{"report_id":"71be371e-90c5-433c-8016-8a2e390cf841","version":6,"status":"done","tags":[],"date":"2026-04-22T13:53:09Z","url":{"schema":"http","addr":"chillraydium.com","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"172.67.177.199","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"chillraydium.com/","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"title":"Pump | Voting","dom":{"size":27968,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18163)","md5":"3089c7a6c104da210bb3f8af07652c51","sha1":"ac31947fc0d5a596c42625b2000fc7615903e11b","sha256":"40154734db0dc1a1a5e1ad1087c6465ad711bdec536fdd7b1fa7eadabea68b5e","sha512":"ca2021b95c2eadf6092ed694aac6e66b8b5556a714ec4233099e60ad222299b7726a1629da0789dbc4ad04f29f398ab4c4dc6e1e5b4dea2e72f84548c82be4ad","ssdeep":"768:jhzQH2L0r82It4uSRhKut5NFgl+FU+xHyvfSDIJPJWf3b8fzwZPROHXL0hDgmwcx:VzqyrYAqU62s1aJ8Ys3","tlshash":"e6c23f54f9509e3f3a1762ff06c8deaf76a0301588577b48b2b880d1e786eb39db1518","dom_hash":"domhasha31e08b0cba789b43387490996750185","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"chillraydium.com","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"172.67.177.199","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-27T13:53:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"chillraydium.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":30,"request_count":10,"received_data":1111875,"sent_data":4473,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-19T22:20:23.925162Z","alert_count":0,"request_count":2,"received_data":13628,"sent_data":945,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-19T22:16:46.237507Z","alert_count":0,"request_count":2,"received_data":41006,"sent_data":1074,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"chillraydium.com/script-deseh.js","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"bffdf452699bd5788861a310da6337c0","sha1":"6bffe50a734e9c8ce09309b33291dabb5ca5960d","sha256":"b0ca310f18205a7f6b4d40d5943b2a6746326c374ff2a43e5a923e5e0b45e060","sha512":"fdb27ba5f46eca3ab7d1af8eb14a22731ba6129bee158bffb65fbbdb88a7b876ea9afcc34aabfab07affbc99f3e212237c2c4b0744ff2b187ed30f7951464ea5","ssdeep":"","tlshash":"645186543156653243ee04eb20fe92f4b7602880b405007478be94abbf76cd577b6fda","size":2751,"data":"","first_seen":"2026-04-22T13:53:14.678009Z","last_seen":"2026-04-22T13:57:59.449742Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/_nuxt/assets/index.js","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5775ff83a5b095f87fbf3e41df33cf10","sha1":"9463da9dc1d6c17982311d90d8108d72e99f527a","sha256":"c9104c3599e00e7f81236202478860708c9dc62f295ccd72b5f808b83b7e2f4e","sha512":"e50f343b0a9c0fb4b880d4512a55737140cca9dfa0270a97fd25530986f2dcf7a601be28d9a9f264e63108e03e47f2b8ebfbc3522a4685a5b3eecbf093c5b10a","ssdeep":"12288:QcLIGw/2r3/E3Cgg1XK0S4U9BLHY9mu0eQfogKjO2bXCHeIZB:QCwH0S4MY9f03fZwXiB","tlshash":"9a15d6772148c0b169ed29c43ca0dcab1aa8b6114f285c6864b7bd8454dfbafb345fdc","size":956617,"data":"","first_seen":"2026-04-21T16:51:31.72404Z","last_seen":"2026-05-02T16:09:23.174562Z","times_seen":158,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"9dd4e8f591cc2a3ae2a67d2aeab3aaca","sha1":"4f4a6c8da60a937dc02f7605a4a77d40ee380231","sha256":"6911450be4e2cb249b64c73923277be340ef25ef4ee8ea45c5dd254f4eb0fdf9","sha512":"563aa5d787fc255f75c53b04a5d65267c69aa6260d9671be52239f3e8dd7f2a17cab46d45644aacdeb1522b094d62f1fe70a0836a52b6eeecaaa5e3bd1f4a378","ssdeep":"12288:I6/cHzynjvQX204lHa0I64r0VvEQIfwZnESzzoW:I5x0I6s0VvEjf0zoW","tlshash":"f815c5752248c07289ed01d83c90d1cb2b28ba518fdc9ca868b775845adfb9f6355fec","size":925111,"data":"","first_seen":"2026-04-21T16:51:31.730791Z","last_seen":"2026-05-02T16:09:23.1908Z","times_seen":156,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"chillraydium.com/api/visit","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:48.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"POST /api/visit HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://chillraydium.com/\r\nOrigin: https://chillraydium.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:49 GMT\r\ncontent-type: text/plain;charset=utf-8\r\ncontent-length: 2\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZUbWjUOnwSyomYMVkto23GPA%2FCSYod9kUEP0p%2BFYARp3Vi3IdX6VDJo7S2UPq7jQ3Uqaohp5yD%2FkF8Yg5SZpQhOMg0CXAS8%2FP7pBYMFeprXx0xalINntXscfC0bB2VYnexCs\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f051c70add48be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-05-15T10:58:42.302915Z","times_seen":411812,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Manrope:wght@200..800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:47.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Manrope:wght@200..800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chillraydium.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 22 Apr 2026 13:52:47 GMT\r\ndate: Wed, 22 Apr 2026 13:52:47 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2168,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"4b79112690d08319473f3c5a17e3cbaa","sha1":"873a7e371528566c389e1d6b7f30be465f996a53","sha256":"106ba53d25e19a66ef4e9139f0f22f7847b6f9dd9a41412cb293b706c5ba72c8","sha512":"f1de4d185a896f75b3d34c16c24a04ee96cbc93d6d34c8f6bc3943a2fa6cf8ca3139523c265da51f48dc856ae39d4990a05234d9c3894b989505275a5a21b4d7","ssdeep":"","tlshash":"d64188900017e804eb470cd577ce7e39ad4e61566441c9fa9ffe189caddbd222360b5e","first_seen":"2025-09-05T03:57:58.007394Z","last_seen":"2026-05-15T09:58:24.123619Z","times_seen":2437,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":157,"dns":1,"connect":20,"send":0,"wait":35,"receive":0,"ssl":136},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/style-i85p4.css","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:47.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"GET /style-i85p4.css HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chillraydium.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:47 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\npriority: u=2,i=?0\r\nlast-modified: Thu, 26 Mar 2026 11:05:40 GMT\r\netag: W/\"69c51304-2ec4\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=12PJHNfAZzBdh88JqBXpQ82ZU%2BIaNPPWyamq9KTu5D2gMiHOJxyqUn0ifF2aqCmnUH%2FXXzoyOZbMwD5vz5yfYiP3ZaL%2Fx6nBMFdDTWZ2kVMIjEh0Yroqu4ufY9CsjCBarDPU\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f051c6a2ff28be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11972,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text","md5":"1d2780c8b911c7371964c7fa62b8a896","sha1":"de8b1d3812ce21a6509dac974cd91997b0fd537a","sha256":"38ba64bcff1e6bc6d204a55fcffcca1b8ab1dd43a26f9c128d7038c45b3e6b58","sha512":"0cfe49af777d54184946c383fdceb5b37fe50be1cad9bb6292372518768557991a088d8580275e968345162119d31a909d2ce44884d9c8d3fe453f409576b032","ssdeep":"192:sefAxdsQogfDCMziBxO0YJs386ZwHjxMtqxAwEhvsD9D517jSwahf0l:DzQzf9zivUG86KVMYJiwwa","tlshash":"fa32b18667761444780bd8a86fa24b55a22d8447910fdebd7fe1206ccfc91c96ab3fcc","first_seen":"2026-04-22T13:53:14.671413Z","last_seen":"2026-04-22T13:57:59.448292Z","times_seen":2,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":242,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/img/pump-logomark.svg","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:47.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"GET /img/pump-logomark.svg HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chillraydium.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:47 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Thu, 26 Mar 2026 11:05:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eGk7WWadh1n62p0QBvpORzypqnzyowP5u5ukbMQkRj5MpeWu44lWFYb5Az%2FVBd%2FGCQP86R6BO63CAS6FdBKVtwv%2BsPRvFm%2FWIuHAQukPrny76O2TvF%2F8fnQWGlfxiXA9G9BI\"}]}\r\netag: W/\"69c51304-a5d\"\r\ncontent-encoding: br\r\ncf-ray: 9f051c6a2ffd8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2653,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7ac045d44726d3ecd7d70cc10fd98c72","sha1":"d3e2dbb1530f6a00a41c9467e977fb61048ed08d","sha256":"2c72b8e06bbd7be8823c2cce4bbe652ba7a36e35074b8a1b27fd668304816379","sha512":"488d3da62f6ba30a36f8bb106262c3342583a719402680e34ce6d99ba26db1aea5d14496d7427aa39544527a3d5f63a0030d6e32d48e4366e07aacd5db5d12a8","ssdeep":"","tlshash":"395171ff7b5448e5de86c2f8eb2a2adb782a24d97120464193d42f29780176c4d8ac93","first_seen":"2025-11-15T00:25:53.758655Z","last_seen":"2026-05-14T18:55:07.29564Z","times_seen":329,"resource_available":false,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:47.996Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggOxSuXd.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://chillraydium.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14500\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 18 Apr 2026 18:57:55 GMT\r\nexpires: Sun, 18 Apr 2027 18:57:55 GMT\r\ncache-control: public, max-age=31536000\r\nage: 327293\r\nlast-modified: Thu, 04 Sep 2025 17:09:13 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14500,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 14500, version 1.0","md5":"e58febde317b69ceb51690ea201850c9","sha1":"d8fc94bf7a39043a7759bd564a7e16b3ea080736","sha256":"c268b459a9329e59fecf39a17618efd44c71735532048d60b12aab76a8c14914","sha512":"af17f0a6913d974bd7d38a060549dacd158c667abb08f830d44d302c1a1cb4f8106eeeb772d2b4066be2c5a1e763d26042c707343770f5e84b0f5165cab9d96b","ssdeep":"384:4VvSHMmDtGjtHrBRvGjLWPSNRXZpyJ+kC18bZ:4VvSsmDt6LBROj1RXZ4J+318bZ","tlshash":"8a52b05ef04e86f0b51f2a7ece5c6a1153725e56134f2e50e967b0c8c75e82a1e27142","first_seen":"2025-06-05T11:45:07.756161Z","last_seen":"2026-05-15T10:49:36.524401Z","times_seen":2562,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":84,"dns":1,"connect":8,"send":0,"wait":9,"receive":2,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.19.234","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:48.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chillraydium.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 22 Apr 2026 13:52:48 GMT\r\ndate: Wed, 22 Apr 2026 13:52:48 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10108,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"e85517dadd43448782d60d7f207fddce","sha1":"6cd31f870727ba8090fac9602b42524b4139a619","sha256":"88fbd0b95222be288587a149c324189ecbd8de0d6f0c94f528ec53857e52b66c","sha512":"5edc78df5bb062a9a2e1ea6724c14dd7eb80d77ea0fa9572de4bb0d52bbd0d163815b08a1ae77084f99fbefbb07715da1c61f0bb36fb498710c91387792955f8","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExlONEhYO3RrxGx:vXuM0p2+4","tlshash":"04227792002ba400ab971dc233cf7f3aaece50896085d1b95ffd0dc59cead66436876d","first_seen":"2025-09-10T18:13:11.065101Z","last_seen":"2026-05-15T11:07:49.956729Z","times_seen":26267,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/img/pump-logomark.svg","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:48.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"GET /img/pump-logomark.svg HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chillraydium.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:48 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\nlast-modified: Thu, 26 Mar 2026 11:05:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\nage: 0\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2BxiwH609rog0JRyal2J4QTgjFPJzbsPe40zm%2FOwwR8OZl0GY4S8YmBkmDfxPolPXhNtJrDxNeu%2FldSdLD88KvC0kCiYv9lUIkbLNH3yqbMvni38cBAwQHmoAlkvwkEXfzNiS\"}]}\r\netag: W/\"69c51304-a5d\"\r\ncontent-encoding: br\r\ncf-ray: 9f051c6ffb5c8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2653,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7ac045d44726d3ecd7d70cc10fd98c72","sha1":"d3e2dbb1530f6a00a41c9467e977fb61048ed08d","sha256":"2c72b8e06bbd7be8823c2cce4bbe652ba7a36e35074b8a1b27fd668304816379","sha512":"488d3da62f6ba30a36f8bb106262c3342583a719402680e34ce6d99ba26db1aea5d14496d7427aa39544527a3d5f63a0030d6e32d48e4366e07aacd5db5d12a8","ssdeep":"","tlshash":"395171ff7b5448e5de86c2f8eb2a2adb782a24d97120464193d42f29780176c4d8ac93","first_seen":"2025-11-15T00:25:53.758655Z","last_seen":"2026-05-14T18:55:07.29564Z","times_seen":329,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/api/is-banned","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:48.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"GET /api/is-banned HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://chillraydium.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:48 GMT\r\ncontent-type: text/plain;charset=utf-8\r\ncontent-length: 1\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncache-control: private, max-age=300\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=D8WJxexJ7Ul05hWnKkwNdtaV6l0w7jPH8wfoW5Iv6Alkn5CmzPat%2F3HtwEdeMob41bm0iGocfwKD%2FQ5WEpeCifOEFl1%2BJRmeeCvxPFeHSJXFdctj%2Bc336NvmVclobaOtpvFr\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f051c700b7f8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"very short file (no magic)","md5":"cfcd208495d565ef66e7dff9f98764da","sha1":"b6589fc6ab0dc82cf12099d1c2d40ab994e8410c","sha256":"5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9","sha512":"31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99","ssdeep":"","tlshash":"c700000000000000c00000300000000000000000000000000000000000000000000000","first_seen":"2023-03-07T01:37:31Z","last_seen":"2026-05-15T10:51:26.860567Z","times_seen":110908,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/api/config","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:48.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"GET /api/config HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://chillraydium.com/\r\ncontent-language: en-US,q=0.8;en\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:48 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, POST\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t8Uha%2FNvIZEgrRi%2FtGqERpU9eXWpVLXjS1qbLvfflVSTrEcXq1xPycxE9VJFAcaTPLHwmQpFYsqQnZo%2Fodi5OuhZWVslqyj9H1bGTEbpp98QcNQXUF8mAuLUmfrZcUpPeOyt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9f051c700b848be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":181,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"data","md5":"680debdc36047af96c48016f8063e5e2","sha1":"9d23c2fd3f3ed710ed16fafda2fe1da6ad46aab4","sha256":"e3913524fd300d0c63dd550d67db87117beee1a19e29af2750d45e2736bd43f8","sha512":"8161fe33580dca4b415e085b91a8ab9efc0dc0ef64c0c74c1f3c095cc37eefbf416b497ff8577db194ea2e46659e678d3fd173f9e779e8f8a358821aac610bf9","ssdeep":"","tlshash":"62d0eb47429147b8ea0306ec012e10c0a1e0e6ccc310861e01071e00814d6a5dbf4004","first_seen":"2026-04-22T13:53:14.674587Z","last_seen":"2026-04-22T13:53:14.674587Z","times_seen":1,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-22T13:52:47.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:47 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nlast-modified: Thu, 26 Mar 2026 11:05:40 GMT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nTbH2E%2BHzzBm1vKr7xKS3pHvzaKkG2yiPKs8Svci2soylyxfkRUq%2B4Gta%2FurMej%2BsMgM0ZYsBMiAnltKaLxMnGzv0ahW6iiMzsgCgAgRFdZp3c9QILk4wo507f2weLi5GNx%2B\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f051c676eae56cb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Vue.js","description":"Vue.js is an open-source model–view–viewmodel JavaScript framework for building user interfaces and single-page applications.","website":"https://vuejs.org","common_platform_enumeration":"","icon":"vue.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Nuxt.js","description":"Nuxt is a Vue framework for developing modern web applications.","website":"https://nuxt.com","common_platform_enumeration":"","icon":"Nuxt.js.svg","categories":["JavaScript frameworks","Web frameworks","Web servers","Static site generator"]}],"data":{"size":10977,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (8696), with no line terminators","md5":"60000330a902bfba310b93f82e80fe05","sha1":"d3c749188ffc35b4b90fa02d757b971f516f6c32","sha256":"af4de61f64cd1c92c8fde3d13e9c0f1c73844e1f0c79fe8c2567fcaec217238e","sha512":"9c717697f819324ba77c4e92fd5816cc7515244fc0725b09e0f94985abf4f76d16a54d771bab20e098442e3d9014b66cfb02d6992fb45399527d03203d95c936","ssdeep":"192:G4JP1OLgudtmWGguJp4kWfZskVk+u+Meu+G:bPsgOmPJpzWBsMru+Jut","tlshash":"5232b4714261a55e22330ec36e65273b78f981bdda6b0e00dfedd6e0e794d7ae835204","first_seen":"2026-04-22T13:53:14.675366Z","last_seen":"2026-04-22T13:57:59.454378Z","times_seen":2,"resource_available":true,"data":null}},"time_used":391,"timings":{"blocked":72,"dns":47,"connect":1,"send":0,"wait":246,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/_nuxt/assets/index.js","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:47.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"GET /_nuxt/assets/index.js HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chillraydium.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:47 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Tue, 21 Apr 2026 16:35:14 GMT\r\netag: W/\"69e7a742-e9e37\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=300, must-revalidate\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9xHDl8dMpMsN83c7u7gDXswPECeHuXCuJS%2BSbEqxQx4NW6yhQK8%2BAei%2BjeD8W3D1zELjOj1qtCHtCfZ4FzS4aOlUP8BF6F98T5UDOdKwcjfXy2R%2BrysKKJrnjFmFAPYew9Uh\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f051c6a2ff88be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":958007,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (63400), with no line terminators","md5":"9f21311798a360eaafcaeac29e2caff5","sha1":"5d1cba3d6c4dab8313f5fe0fbf485d86a94251bf","sha256":"3deb9206b4b446d8c4410c227171aef0360043ecd0d1297610bec1191d3335b2","sha512":"39960265d5d39ecc85c860785097954b55d3c83e6a88a5244adab86fd23903cf6167d3b7b2c9949422a6c83a58a29bcc840c897017e971ea19cb1b48d78da435","ssdeep":"12288:QcLIGw/2r3/E3Cgg1XK0S4U9BLHYYvjMIZa5aKCVDv+3nOJlgVQfogKjO2bXCHew:QCwH0S4MY+fZwXiB","tlshash":"ca25c6732144c3b169aa2dd43db0dcab1a6479558e184c686e63bc4c48cfaef7345fac","first_seen":"2026-04-22T13:53:14.676353Z","last_seen":"2026-04-25T12:37:33.670016Z","times_seen":2,"resource_available":false,"data":null}},"time_used":538,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":275,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/QmYQEBV8XvBvPHbZq4TMiTgu3KzV9fpjnPYKvenqgnVTRQ.png","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:47.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"GET /QmYQEBV8XvBvPHbZq4TMiTgu3KzV9fpjnPYKvenqgnVTRQ.png HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chillraydium.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 115382\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\nlast-modified: Thu, 26 Mar 2026 11:05:41 GMT\r\netag: \"69c51305-1c2b6\"\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\naccept-ranges: bytes\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qLdou1YCZpySEJ1%2BITh0lgWSHi7Kx2TnYCSWYXpS%2Funcm3%2FloaJQWAiKCUES7KMPcR6V%2BQt7mqEts8JZy8LHwh4H6ebhMeXBQHOL3zHIF1Sho5NlEdOB8PRPMi6woHwtl4Rt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f051c6a3fff8be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":115382,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 718x722, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"09a9ce082521445eae276459af868d86","sha1":"ecb4b02c4b3397bc3f12bc8c0cfe9d9bbe159b5c","sha256":"e98782b6961a4f8765bf617c2ced2b191a53dcfa5d65d48cc15d82a20b0f5fc7","sha512":"3234498aef88544e52ac1df49f4b72cdd014d1141d5d57369e13c6cb56f94cd0d06676ea14cf99be59e6148f28d3fb50eecf4884e8603b8cce1735497edd069f","ssdeep":"3072:3n9i+xFR+aDRjpD+PagDM3e9k8hs1RQn8/PlLCCK:39iwFRppII3a3+R+mL/K","tlshash":"92b3129fd3a1566a149dc3b5b11f506ecbe0d6b4806718b602bc48c7b8d4ea8f25e3dc","first_seen":"2026-04-22T13:53:14.677118Z","last_seen":"2026-04-22T13:57:59.450961Z","times_seen":2,"resource_available":false,"data":null}},"time_used":433,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":239,"receive":194,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"chillraydium.com/script-deseh.js","fqdn":"chillraydium.com","domain":"chillraydium.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:47.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"chillraydium.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 25 Mar 2026 11:48:49 GMT","end":"Tue, 23 Jun 2026 11:48:48 GMT"},"fingerprint":{"sha1":"01:9F:37:0F:59:4C:AE:91:22:95:58:A6:D6:61:E2:0B:8D:A9:EA:9F","sha256":"E8:4C:04:6C:6D:E8:40:B7:93:F5:59:35:F8:29:38:85:C9:91:10:FA:B9:39:70:78:DD:34:DB:13:EC:67:14:06"}}},"request":{"raw":"GET /script-deseh.js HTTP/1.1\r\nHost: chillraydium.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://chillraydium.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 22 Apr 2026 13:52:47 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nlast-modified: Thu, 26 Mar 2026 11:05:40 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=864000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t3Xe%2FtvodcSqqTgY0S5A9%2Fxyls%2F%2F%2Ft37zqGklZXvCGZhvl32WRs02%2Bbze6GAUM2E0UesDCVU19jeNn3k2lBMe7il3wzVIU8ZgOOUUK9mg4%2BM%2FJBdb%2BfT%2FSc2BwSKlr9bPqf6\"}]}\r\netag: W/\"69c51304-abf\"\r\ncontent-encoding: br\r\ncf-ray: 9f051c6a38048be6-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2751,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (2751), with no line terminators","md5":"bffdf452699bd5788861a310da6337c0","sha1":"6bffe50a734e9c8ce09309b33291dabb5ca5960d","sha256":"b0ca310f18205a7f6b4d40d5943b2a6746326c374ff2a43e5a923e5e0b45e060","sha512":"fdb27ba5f46eca3ab7d1af8eb14a22731ba6129bee158bffb65fbbdb88a7b876ea9afcc34aabfab07affbc99f3e212237c2c4b0744ff2b187ed30f7951464ea5","ssdeep":"","tlshash":"645186543156653243ee04eb20fe92f4b7602880b405007478be94abbf76cd577b6fda","first_seen":"2026-04-22T13:53:14.678009Z","last_seen":"2026-04-22T13:57:59.449742Z","times_seen":2,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-22","alert":"Sinkholed","trigger":"chillraydium.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.25.3","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://chillraydium.com/","date":"2026-04-22T13:52:47.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"8B:DF:9C:24:AB:AD:AB:73:3F:51:0F:25:2B:18:76:79:1A:C5:63:A0","sha256":"BF:5C:B4:F2:20:4F:D0:E5:76:81:59:52:5F:3E:D2:4F:8D:33:B3:30:36:84:C8:7E:0E:AB:58:1E:7D:D6:E2:6D"}}},"request":{"raw":"GET /s/manrope/v20/xn7gYHE41ni1AdIRggexSg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://chillraydium.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 24836\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 16 Apr 2026 08:25:54 GMT\r\nexpires: Fri, 16 Apr 2027 08:25:54 GMT\r\ncache-control: public, max-age=31536000\r\nage: 538014\r\nlast-modified: Thu, 04 Sep 2025 17:08:28 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":24836,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 24836, version 1.0","md5":"938c6e8019b69313372c47dbb7a7c930","sha1":"b42951014c5eca12749d87a4706caf22dc4fe081","sha256":"a30ddcd349703aff7464c34bef3fffdff405ee50c113440d7c8693c02d210972","sha512":"5537c005cd8f321f26fe67f6292b3ec14e88ff4b2365311628dbbe4753e01e568f6881b9f2e7d71e8e6b2c261ed25f372829dd28f89f865ce574b4e1fec29614","ssdeep":"768:3KQaj5c95F1QmIwa55Go1COpZLpkkM46CU+YIC:ahj5cXow65xCM5pkkM468YB","tlshash":"a2b2f105ee49b3d4b276f1fcfa802884179282f27dabda8f3f2015981dd8e5b8d45320","first_seen":"2025-06-02T20:09:41.98255Z","last_seen":"2026-05-15T10:59:11.952841Z","times_seen":23726,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":153,"dns":1,"connect":21,"send":0,"wait":10,"receive":8,"ssl":129},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}