{"report_id":"9bb368b7-0ca9-40ec-a6e3-9faeae62a1b5","version":6,"status":"done","tags":[],"date":"2026-04-20T10:52:57Z","url":{"schema":"http","addr":"yumi-finance-leap.lovable.app","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":0,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"final":{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"title":"Yumi Finance - The Future of Blockchain BNPL","dom":{"size":92528,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (47124)","md5":"40458579ff4d2ffe454ea7b26e0c6647","sha1":"58c4d9566329d17351f970c0ae70169ab94ac2af","sha256":"37da1a5752221744bca6276ed04ba45db4923971b3fec56c3efd2118516619df","sha512":"4692b5d4dff231490b580783d35e0b5a970be3b6c2b390c7e82f418762aa655635b385b18967fa33b50d2c94f26a80976446db7671348080bd24ab903eb690c1","ssdeep":"768:6TZeccxksc64Jysq7vGT7YuuSlPpIXh/3XxIABBtGA9e8DY5Iae4+yjVBhiHi67S:Zx/c64Jysq7vBtYNe35DakgmY","tlshash":"8c9362366110537f5897ce68f2f0b71ad46ec718ddb38a6bf2dd02631bc2d65ca62284","dom_hash":"domhash7fb9d6356ba7d65dc7e9e6bc76db4892","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"yumi-finance-leap.lovable.app","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":0,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-25T10:52:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-20T10:52:35Z","timestamp":1776682355,"ip_dst":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"ip_src":{"addr":"Client IP","port":40074,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO AI Service Domain (lovable .app) in TLS SNI","source":"{\"timestamp\":\"2026-04-20T10:52:35.655426+0000\",\"flow_id\":541563255250069,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":40074,\"dest_ip\":\"185.41.148.1\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2063043,\"rev\":1,\"signature\":\"ET INFO AI Service Domain (lovable .app) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"Medium\"],\"created_at\":[\"2025_06_18\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0042\"],\"mitre_tactic_name\":[\"Resource_Development\"],\"mitre_technique_id\":[\"T1587\"],\"mitre_technique_name\":[\"Develop_Capabilities\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2025_06_18\"]}},\"tls\":{\"sni\":\"yumi-finance-leap.lovable.app\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":931,\"bytes_toclient\":3518,\"start\":\"2026-04-20T10:52:35.646293+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"yumi-finance-leap.lovable.app","ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"domain_registered":"2023-05-06","domain_rank":0,"first_seen":"2026-04-20T10:52:58.397361Z","last_seen":"2026-04-20T10:52:58.397361Z","alert_count":14,"request_count":7,"received_data":536252,"sent_data":4704,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.gpteng.co","ip":{"addr":"104.18.29.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-06-26","domain_rank":776423,"first_seen":"2024-12-08T00:48:33.877309Z","last_seen":"2026-04-15T00:50:53.989981Z","alert_count":0,"request_count":1,"received_data":134510,"sent_data":558,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"2acd3d73bbc8d3ba3f35629bb52bdc87","sha1":"1ceb5cdb1aaef828d045f93c024d676b2a173ff5","sha256":"b6ca917f8a08af4a6ad8cc558c1aa032e1e0648b79ce297747c7f6d3a6693807","sha512":"087546aae007202ed3509d48e832308255bf2c81f32242f4fcfc51a4bd81b653856059e7c9abfa88b9fadaa45ed3857d59acc885222f8d6f2234942b235402f7","ssdeep":"","tlshash":"9801afcbe7ec623243a5b4b9185aa5dd3e3800f0eb005bb61c744db43394d5d002ee81","size":829,"data":"","first_seen":"2026-01-07T03:19:54.535133Z","last_seen":"2026-04-21T14:15:52.033592Z","times_seen":493,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/assets/index-BuJYcF-s.js","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"d29efa9419d65852ed2e3fd085e2af44","sha1":"69156d598c042ac3d55682ad943a1b06d942f1ea","sha256":"44553b4af6d2bc25bd2b5bf7386f8ed22d09a99381a5c26a101ab6e8e1cdd6c9","sha512":"8e7d95bdbf136dc1951f87361609fdd8fc53537cd586f964a8ba1d19183af75bbed0994dcbf7f3b7e03097cb821f7f630fba0ef038161460c1beb4bb3b5dc159","ssdeep":"6144:vzpxd08opSFQTP5xib138bcXdFbDdVVJjRg/MatX1:Lc/ip38bcXfzP6/Mk","tlshash":"5b648ec8305ab679abf346b1507f420b72391912a80d8460f12ced6e77b1545a2bbffd","size":331590,"data":"","first_seen":"2026-04-20T10:53:00.491201Z","last_seen":"2026-04-20T10:53:00.491201Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/~flock.js","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed557a78d5301fbb961abfe911a42b62","sha1":"d11a2a4e9fee28c4b1abc38cd8136bffec7e325b","sha256":"a86e084b4f82709814be6c15fd6305daa783fda87ad95402da9a4d3a1dd6d748","sha512":"18dd1525e2b4d89e3c46d92367fca020cf99fb07856acfd96a25dc7410611eea83b438c91691683983495945eb04a9427bc63e2a383cbe93449f4df0eb1ddb51","ssdeep":"384:FtUCBXTpeaFEo5TTThri1t/mCsOCXiTNZruJ4vKFlcEhRCDxOcX/YM2Vybyq/kmt:n7XTpeauI/Thri1CKWM4ldRzurwkTO0D","tlshash":"cea2b6d61007243d57ead1a13929f7d63177ea98a0caec8a7de91f84d414c83f3f294a","size":21296,"data":"","first_seen":"2025-07-30T15:25:28.733337Z","last_seen":"2026-04-22T10:53:35.712495Z","times_seen":6529,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T10:52:35.635Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 17:48:26 GMT","end":"Wed, 15 Jul 2026 18:48:10 GMT"},"fingerprint":{"sha1":"47:E0:53:E5:D8:75:D5:4F:81:E8:A3:59:B3:EF:A7:86:98:7A:86:13","sha256":"67:82:3B:B1:04:22:D5:15:77:C5:06:B9:83:99:A2:B9:D8:E3:88:2C:E1:25:5D:8D:E6:19:7B:9B:8A:9E:13:74"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: yumi-finance-leap.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:52:36 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, must-revalidate, max-age=0\r\nset-cookie: __cf_bm=Dxu5kOhepeMs2gfOXkZzXdko0xYHlvW9ySMp8BS.xtc-1776682355.6717157-1.0.1.1-gKnCZGOMYliZttpf9MMn7GDDui0bbu1Bsm_wBbziQnQSJ_u65x7Y2sza4fuATD_.RpodyrtLDy_9H9S1kr030qgJH44c43eR2jeXcPrqXbrmUXP.UIS2U3JZQX9GjU6H; HttpOnly; Secure; Path=/; Domain=lovable.app; Expires=Mon, 20 Apr 2026 11:22:36 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9ef399b2fbc2a0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11029,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2980)","md5":"94a3dfe1d232a2c8c539cb576318dd95","sha1":"37d254411a9042a3fd737fb9dffa7f9d063c6ef3","sha256":"3ebf36bd3d093b914a5d986332312a4ff8ad414800807b4310eb5ebed33f501b","sha512":"3fe557a247f7f8744412a95b5c707fc76bbf28461384eace25fb918a76ede4a96112cbd5f38cc31bc76a239a958ef301bc2aaab270023330f1baeab523440d66","ssdeep":"96:xGrgKkpLTU15OA3lghaoX9DSjxpeHTw0k6Bg2+3wehaBQ8VjKx3NuZkTmB0qMcSi:IrCLTUqYvjIjywAcQSyUZxBH73YXQ","tlshash":"8c32fad2c368b63d9351d1bcafd9f4c8172990f3ea058de1b95e097816cb69ce107e90","first_seen":"2026-04-20T10:53:00.475959Z","last_seen":"2026-04-20T10:53:00.475959Z","times_seen":1,"resource_available":true,"data":null}},"time_used":463,"timings":{"blocked":37,"dns":12,"connect":1,"send":0,"wait":389,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/assets/index-BuJYcF-s.js","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yumi-finance-leap.lovable.app/","date":"2026-04-20T10:52:36.234Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 17:48:26 GMT","end":"Wed, 15 Jul 2026 18:48:10 GMT"},"fingerprint":{"sha1":"47:E0:53:E5:D8:75:D5:4F:81:E8:A3:59:B3:EF:A7:86:98:7A:86:13","sha256":"67:82:3B:B1:04:22:D5:15:77:C5:06:B9:83:99:A2:B9:D8:E3:88:2C:E1:25:5D:8D:E6:19:7B:9B:8A:9E:13:74"}}},"request":{"raw":"GET /assets/index-BuJYcF-s.js HTTP/1.1\r\nHost: yumi-finance-leap.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yumi-finance-leap.lovable.app/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=Dxu5kOhepeMs2gfOXkZzXdko0xYHlvW9ySMp8BS.xtc-1776682355.6717157-1.0.1.1-gKnCZGOMYliZttpf9MMn7GDDui0bbu1Bsm_wBbziQnQSJ_u65x7Y2sza4fuATD_.RpodyrtLDy_9H9S1kr030qgJH44c43eR2jeXcPrqXbrmUXP.UIS2U3JZQX9GjU6H\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:52:36 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\netag: W/\"d29efa9419d65852ed2e3fd085e2af44\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9ef399b67e1ea0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":331590,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37527)","md5":"d29efa9419d65852ed2e3fd085e2af44","sha1":"69156d598c042ac3d55682ad943a1b06d942f1ea","sha256":"44553b4af6d2bc25bd2b5bf7386f8ed22d09a99381a5c26a101ab6e8e1cdd6c9","sha512":"8e7d95bdbf136dc1951f87361609fdd8fc53537cd586f964a8ba1d19183af75bbed0994dcbf7f3b7e03097cb821f7f630fba0ef038161460c1beb4bb3b5dc159","ssdeep":"6144:vzpxd08opSFQTP5xib138bcXdFbDdVVJjRg/MatX1:Lc/ip38bcXfzP6/Mk","tlshash":"5b648ec8305ab679abf346b1507f420b72391912a80d8460f12ced6e77b1545a2bbffd","first_seen":"2026-04-20T10:53:00.491201Z","last_seen":"2026-04-20T10:53:00.491201Z","times_seen":1,"resource_available":true,"data":null}},"time_used":248,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/assets/index-ClAVhTtk.css","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://yumi-finance-leap.lovable.app/","date":"2026-04-20T10:52:36.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 17:48:26 GMT","end":"Wed, 15 Jul 2026 18:48:10 GMT"},"fingerprint":{"sha1":"47:E0:53:E5:D8:75:D5:4F:81:E8:A3:59:B3:EF:A7:86:98:7A:86:13","sha256":"67:82:3B:B1:04:22:D5:15:77:C5:06:B9:83:99:A2:B9:D8:E3:88:2C:E1:25:5D:8D:E6:19:7B:9B:8A:9E:13:74"}}},"request":{"raw":"GET /assets/index-ClAVhTtk.css HTTP/1.1\r\nHost: yumi-finance-leap.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yumi-finance-leap.lovable.app/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=Dxu5kOhepeMs2gfOXkZzXdko0xYHlvW9ySMp8BS.xtc-1776682355.6717157-1.0.1.1-gKnCZGOMYliZttpf9MMn7GDDui0bbu1Bsm_wBbziQnQSJ_u65x7Y2sza4fuATD_.RpodyrtLDy_9H9S1kr030qgJH44c43eR2jeXcPrqXbrmUXP.UIS2U3JZQX9GjU6H\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:52:36 GMT\r\ncontent-type: text/css; charset=utf-8\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\netag: W/\"ecf75955d8d0f79d639465a39d2c3283\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9ef399b67e2aa0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":63392,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (63391)","md5":"ecf75955d8d0f79d639465a39d2c3283","sha1":"6ce76fcade875afa55a4b8c70e1c44352692fd06","sha256":"0bf5a88e6e62b1623fad3cc151c5b4104aa96c5d1f6d9cc9445eb985cd1f2c14","sha512":"269a03459994147f2c92b3aaba4d2c769f9884ce9236b026f6cc756a8efb45fcc91b93693d4a0c666029adca1d38411fb8c971f7ac538fafcd93b3d0374b127e","ssdeep":"1536:PhHWFYBkP6yURaGWCr378VQZkt5FNCoAT:PhHW0kBURaGWCr378VQZkt5FfAT","tlshash":"b8539519b919a17e3c2790e883ccb9ec610af0c0dd3b05b5be9a41316ad37f619bb558","first_seen":"2026-04-20T10:53:00.493414Z","last_seen":"2026-04-20T10:53:00.493414Z","times_seen":1,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":244,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/favicon.ico","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yumi-finance-leap.lovable.app/","date":"2026-04-20T10:52:36.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 17:48:26 GMT","end":"Wed, 15 Jul 2026 18:48:10 GMT"},"fingerprint":{"sha1":"47:E0:53:E5:D8:75:D5:4F:81:E8:A3:59:B3:EF:A7:86:98:7A:86:13","sha256":"67:82:3B:B1:04:22:D5:15:77:C5:06:B9:83:99:A2:B9:D8:E3:88:2C:E1:25:5D:8D:E6:19:7B:9B:8A:9E:13:74"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: yumi-finance-leap.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yumi-finance-leap.lovable.app/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=Dxu5kOhepeMs2gfOXkZzXdko0xYHlvW9ySMp8BS.xtc-1776682355.6717157-1.0.1.1-gKnCZGOMYliZttpf9MMn7GDDui0bbu1Bsm_wBbziQnQSJ_u65x7Y2sza4fuATD_.RpodyrtLDy_9H9S1kr030qgJH44c43eR2jeXcPrqXbrmUXP.UIS2U3JZQX9GjU6H\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:52:36 GMT\r\ncontent-type: image/x-icon\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\netag: W/\"566e64364d6957715dc11845f4800700\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9ef399b95fa3a0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7645,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 73 x 74, 8-bit/color RGBA, non-interlaced","md5":"566e64364d6957715dc11845f4800700","sha1":"db98fcaaf06be921ed2b8f25ac80f0add9f4a787","sha256":"29a40d56580a5366083461297773dbf146ec043d1156f432f5472cb3487f506b","sha512":"d93824f3088a249625d0bbb64a99d1e320aa4e375ceea0205c961de73d04c635c97a7788865260e3ca13aba38a8dd95435f2183869f17a41afd4ee7d9364bc74","ssdeep":"192:NUNBikqtkfu6b+DkwFy3/0sRmz4fL5AHtHyhaFg63/:uNkkdfakwFy3/Xk6lepy6P","tlshash":"40f19e9f7f833802d90c95bf5492c75189c9d5551558c23fb0fd6132acaf5d3629f085","first_seen":"2025-05-20T14:46:56.545075Z","last_seen":"2026-04-21T15:50:19.494905Z","times_seen":1206,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/~api/analytics","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://yumi-finance-leap.lovable.app/","date":"2026-04-20T10:52:36.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 17:48:26 GMT","end":"Wed, 15 Jul 2026 18:48:10 GMT"},"fingerprint":{"sha1":"47:E0:53:E5:D8:75:D5:4F:81:E8:A3:59:B3:EF:A7:86:98:7A:86:13","sha256":"67:82:3B:B1:04:22:D5:15:77:C5:06:B9:83:99:A2:B9:D8:E3:88:2C:E1:25:5D:8D:E6:19:7B:9B:8A:9E:13:74"}}},"request":{"raw":"POST /~api/analytics HTTP/1.1\r\nHost: yumi-finance-leap.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yumi-finance-leap.lovable.app/\r\nContent-Type: application/json\r\nContent-Length: 350\r\nOrigin: https://yumi-finance-leap.lovable.app\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=Dxu5kOhepeMs2gfOXkZzXdko0xYHlvW9ySMp8BS.xtc-1776682355.6717157-1.0.1.1-gKnCZGOMYliZttpf9MMn7GDDui0bbu1Bsm_wBbziQnQSJ_u65x7Y2sza4fuATD_.RpodyrtLDy_9H9S1kr030qgJH44c43eR2jeXcPrqXbrmUXP.UIS2U3JZQX9GjU6H; session-id=0fef9066-a8f9-4fc9-89db-9867b38afe0b\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":350,"data":"{\"timestamp\":\"2026-04-20T10:52:36.889Z\",\"action\":\"page_hit\",\"version\":\"1\",\"session_id\":\"0fef9066-a8f9-4fc9-89db-9867b38afe0b\",\"payload\":\"{\\\"user-agent\\\":\\\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\\\",\\\"locale\\\":\\\"en-US\\\",\\\"referrer\\\":\\\"\\\",\\\"pathname\\\":\\\"/\\\",\\\"href\\\":\\\"https://yumi-finance-leap.lovable.app/\\\"}\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:52:37 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 4\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9ef399ba9bfaa0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"f92965e2c8a7afb3c1b9a5c09a263636","sha1":"e9b450d14bc2363d292c84f17cfad5cfbd58a458","sha256":"11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516","sha512":"25775ba3c567970fc3df3f8107f2a78a67c5619d54bfb37704423acceec253316949eee77b81100a01b91c742e475b4f6157dd2427a9f9fafd87a4078f2d65df","ssdeep":"","tlshash":"54300000000000000000c00c00000000000000000c0000000000000000000000000000","first_seen":"2023-04-09T18:20:08Z","last_seen":"2026-04-22T10:53:35.669105Z","times_seen":6660,"resource_available":true,"data":null}},"time_used":710,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":710,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/~flock.js","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://yumi-finance-leap.lovable.app/","date":"2026-04-20T10:52:36.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 17:48:26 GMT","end":"Wed, 15 Jul 2026 18:48:10 GMT"},"fingerprint":{"sha1":"47:E0:53:E5:D8:75:D5:4F:81:E8:A3:59:B3:EF:A7:86:98:7A:86:13","sha256":"67:82:3B:B1:04:22:D5:15:77:C5:06:B9:83:99:A2:B9:D8:E3:88:2C:E1:25:5D:8D:E6:19:7B:9B:8A:9E:13:74"}}},"request":{"raw":"GET /~flock.js HTTP/1.1\r\nHost: yumi-finance-leap.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yumi-finance-leap.lovable.app/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=Dxu5kOhepeMs2gfOXkZzXdko0xYHlvW9ySMp8BS.xtc-1776682355.6717157-1.0.1.1-gKnCZGOMYliZttpf9MMn7GDDui0bbu1Bsm_wBbziQnQSJ_u65x7Y2sza4fuATD_.RpodyrtLDy_9H9S1kr030qgJH44c43eR2jeXcPrqXbrmUXP.UIS2U3JZQX9GjU6H\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:52:36 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: max-age=1500\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9ef399b67e33a0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21296,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (21296), with no line terminators","md5":"ed557a78d5301fbb961abfe911a42b62","sha1":"d11a2a4e9fee28c4b1abc38cd8136bffec7e325b","sha256":"a86e084b4f82709814be6c15fd6305daa783fda87ad95402da9a4d3a1dd6d748","sha512":"18dd1525e2b4d89e3c46d92367fca020cf99fb07856acfd96a25dc7410611eea83b438c91691683983495945eb04a9427bc63e2a383cbe93449f4df0eb1ddb51","ssdeep":"384:FtUCBXTpeaFEo5TTThri1t/mCsOCXiTNZruJ4vKFlcEhRCDxOcX/YM2Vybyq/kmt:n7XTpeauI/Thri1CKWM4ldRzurwkTO0D","tlshash":"cea2b6d61007243d57ead1a13929f7d63177ea98a0caec8a7de91f84d414c83f3f294a","first_seen":"2025-07-30T15:25:28.733337Z","last_seen":"2026-04-22T10:53:35.712495Z","times_seen":6529,"resource_available":true,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gpteng.co/mcp-widgets/v1/fonts/CameraPlainVariable.woff2","fqdn":"cdn.gpteng.co","domain":"gpteng.co","tld":"co"},"ip":{"addr":"104.18.29.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://yumi-finance-leap.lovable.app/","date":"2026-04-20T10:52:36.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gpteng.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Apr 2026 20:25:47 GMT","end":"Sun, 12 Jul 2026 21:25:38 GMT"},"fingerprint":{"sha1":"B5:C2:5D:87:D7:51:E0:73:8D:83:C4:92:3B:A5:57:F0:18:C3:10:15","sha256":"B7:2A:6D:36:CB:2E:C6:82:0E:25:CC:93:EE:AC:6C:04:54:D4:F1:4C:15:85:D1:44:FB:0F:51:54:CB:A0:39:00"}}},"request":{"raw":"GET /mcp-widgets/v1/fonts/CameraPlainVariable.woff2 HTTP/1.1\r\nHost: cdn.gpteng.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://yumi-finance-leap.lovable.app/\r\nOrigin: https://yumi-finance-leap.lovable.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:52:36 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 133760\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=14400\r\nserver: cloudflare\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\netag: \"c48bd2439e2921fc4d3aaef0e57446be\"\r\nlast-modified: Wed, 10 Dec 2025 13:46:40 GMT\r\nvary: Origin, Accept-Encoding\r\nset-cookie: __cf_bm=GkoeUjYC1DbiDiHs5x3eyM55l.NH8y6ZmIrje67.Q5A-1776682356.577453-1.0.1.1-rtdYpwmcpdlV10LcSWojV7LEv6u6Z7ajpnjRJ9varYhDHgNalgqL_MFxFIvlA7.JDcc3VklPHRF_OhAr3FeuundxPEs2ojYk5u4FaCbzgHd2krLH6okrrU7UpHdplunP; HttpOnly; Secure; Path=/; Domain=gpteng.co; Expires=Mon, 20 Apr 2026 11:22:36 GMT\r\nexpires: Mon, 20 Apr 2026 14:52:36 GMT\r\ncf-ray: 9ef399b89df5b4f1-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":133760,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 133760, version 2.0","md5":"c48bd2439e2921fc4d3aaef0e57446be","sha1":"396596764aebbe25ba1c45f19091f48a7e17a9e5","sha256":"0f4491b0f9f6b9c3e6054a9f0036583e3978fd3a8d8f49ba5da05d63cf875cbb","sha512":"cb9ff1ede5ea280e8586c3e6e84c68685b3749fa492fb1babef3d0bb72ab1b095b1c00531554ead12e31139f226c7aa96399b11fd6ae256ea134639d98d95b64","ssdeep":"3072:OWSP0iIzCkvibLej77I/9GRBm7Xy2TJ46tNP7HlgXffTp/CGZ7YpV/z:OdYGkviXe7l87C2XtBC1/CGin/z","tlshash":"d9d3123e2ad0e463aba505b13a7f65808a2e5f11e3c773c145b274cfd5302a8236da7d","first_seen":"2025-04-23T20:37:12.507957Z","last_seen":"2026-04-22T05:34:28.914998Z","times_seen":584,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":54,"dns":35,"connect":1,"send":0,"wait":63,"receive":6,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yumi-finance-leap.lovable.app/assets/hero-bg-ezm4482e.jpg","fqdn":"yumi-finance-leap.lovable.app","domain":"yumi-finance-leap.lovable.app","tld":"lovable.app"},"ip":{"addr":"185.41.148.1","port":443,"asn":61207,"as":"Hostek AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yumi-finance-leap.lovable.app/","date":"2026-04-20T10:52:36.707Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lovable.app","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Apr 2026 17:48:26 GMT","end":"Wed, 15 Jul 2026 18:48:10 GMT"},"fingerprint":{"sha1":"47:E0:53:E5:D8:75:D5:4F:81:E8:A3:59:B3:EF:A7:86:98:7A:86:13","sha256":"67:82:3B:B1:04:22:D5:15:77:C5:06:B9:83:99:A2:B9:D8:E3:88:2C:E1:25:5D:8D:E6:19:7B:9B:8A:9E:13:74"}}},"request":{"raw":"GET /assets/hero-bg-ezm4482e.jpg HTTP/1.1\r\nHost: yumi-finance-leap.lovable.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://yumi-finance-leap.lovable.app/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=Dxu5kOhepeMs2gfOXkZzXdko0xYHlvW9ySMp8BS.xtc-1776682355.6717157-1.0.1.1-gKnCZGOMYliZttpf9MMn7GDDui0bbu1Bsm_wBbziQnQSJ_u65x7Y2sza4fuATD_.RpodyrtLDy_9H9S1kr030qgJH44c43eR2jeXcPrqXbrmUXP.UIS2U3JZQX9GjU6H\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 10:52:36 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 98409\r\netag: \"9482d3b998a7c9a7d57dd2ca341f14d0\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9ef399b96feba0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":98409,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3","md5":"9482d3b998a7c9a7d57dd2ca341f14d0","sha1":"255b0931ff6424ff8960bfa680f09e73f3c7fffb","sha256":"afd33ba8ae5a07c384e9478ccecc417759844c4ca48d9babc55ab8a1851146c5","sha512":"ae987e3ad7e85685296b578404f877e83818ea919a92cfdb3483e4b47f28f7d287e6ed482a68f437860e379f7d31f3ca06b70c2aa5835b66a109870f2638e8a5","ssdeep":"3072:aOjCHAYAelJvoNTQy1H/ju7Hp8eQ2pCjadOHn4gI/C:aOjCgneLgTL/ju79pKIOHYq","tlshash":"e5a3e137ad19a6834a69c3f4bf828ded4a113b1de8e235d66927ebc734546001c0b5fe","first_seen":"2026-04-20T10:53:00.504957Z","last_seen":"2026-04-20T10:53:00.504957Z","times_seen":1,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":240,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"yumi-finance-leap.lovable.app","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}