modified: Tue, 19 May 2026 13:48:25 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007muk\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":8609,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 360 x 200, 8-bit/color RGBA, non-interlaced","md5":"02807174ac917ad70fc86716baebc769","sha1":"9297dc461540b876a1309af10172b4ee1f45d7a5","sha256":"ce51a1eec1385cba3c8319d3ff9aa57de02b8e01e4b6033aaa8980112e3d4ae3","sha512":"0b13e5a8d1ad41091c187821c7c6e4c377b34de2317f82c30069fe2b33c0f0dfb46fd863ea90ad0e2196862a7d5653ac1472efa3d7cfc54dfae7e0c913138709","ssdeep":"192:oUlQaMK+QL7OCflB4AH8gYHLLF1pfxnVhC:FlQaMK+614y8RvZfjhC","tlshash":"7c02ae52f82a310fc817ae1a2629457b28f2c7c2bd22c5b5cdc7fc893553e7722521a2","first_seen":"2025-05-22T21:33:18.828819Z","last_seen":"2026-05-25T16:08:28.964112Z","times_seen":1120,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/lumma/images/CleanDNS-Logo-2025.png","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /lumma/images/CleanDNS-Logo-2025.png HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: image/png\r\ncontent-length: 11228\r\ncache-control: public, must-revalidate, max-age=30\r\netag: \"47172087\"\r\nlast-modified: Tue, 19 May 2026 13:48:12 GMT\r\nstrict-transport-security: max-age=10886400; includeSubDomains; preload\r\nreferrer-policy: same-origin\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-dns-prefetch-control: off\r\ncontent-security-policy: default-src 'self'; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-src 'none'; base-uri 'self'; form-action 'self'; frame-ancestors 'none'; report-uri /csp-report-endpoint/\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007mum\r\nx-cache: CONFIG_NOCACHE\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 905 x 148, 8-bit/color RGBA, non-interlaced","md5":"707494dc2948049efb8117578daaba91","sha1":"a036a41d112c0cfa8b83020ddb38a231482c7144","sha256":"1da9f1eecc77f4cab3a3d4ddcb0366975e6a143e8cfec4159b80fdcf0af6528c","sha512":"fcf42f11e5d67d036433249446384fb74fbdb047b694e6fe51ecd1d0f9b736334af83e53467678255862c43ca48394302c32730b13232b5283bc092291d8e61d","ssdeep":"192:jYC1a3sSYxUVUmC9eIStt68au/A/4D567tkNgsIlgkcEDLHplEIM:/1iYxUo9zgEho566NfFIplQ","tlshash":"a932c0ba98aed3995f160173543b808850856baf32e96f5c1fcafc54dda97d02cbf400","first_seen":"2025-05-22T21:33:18.829896Z","last_seen":"2026-05-25T16:08:28.965454Z","times_seen":1121,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.noticeofpleadings.net/favicon.ico","fqdn":"www.noticeofpleadings.net","domain":"noticeofpleadings.net","tld":"net"},"ip":{"addr":"150.171.109.200","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm","date":"2026-05-25T16:08:06.782Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.noticeofpleadings.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 16","organization":"Microsoft Corporation"},"validity":{"start":"Tue, 14 Apr 2026 18:42:02 GMT","end":"Sun, 11 Oct 2026 18:42:02 GMT"},"fingerprint":{"sha1":"D9:4F:99:18:77:D2:A4:B5:5E:B0:BE:14:B9:1D:B4:DF:4B:4D:56:19","sha256":"7B:B3:55:91:36:18:00:98:11:96:A5:F2:1F:B9:0A:A9:82:7F:23:5D:A6:16:2A:96:00:81:BC:10:B4:36:AF:2B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.noticeofpleadings.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.noticeofpleadings.net/lumma/domainseizurenotice.htm\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Mon, 25 May 2026 16:08:06 GMT\r\ncontent-type: text/html\r\nx-azure-ref: 20260525T160806Z-178f8fc85956m2q7hC1SVGwypw0000000960000000007mus\r\nx-cache: CONFIG_NOCACHE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Bootstrap:5.2.3","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"Azure Edge Network","description":"Azure Edge Network is a global network infrastructure provided by Microsoft Azure. It is designed to deliver content, applications, and services to end-users with low latency and high performance. The Azure Edge Network consists of a combination of Azure Content Delivery Network (CDN), Azure Front Door, and Azure Traffic Manager.","website":"https://learn.microsoft.com/en-us/azure/cdn/cdn-overview","common_platform_enumeration":"","icon":"Azure.svg","categories":["Miscellaneous"]},{"name":"Microsoft Ajax Content Delivery Network","description":"Microsoft Ajax Content Delivery Network hosts popular third party JavaScript libraries such as jQuery and enables you to easily add them to your web applications.","website":"https://docs.microsoft.com/en-us/aspnet/ajax/cdn/overview","common_platform_enumeration":"","icon":"Microsoft.svg","categories":["CDN"]},{"name":"jQuery:3.7.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":2400,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"8b6e5a69aafd321f4cff4ed84bb3bde1","sha1":"b6e7634a826b088dc49dbd8f61b0121327846271","sha256":"0a76274e99e285c9d7e18d094e71ea6fca1b0274e30c28492a24218e53c61cb3","sha512":"abeae136e3b7c52bd00937e6257b15d0fb163a1be77bbba0818fdc1bf32b96c0f3f49dcfd7d8a726211b7b49c3e660cc30fc2a12a4144ca4bc83e08d57203dee","ssdeep":"","tlshash":"7c41212b1930cd6f96b354fc1235232ed012a612dfa3d4c1a7f64783aed1947ece6209","first_seen":"2024-02-25T12:49:06Z","last_seen":"2026-05-25T16:08:28.967473Z","times_seen":1797,"resource_available":true,"data":null}},"time_used":139,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"www.noticeofpleadings.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bardcauft.run/","fqdn":"bardcauft.run","domain":"bardcauft.run","tld":"run"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-25T16:08:04.731Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: bardcauft.run\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-25T19:18:26.508161Z","times_seen":15696543,"resource_available":true,"data":null}},"time_used":355,"timings":{"blocked":355,"dns":0,"connect":161,"send":0,"wait":0,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"bardcauft.run","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"bardcauft.run","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-25","alert":"Sinkholed","trigger":"bardcauft.run","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}