{"report_id":"9f3a0adb-50e0-450b-9a4d-e1d10d775825","version":6,"status":"done","tags":["suspicious"],"date":"2026-04-28T13:26:51Z","url":{"schema":"http","addr":"lumapad.org","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"104.21.0.101","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"lumapad.org/","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"title":"Luma Pad - Multi-Chain Meme Launchpad","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"lumapad.org","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"104.21.0.101","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T13:26:51Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":2,"analyzer":2}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T13:26:33Z","timestamp":1777382793,"ip_dst":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":39600,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T13:26:33.519675+0000\",\"flow_id\":1073796409279550,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":39600,\"dest_ip\":\"149.154.166.110\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033967,\"rev\":1,\"signature\":\"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_09_16\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_09_16\"]}},\"tls\":{\"sni\":\"api.telegram.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":4500,\"start\":\"2026-04-28T13:26:33.476222+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-04-28T13:26:33Z","timestamp":1777382793,"ip_dst":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"ip_src":{"addr":"Client IP","port":39608,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)","source":"{\"timestamp\":\"2026-04-28T13:26:33.522523+0000\",\"flow_id\":578887327761621,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.6\",\"src_port\":39608,\"dest_ip\":\"149.154.166.110\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033967,\"rev\":1,\"signature\":\"ET HUNTING Observed Telegram API Domain (api .telegram .org in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2021_09_16\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2021_09_16\"]}},\"tls\":{\"sni\":\"api.telegram.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":789,\"bytes_toclient\":4500,\"start\":\"2026-04-28T13:26:33.476373+0000\"}}"}],"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-28","alert":"Detects file containing Telegram Bot API","trigger":"lumapad.org/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-04-26T22:16:47.246638Z","alert_count":0,"request_count":3,"received_data":115257,"sent_data":1639,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-04-26T22:35:53.043088Z","alert_count":0,"request_count":1,"received_data":209296,"sent_data":413,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"api.telegram.org","ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"domain_registered":"2003-12-15","domain_rank":206724,"first_seen":"2015-06-25T10:09:00Z","last_seen":"2026-04-25T19:53:17.008627Z","alert_count":0,"request_count":2,"received_data":745,"sent_data":1115,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-04-26T22:20:29.825994Z","alert_count":0,"request_count":1,"received_data":11903,"sent_data":499,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"lumapad.org","ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":15,"request_count":13,"received_data":982115,"sent_data":5712,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Chart.js","description":"Chart.js is an open-source JavaScript library that allows you to draw different types of charts by using the HTML5 canvas element.","website":"https://www.chartjs.org","common_platform_enumeration":"","icon":"Chart.js.svg","categories":["JavaScript graphics"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2026-04-27T05:48:26.405059Z","alert_count":0,"request_count":2,"received_data":815995,"sent_data":814,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api.ipgeolocation.io","ip":{"addr":"116.202.166.112","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2018-02-26","domain_rank":221461,"first_seen":"2018-06-28T11:07:23Z","last_seen":"2026-04-24T00:53:05.517562Z","alert_count":0,"request_count":1,"received_data":1781,"sent_data":475,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"lumapad.org/","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"97c69deb92c86be870a1f74f33268d80","sha1":"08b3cbb4bb4aadd63db98caac34970b8e452f4cc","sha256":"65ce00eae03e52bc710f462f5da9cb26cb6a44663cc38d685fc85887e45977cf","sha512":"d50e56bef3f08d8929aefa41f0d39441a579bdf145fc1b9734cf4cbe19f5270563f418dcae832a74a3158969252b986154ba36f4080451e94baf4c8c06b2828d","ssdeep":"","tlshash":"5cc02221c1b84ce08d1c20ab203c13842160145f4151208ac3fd8c8e0c88e809a84814","size":186,"data":"","first_seen":"2026-04-28T13:26:57.12073Z","last_seen":"2026-04-28T13:31:51.971545Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c55c763a99694d719e93c858b84d0767","sha1":"c7eb46006faf6fe5fd0fb5fd644d34f0870120fb","sha256":"11f42de383a06ca4588ff6e7971733209b306df9ee73d17baeb4d8f5ed92d02c","sha512":"a285fe1d934630111068f13e1689553430c935641efd241ecd75e32334d08039c992c2a7f489baded0f3f58492f994d4b7da206b977745971d6a06a12b68991d","ssdeep":"","tlshash":"6e31b8fd19f20623454370e9c1df0224383988d36c2b3cba3a8e14468f8e48c96fa76c","size":1447,"data":"","first_seen":"2026-04-28T13:26:57.122248Z","last_seen":"2026-04-28T13:31:51.972683Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"2fc683a1c4ed499f9cfe5031dbbbe3d1","sha1":"cf7ba8da2ef5e8b9d3550853ddaa9aff4dfca307","sha256":"6f9023eda2aef37de8bd40ad91a8db7845ea1c80dd4358ad048f587ad829ab05","sha512":"8a1b6ff77aa7bac37aa2511ff296b04284219454aceb45ff25f750ef485236979d4deb5d3f1450dfcf333b8ebb4f5b067bdcad4f763129b6fb4c76423371b714","ssdeep":"384:7bKxk0JC5Kni1zWJSuuVlNIZjqD6woGPS66Sa4yxT06:7bKm0JOzWJSuuVlNiKPaV4ATT","tlshash":"1be2b57b7277003169f7d6be2787a258762160037844c804be5c9b441fdbf42a97bbe8","size":31751,"data":"","first_seen":"2026-04-28T13:26:57.123878Z","last_seen":"2026-04-28T13:31:51.974407Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-28","alert":"Detects file containing Telegram Bot API","trigger":"lumapad.org/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/i18n.js","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1683c5da97bea22341333cdc98992f73","sha1":"82383baf77f06ca62b9cff53681d079fa33b994c","sha256":"1052589e25c451b05d5f7169a949b6e58a09667a044585854adce083bc9c0c65","sha512":"c21b7d4eb04af3ebc3a79dfaf27443d89a2d09811ff9e1cf4b79a4e71ea534130581184ec0a971ffcf27828b7e98dfa802c7824eda006816f3861ebf86e167c9","ssdeep":"384:sMWNV1ksAQ87+xAobghfy67l9O8w3S7FAFff:sj9LEqAoAfy6x08w3S7+Fff","tlshash":"9f92093ca262016849a709eb36e82b9173085c43efd33468772dde286f5d55f913b6bc","size":21099,"data":"","first_seen":"2026-04-28T13:26:57.072773Z","last_seen":"2026-04-28T13:31:51.969734Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"860fb87d51beda18cc5a2ba13fc6acff","sha1":"733ef02139ebbbd5ccf4c94e66afd03dba6c2d4e","sha256":"300ab927deab954f8c64cf8a118825109bc94c596a417c4f2ddefcafe8acb35c","sha512":"71894376027a8bb19bc68e3427790979ddfa94aa52761b6cae372d2a47961bcc684b03b0820b8b0cd9b173fea8d16c97b0afa7895768f22a213e23ce083ce9c6","ssdeep":"","tlshash":"ad9004451c57d07101f441414343f354fd0000000055fcd4d44cc17c7c0170f0d0c1d7","size":45,"data":"","first_seen":"2026-04-28T13:26:57.125387Z","last_seen":"2026-04-28T13:31:51.975681Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f276657649dcfb20c95ad025ced24d7f","sha1":"fbab0d276e90f51836a8c25ba758770bb5510171","sha256":"80a90eb1cc931e33dd1cd43d60793a670ada82c4a3e52bd7427054b885a0225a","sha512":"eb474be5f13939db5fae9ddcf634d444fc15c225d67364f5e9c7ae65f4e2e6a3a682502ddfdb9a543a1dbc1663f7e9c1412329137934feb384423d1df2dfa56a","ssdeep":"","tlshash":"7811e1d235a9efd609a896d9c16f9180f398ec7c405cf194d398c4bad5c104631e1fb3","size":1000,"data":"","first_seen":"2025-01-07T08:01:50.051384Z","last_seen":"2026-05-07T05:02:40.483732Z","times_seen":793,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"56849e5c67ce4273e3683d4c839b8b95","sha1":"63625e2e2cf050b18c1f5d0fcd3eef43fdc441a1","sha256":"04937b89168917aed25a735d8f61d080d1df94e623e1d800fe6e2eb739f2fd7e","sha512":"2a29285fca1a55ccee8a671f1bd85b841038b86a99cf22343b90c8266ae03c3ba401bc988890feb504ec06d0960401f69c094161a576f3afe8df2eec051bf2d2","ssdeep":"96:MBPX4hkHI1tGV7dOR3sp42S4mlOdtNPdPXPDsT91wrT5Nyn:3kH6te8pR4mlOdtNBDsx1wrXyn","tlshash":"3291313970e6122519a724fbb6c3252ab5adf00be127c044bd5c87447fc4f297aa1fad","size":4611,"data":"","first_seen":"2026-04-28T13:26:57.127609Z","last_seen":"2026-04-28T13:31:51.977238Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4b7b53f25784cc1a76055ed67c1a01b3","sha1":"3d7ba1d50e5c34a059f771e32714bd2a6ccd8930","sha256":"a080cf5d70272af62be265c388090c5ae2197e1f0e97683439e6f17e11496e83","sha512":"d3cd8029807efd4657d88580d58e1fe254661035c948002534120fa441e15ef59c0a98684b6815cfa73a6eb395aae2d4e9c03c901a6886293bb308e4d4b2eace","ssdeep":"","tlshash":"d98173bb317718e06b77a67b1347a3843521a0077d02c660359c9539afd6f08b473bd8","size":3951,"data":"","first_seen":"2026-04-28T13:26:57.129035Z","last_seen":"2026-04-28T13:31:51.97853Z","times_seen":2,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-28","alert":"Detects file containing Telegram Bot API","trigger":"lumapad.org/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"lumapad.org/i18n.js","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /i18n.js HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: W/\"69ee12ad-5275\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=3,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kJsnnB5F%2Ftw4akRa%2F5faFGhrgpFIpHOQKenGimSjcomd3nTjG37XRgxNESXTy7Mo717ewU15AFdUOexsXs4iagjnxhgGES17WXOlFDdAYASt122tTdd8G0%2BfX5GMRw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9f3666222f6bb51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21109,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"1683c5da97bea22341333cdc98992f73","sha1":"82383baf77f06ca62b9cff53681d079fa33b994c","sha256":"1052589e25c451b05d5f7169a949b6e58a09667a044585854adce083bc9c0c65","sha512":"c21b7d4eb04af3ebc3a79dfaf27443d89a2d09811ff9e1cf4b79a4e71ea534130581184ec0a971ffcf27828b7e98dfa802c7824eda006816f3861ebf86e167c9","ssdeep":"384:sMWNV1ksAQ87+xAobghfy67l9O8w3S7FAFff:sj9LEqAoAfy6x08w3S7+Fff","tlshash":"9f92093ca262016849a709eb36e82b9173085c43efd33468772dde286f5d55f913b6bc","first_seen":"2026-04-28T13:26:57.072773Z","last_seen":"2026-04-28T13:31:51.969734Z","times_seen":2,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lumapad.org/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::md8nh-1775101186152-d45e2b42ab64\r\nlast-modified: Thu, 02 Apr 2026 03:39:46 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nage: 2281602\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jL6tWkmxW05g%2FEgkhMddMIW4RmMUT6s7U2B7N2tjXxSaoNfprKZ3AXXvx3dTu%2FG9bSQ1Z3uYhgkZaNayOm55OqS%2FOm%2Bv8CxEEP6l5zBQ2ziOTcqRIgfyudq2qDxYlVx8adg7aAI%3D\"}]}\r\ncf-ray: 9f36662298b10b69-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-05-07T10:59:07.125027Z","times_seen":35092,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.ipgeolocation.io/ipgeo?apiKey=4f9c306ff32e41fc8a3054fe7a827a7d","fqdn":"api.ipgeolocation.io","domain":"ipgeolocation.io","tld":"io"},"ip":{"addr":"116.202.166.112","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:33.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ipgeolocation.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Fri, 17 Apr 2026 06:09:56 GMT","end":"Thu, 16 Jul 2026 06:09:55 GMT"},"fingerprint":{"sha1":"80:F7:7A:06:41:D7:BF:82:50:DA:C3:45:7B:7D:DF:F1:78:F3:8C:0B","sha256":"81:29:F3:8E:AD:08:CC:9F:DD:D0:45:DA:65:DC:EB:3B:5D:57:23:C8:B0:45:30:5A:79:5A:00:7B:6D:B9:6E:09"}}},"request":{"raw":"GET /ipgeo?apiKey=4f9c306ff32e41fc8a3054fe7a827a7d HTTP/1.1\r\nHost: api.ipgeolocation.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lumapad.org/\r\nOrigin: https://lumapad.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.18.0 (Ubuntu)\r\ndate: Tue, 28 Apr 2026 13:26:33 GMT\r\ncontent-type: application/json\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\naccess-control-allow-origin: https://lumapad.org\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":1477,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"f61a0de8efe38402e59faf08ee061795","sha1":"75bcc753476dad9f2a099111b6928ea80cff260d","sha256":"ef383986070335813004105f58b8d06b9819ec365e5a33e786b8a879528fba6e","sha512":"1653e62e1343b9a0c5c50f43bf20d1bee78017e5fbee4dff6f582848135d186b372519140e205d9279920b98a5c3c3baffef5cf39ed0c8ad03db53085a5ee39f","ssdeep":"","tlshash":"9031f01c41a9ed6e98f702c0b21d6f6b2579610382c54e43af9def8dc14829ea245355","first_seen":"2026-04-28T13:26:57.085318Z","last_seen":"2026-04-28T13:26:57.085318Z","times_seen":1,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":115,"dns":36,"connect":36,"send":0,"wait":36,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/founder3.jpg","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/founder3.jpg HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 25852\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-64fc\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rW1s3FcCWII%2FyjRCJujgR9WJq3Y7xcicivFhLHwAUTCost1CbMfkeqTbYRDm7MbjxdStCFX5oLpyrYQn0%2BaGpyK5Aa48vhrfWCqr9VOzddG3iWBo8KHe1PFflx1IRg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3666222f69b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25852,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced","md5":"8f4c0f02339f8927e43ad445abf74f79","sha1":"a6d861610ab31a9bcb01c0884b1ddf6c3ec983a4","sha256":"ba2d42de77fc8a57525ab9eec96d6ea2669a73ae844c5b01b1e0b4441cc6ea97","sha512":"614a7a84b07f1f3da4b41df2c77234d99c9137d6eabb939502a61ac93069df45f303e93784a8d9a0640d1c6c3dc7e39bc8b3eb3632e14dde4590be49a0e437de","ssdeep":"768:6YLNhbvihQ06CVWq6KKuryYRco+tkcmG1xyCJUsfcH:6o2v6q6KKMi2ZG1ox","tlshash":"3bc2e0944a82799bea391d7c94e56cb9d0703333c3dcabe5ed604d3ec872ea4176b148","first_seen":"2026-04-28T13:26:57.087826Z","last_seen":"2026-04-28T13:31:51.958782Z","times_seen":2,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/lermess.jpg","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.466Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/lermess.jpg HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16648\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-4108\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rR4ZdXkiJJgaYiwHkIrv5eSBZke3Me%2FbjPU0B50b%2FUiw0KmT%2FK9F4T4nRqY%2BLWlP0lKeomRxD%2BC0axu0EKbykHYQCZEzvz9gWEVmXRYug7Fyyxlxj31kWb08faR9gw%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3666221f63b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16648,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"6486d162c1b3bc3e6958e2509c488dbf","sha1":"3fe1542e520b072818929066d568cf5693fa4cfb","sha256":"3076fa3e212b00a447d9a9889bea5ec24aad0637bf52e99a552d79794ae2fe50","sha512":"6fa91a9e3b95deca786753352d89e7293fc8a5bfffb37fbeb2858d84e07b8d75a3dc3b9250c443f0b81f4e01d72666706db9aef96e348275cce68e8779a255ac","ssdeep":"384:sh7OqO+7vg4zlB62kXjXG1BWAW3yZIfSqIP1Jrp7EctChuEe:oOq74Gl4jW1BsiS6qQ1NlmhZe","tlshash":"5f72d03f03f52e49c11c9b36993053e75b566d388a0ded9e2ab6c3d6736ecc06c44a85","first_seen":"2026-04-28T13:26:57.090995Z","last_seen":"2026-04-28T13:31:51.96124Z","times_seen":2,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/mirae.png","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/mirae.png HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 8568\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-2178\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dG3nqb6YWPTJyJI0DCLNIwx1lyCk9IYLZmQHNE%2FqGnXjYHmQ%2BvlRNX5a%2FM7R4P4GjiSg2j%2BjLV1PNKHx6%2B3e%2FfVzw%2FTFG%2FJrHfqVM04e5ZbTAh8yVWwuAZlpMl4sWQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3666221f65b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8568,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"60da47e47a9ca7cbd097d80cbcc301ca","sha1":"a0c67b1f790b93479f3b914e6174033f83f318c9","sha256":"94038679e8b155865ff050bceee9711d31dd19f99a9134e65fdf543a9c3a6162","sha512":"10b930a88fffab67d843e981c1e3f8a0297e85ebc125894e5fbe9aacfdd14420a255cd28d3bcf66aa604d654fdd7ed7c406537958538b420bff9f83493210495","ssdeep":"192:s1WVFxurNY/fsJAfRB5qqoBV8IjQgWUIO19cfmUAb6gtnp5hsV:s1A0rgk0GV8ckOAfmUKtnQ","tlshash":"d802aec05b40c1edeb6cafb070640b01a7ba7d139dc0b765d9849939bbf06b2ca040da","first_seen":"2026-04-28T13:26:57.093969Z","last_seen":"2026-04-28T13:31:51.946339Z","times_seen":2,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/founder2.jpg","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.472Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/founder2.jpg HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13705\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-3589\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4hZONehDZ2%2BJ1m2uJ6tilnfS0bbzGvdSIHMFR%2BcQ8bH%2Fha15NwtsSJRji6%2FBwvUUF1S5LjuNIFHp3mKxoBqGDLLrT1%2FiKdrJtqzy2UiYiKzp0rwWZGM5t6v8C%2BhtTA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3666221f68b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13705,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3","md5":"bb55dfde2135738ea87690dc7bc1951a","sha1":"a37375c4b2ca24585cfcaa0d927eb02ffab005db","sha256":"c143f75782bad6b25d37c030db2814856272a7352ef157178b64a873f4946c82","sha512":"44f5ef0a70836f8fb940d3b9d23d8ed055e7cbff3768e9a0773f035cd5dd7e7ae2241a1fe0a61504e20315dd7568a11da1808bc81c17fcc4089dbc9c755dc3cb","ssdeep":"192:sxtjO83vO/ATBCS5GCxJkLV664yZ00uKQFRnTBLMA0ZE7Zr+nAcLZY7oKC9q:sbvO/qb53f64y8KmRTBwAYExWFY7oXq","tlshash":"3752bf175fad8e0bf68c9b74071c1718a7c09d295a47d66126c235300fb8ec6bc8aa5b","first_seen":"2026-04-28T13:26:57.096562Z","last_seen":"2026-04-28T13:31:51.953119Z","times_seen":2,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:30.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:54 GMT","end":"Mon, 22 Jun 2026 08:36:53 GMT"},"fingerprint":{"sha1":"89:20:2A:2D:A3:02:EE:53:E4:CE:46:31:49:99:9A:9E:B0:E7:B5:19","sha256":"23:47:72:09:4E:47:52:14:EB:06:36:94:9D:9F:8D:66:FD:E8:20:45:1A:16:A2:2A:C5:F5:B8:7C:2A:41:2B:61"}}},"request":{"raw":"GET /s/rajdhani/v17/LDI2apCSOBg7S-QT7pa8FvOreec.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://lumapad.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15688\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sun, 26 Apr 2026 10:53:22 GMT\r\nexpires: Mon, 26 Apr 2027 10:53:22 GMT\r\ncache-control: public, max-age=31536000\r\nage: 181988\r\nlast-modified: Tue, 16 Sep 2025 03:40:35 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15688,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15688, version 1.0","md5":"d5448938a162ccb434b09f4572c0191f","sha1":"be9eae3d1d9f4fbd2208e0fd3c871b17b65b6516","sha256":"5b7e4a6f97163c2636724d4de90304fc895653dcfe64c67a7a22f26331ca5c5f","sha512":"df0245084768642738387f7a0daa11c4bd0109617c4120bfd88083c30d686ee2bd327e426ce0d9ee1f50839c5e2890f8a2a2d7acce3705fe8fa324fe623ad942","ssdeep":"384:Bktl5HsgImpL/2gZDAMAyNWE3pZrsjyb2mf+X:Bkl5MgDpT2g5AMtswpZZ2mf+X","tlshash":"7962c046a5a6b998f4d4ecfb0086542c19bb5ca11c6230f3c719356f5bd3e75cee4540","first_seen":"2023-04-14T01:29:53Z","last_seen":"2026-05-07T10:02:33.049415Z","times_seen":4193,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":93,"dns":1,"connect":15,"send":0,"wait":16,"receive":4,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:30.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:54 GMT","end":"Mon, 22 Jun 2026 08:36:53 GMT"},"fingerprint":{"sha1":"89:20:2A:2D:A3:02:EE:53:E4:CE:46:31:49:99:9A:9E:B0:E7:B5:19","sha256":"23:47:72:09:4E:47:52:14:EB:06:36:94:9D:9F:8D:66:FD:E8:20:45:1A:16:A2:2A:C5:F5:B8:7C:2A:41:2B:61"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://lumapad.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 01:42:27 GMT\r\nexpires: Fri, 23 Apr 2027 01:42:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 474243\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-07T10:57:44.154861Z","times_seen":169260,"resource_available":false,"data":null}},"time_used":356,"timings":{"blocked":167,"dns":1,"connect":28,"send":0,"wait":16,"receive":6,"ssl":134},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/metanet.png","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/metanet.png HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:30 GMT\r\ncontent-type: image/png\r\ncontent-length: 471714\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-732a2\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mZObzycUD0zgex0jibRWxVNNWLNM1rU1C%2FyIVNirmF%2FZwo7ZqDtIZ4VmFs3VVFM81Mb%2B6cuSGq0drwqv31TTThBiOCahhWSQXS7gbWQBEMeTRaCn0pKlwpOLJsqn3A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3666221f64b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":471714,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1826 x 1826, 8-bit/color RGBA, non-interlaced","md5":"9de6869573bd66fa7f406fdc97ef12e6","sha1":"759c0428a652db05751c5fef3bfcc742a1e1d7fb","sha256":"3e5a2dfac1ddbc75d08042795d52fd5e29d27c316f51a2eb351cd14f21dbec8f","sha512":"c130393e3bf658fa8e9510792daa0c292ac7e8dec5f980837022dbc7b2b01c08bcd07cbdb568a4a626682afeab1b04c60f5272a19e94b260b38346223d96cf20","ssdeep":"12288:Olzi+mcR2hV9SbehKXipq2HIMRDtveH8AMEPl:OlW+mRJhKXicsRDtveWE","tlshash":"41a412addac8fb57ce88013922fd6147b33768b7a2f71e9c3314c5a36d8697886510d2","first_seen":"2026-04-28T13:26:57.10088Z","last_seen":"2026-04-28T13:31:51.957505Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1553,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1314,"receive":239,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/hacken.png","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.469Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/hacken.png HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 24502\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-5fb6\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ljQ9%2FYJu9YgihbiydsNYYG5ZdMRA1BuMfnCD3ESKqpScoQ2UHKqFkNRAhRzAjjHG78V4I3JLIWrQQq1YBEj6qftWJbEPn46QhV1G4rJLh32bHI3ALzmTR9pQJKIWWA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3666221f66b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24502,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 900x900, components 3","md5":"19d842a76f9e3336e3c07113835fa23d","sha1":"f12bde885d7195897f108602a7a2e9e0e80ebf5b","sha256":"b62b2a6244fde574f62ad69a6e57a7004fd17a66fb5b0d701a12ca21d0386563","sha512":"79a86a9ce76696d1dc3144c733d4063a4927e612e075015e17b1f415be587179517a67cbeedd79075158903c5d92c17ddbf2b85b4a6f9d6c0d34b969d24138df","ssdeep":"384:0wDxoDTzTztz5RRMTaRQv6BjHJESHWE4ghhiOloMOmuuDz8qFVIyFwwIyxYt5hp:xloD//1pMTcQeC7E4g3iOloHmuuswIye","tlshash":"a4b29e29530ddde3f50e0bb7a8c19b5cdf2736b2948bb3d7010d9a48c55b9884a673e4","first_seen":"2026-04-28T13:26:57.103192Z","last_seen":"2026-04-28T13:31:51.962171Z","times_seen":2,"resource_available":false,"data":null}},"time_used":267,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/secureproxy?c=%2Fipfs%2FXMnSds4AqP-yuDWpagkhFQfe9b760e7308200eafd0177b6904b08d%3Ft%3D1777382789431","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.459Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /secureproxy?c=%2Fipfs%2FXMnSds4AqP-yuDWpagkhFQfe9b760e7308200eafd0177b6904b08d%3Ft%3D1777382789431 HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 523 No Reason Phrase\r\nretry-after: 120\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nexpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nreferrer-policy: same-origin\r\ndate: Tue, 28 Apr 2026 13:26:30 GMT\r\nx-frame-options: SAMEORIGIN\r\ncontent-length: 7165\r\npriority: u=3,i=?0\r\nserver: cloudflare\r\ncf-ray: 9f3666221f62b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"523","status_text":"No Reason Phrase","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7165,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (555)","md5":"ecd6381fd9f478c95b22ee377e9267b7","sha1":"bbd289c3d12690a2fbf1f2df551d1792870853fe","sha256":"111b99d1f474bab4732e8cf7408766c44f1b762d528071c38ef5c1925a276719","sha512":"6d05bc7dc27ebcde528375aa691307842af10be3f6fd979265264c40dc9133c8aa12543c9e985dad962a8e31f7a678789aaee009677255a8f0483f223b1fc4a7","ssdeep":"96:1j9jwIjYjeDK/D9KUZG4Fh8/G4Fc0424F3r+skKmomH1XnMSO7RLlmaQxP:1j9jhjYjqK/B1eS5VL2jO71lheP","tlshash":"41e15572b1f5127a109381d23595fb5abae0c213caef4494b7dcc6632f9ef81e903694","first_seen":"2026-04-28T13:26:57.105383Z","last_seen":"2026-04-28T13:26:57.105383Z","times_seen":1,"resource_available":false,"data":null}},"time_used":623,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":623,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/chart.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/chart.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 4.5.1\r\nx-jsd-version-type: version\r\netag: W/\"32e8a-y1VYFBBM+4v4jk0bIQM7SVw8Wnc\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\nage: 20635\r\nx-served-by: cache-fra-etou8220052-FRA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 71722\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":208522,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (56990)","md5":"e6452e2b454b091f857a45cce7624eae","sha1":"cb555814104cfb8bf88e4d1b21033b495c3c5a77","sha256":"48444a82d4edcb5bec0f1965faacdde18d9c17db3063d042abada2f705c9f54a","sha512":"5a85622a1283e2a2365abb9266abfdfa4bcce167c585431008b3784250d3b79694e7a7cb432da0628c5622a9449d7a89cbff80739abf864d6859faa730387030","ssdeep":"6144:Iy2IGjjkD/6w7tKuhSGmexa2FiKqU/1eFRQ1T9mkb0h3N+2HJ8l/mXI:v+kD/6w74uhSGmexa2FiBeeFRQ1T9mCH","tlshash":"3d14f5d53342b12282e256d2583a050ae33666483547899cf6bc5ddf3c6a98b71fff38","first_seen":"2025-10-13T17:57:35.280368Z","last_seen":"2026-05-07T10:50:59.807168Z","times_seen":4212,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":60,"dns":1,"connect":26,"send":0,"wait":27,"receive":33,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.telegram.org/bot8502763376:AAH8xVL7ND282mFtv3PuWd_LKOOMrozAUmI/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:33.686Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Nov 2025 15:14:09 GMT","end":"Sun, 13 Dec 2026 15:14:09 GMT"},"fingerprint":{"sha1":"EC:27:13:72:1E:6C:94:9F:47:59:A4:24:4F:AB:9B:02:E3:6E:54:41","sha256":"64:47:03:9A:C9:ED:B9:03:8C:07:6E:AA:3D:BF:75:4B:4C:C1:4E:C1:A5:8C:83:2D:3E:FD:0C:E7:F7:82:C2:71"}}},"request":{"raw":"POST /bot8502763376:AAH8xVL7ND282mFtv3PuWd_LKOOMrozAUmI/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://lumapad.org/\r\nContent-Type: application/json\r\nContent-Length: 590\r\nOrigin: https://lumapad.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 400 Bad Request\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Apr 2026 13:26:33 GMT\r\ncontent-type: application/json\r\ncontent-length: 56\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":56,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"d948d5845276032d39194409db9ad97b","sha1":"475fe4e71224df85d494e34e0cb8ed799afcdb0d","sha256":"a0a1e0f24b392c6da875c10977d169497a47f669b7e671e62330e125a56721fb","sha512":"3e538a78d85dc32eb47db705c97d627ed8851f6dd87904e2e39aa1d5357cdeaea2a7746fc2ccddbde9bcbcab66ddcceff4ab5cf8db169c49e0f81c592104c67f","ssdeep":"","tlshash":"22900244098ed56744da11605935954855b756b8641964404d95611d56421ea58f240a","first_seen":"2023-07-28T20:34:41Z","last_seen":"2026-05-07T00:16:27.046418Z","times_seen":356,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/image.jpg","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.471Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/image.jpg HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 27786\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-6c8a\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CREmGfGaaqNODl51ocjANd3O496NFvrlqemKMqmsYX%2BLC7Wq5%2FY9xIMLVih%2FeEb19%2FX%2BONPtAUQVn%2FzpRThotIvvdHB%2FwqV%2BhGcEx73U3BsJOy8%2BiTl1eebnw1frGQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3666221f67b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":27786,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"2f8f67f7ae5c590fa0112f4b5ec09cc8","sha1":"ed8b9791d412a501aa7cc8f7d028ee1c29d3504b","sha256":"254f244537973ffcdd7b594e9eb44d23933f756350f21f669d8c5cac793af8a7","sha512":"69d95f9844d0e8acbee230288795bd62782c56686a6e678e12cf5ec4be38c007b05779dc1911886de93893a0caee227a9959f55daa2110a93288d344966436a1","ssdeep":"768:/ZYM3ZdtO/MbHLGE2iJrAzfnIwa4Tk5rN:/ZBPbrG8aIwa4TIh","tlshash":"bdc2e1e082a86385f10dc933681462b075ba365a5adf039572c1e126b7deff568fb601","first_seen":"2025-12-20T07:10:56.906473Z","last_seen":"2026-04-28T13:31:51.967499Z","times_seen":4,"resource_available":false,"data":null}},"time_used":285,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":248,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/favicon.png","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:31.413Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/favicon.png HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 753\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-2f1\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1bzEqYrD8IOEIqeRnSZAhcVATYYSyHnsXPlhBZT70spg8b1tBRYDQQpM9zY4zJr3LXWfd7dnv5EQHpEdU8z7VVZuXHiTL8N2FyM61BIU%2BVrV66H3hjqjaabh1SQV1Q%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9f36662e5fc4b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":753,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"57a873bcff68837a393a7f9e04f9730b","sha1":"72b9089a4054ebeacd73f2376d680040568b3a7f","sha256":"8790b224334093a2aa4ddad65106c8c8350e2f302996ceec24ee966ab68f0488","sha512":"6f5fe5f8f09347d2b3c8f3d2164697caf33a47ced80b4c85a6b44065304ac5080bd077ee21ce5df20bf8b56c7ede320ec2b1998a572dfd60ab79357527f7810a","ssdeep":"","tlshash":"a4012085ab61666ab45a458024580699ea300e243f3f364a50df8c6a7af05bcc0877b8","first_seen":"2026-04-28T13:26:57.112705Z","last_seen":"2026-04-28T13:31:51.96428Z","times_seen":2,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.telegram.org/bot8502763376:AAH8xVL7ND282mFtv3PuWd_LKOOMrozAUmI/sendMessage","fqdn":"api.telegram.org","domain":"telegram.org","tld":"org"},"ip":{"addr":"149.154.166.110","port":443,"asn":62041,"as":"Telegram Messenger Inc","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:33.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"api.telegram.org","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Tue, 11 Nov 2025 15:14:09 GMT","end":"Sun, 13 Dec 2026 15:14:09 GMT"},"fingerprint":{"sha1":"EC:27:13:72:1E:6C:94:9F:47:59:A4:24:4F:AB:9B:02:E3:6E:54:41","sha256":"64:47:03:9A:C9:ED:B9:03:8C:07:6E:AA:3D:BF:75:4B:4C:C1:4E:C1:A5:8C:83:2D:3E:FD:0C:E7:F7:82:C2:71"}}},"request":{"raw":"OPTIONS /bot8502763376:AAH8xVL7ND282mFtv3PuWd_LKOOMrozAUmI/sendMessage HTTP/1.1\r\nHost: api.telegram.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://lumapad.org/\r\nOrigin: https://lumapad.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\nserver: nginx/1.18.0\r\ndate: Tue, 28 Apr 2026 13:26:33 GMT\r\naccess-control-max-age: 86400\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: content-type\r\naccess-control-expose-headers: Content-Length,Content-Type,Date,Server,Connection\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-07T10:57:30.943449Z","times_seen":14782693,"resource_available":true,"data":null}},"time_used":408,"timings":{"blocked":193,"dns":26,"connect":21,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/favicon.png","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:31.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/favicon.png HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:31 GMT\r\ncontent-type: image/png\r\ncontent-length: 753\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-2f1\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=QexG2sXIrZ9r4G8Lb5Y6HJJq0YAdQ81GHDsKD4nlz8woCmPhMkHsAJulfyGtnd2JM03mHdd7tixKw12ekp8fBpCkpU%2Bs%2BFOnQj0rTbr17r73L6QLNTHJPa5QafNZuA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\ncf-ray: 9f36662e5fc3b51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":753,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"57a873bcff68837a393a7f9e04f9730b","sha1":"72b9089a4054ebeacd73f2376d680040568b3a7f","sha256":"8790b224334093a2aa4ddad65106c8c8350e2f302996ceec24ee966ab68f0488","sha512":"6f5fe5f8f09347d2b3c8f3d2164697caf33a47ced80b4c85a6b44065304ac5080bd077ee21ce5df20bf8b56c7ede320ec2b1998a572dfd60ab79357527f7810a","ssdeep":"","tlshash":"a4012085ab61666ab45a458024580699ea300e243f3f364a50df8c6a7af05bcc0877b8","first_seen":"2026-04-28T13:26:57.112705Z","last_seen":"2026-04-28T13:31:51.96428Z","times_seen":2,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T13:26:28.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:10 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SQZ1h7fzp9m2jUPRJo8FsnGj3txt2FUO5KkQXZheOymvcenuqCox4R%2Bl%2FDyz%2BNUYYkGPxsS2n7DBxNVST1ubTNciks0XK3MBazBxaWIJFA56uxmivFCgB7Ba4Puk4w%3D%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9f36661f4f4449c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Chart.js","description":"Chart.js is an open-source JavaScript library that allows you to draw different types of charts by using the HTML5 canvas element.","website":"https://www.chartjs.org","common_platform_enumeration":"","icon":"Chart.js.svg","categories":["JavaScript graphics"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":186633,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (342)","md5":"8a2e96fb5c4e579e174de716989770c6","sha1":"a606ebeda7609854dd2d7c7d5c63610bf41bda56","sha256":"89b6114409c3952b8aec7dee82e6b1069ed3d0c689029d22f7e3d760cd90480b","sha512":"8b98db112d6046a77383556f7dffeca7ff940a02a2204fb4d22d492d091f7dbcb1911322779667d0254d4f39fc093d48c2430aa5b7dc14587e65ff67dcde9317","ssdeep":"3072:XPcVzGDh4ceWzpwd67c7HMliToVtkX+R5dkNIC:fcVzGDh4ceWzpwd67c7HMllC","tlshash":"f304d97472f205b960d78af5b797af2a7a68d203d90bc408f66c42a11fcbd45dd23398","first_seen":"2026-04-28T13:26:57.115335Z","last_seen":"2026-04-28T13:31:51.942228Z","times_seen":2,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":44,"dns":29,"connect":1,"send":0,"wait":222,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-04-28","alert":"Detects file containing Telegram Bot API","trigger":"lumapad.org/","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:wght@400;500;600\u0026family=Rajdhani:wght@500;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"172.217.20.170","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.463Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:48 GMT","end":"Mon, 22 Jun 2026 08:36:47 GMT"},"fingerprint":{"sha1":"1A:63:7B:F3:04:6F:4C:E4:F3:15:87:E8:E7:FA:DD:B1:F7:7E:89:49","sha256":"5E:36:5D:D1:35:3B:0A:E9:8A:55:91:DC:12:B0:50:4A:AE:D9:A7:97:06:7C:0D:D7:F0:23:3E:8A:B2:08:19:00"}}},"request":{"raw":"GET /css2?family=Inter:wght@400;500;600\u0026family=Rajdhani:wght@500;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Tue, 28 Apr 2026 13:26:29 GMT\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11217,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"ff5db6d049ed2ba5f9c373d4e4784b5e","sha1":"e6532e76e35ea91799457f3e1c9ea0b3beb8b645","sha256":"53dbba86cf1d9630fffad6b652dfe4cdd4312d2907a20889556ee87bb6980403","sha512":"1fb8d6bd6d46bffe4ce50d32e229cff0dafcf2274119dbd167f2ce58b7acd675910b7638ec8613686b3cc7bbab8deeaee501fe376716ed9cf5b6cf789b593f69","ssdeep":"192:9NNIxO34OxDENOPCO3/Nx8NNryfO3iExl2i4vDOHSVeCBL:vXuM0pA","tlshash":"2132ce91042ba400ab931dc223cf7f3abe8e11956445d5796ffd0cc99ceec66436475e","first_seen":"2025-12-05T01:27:41.034117Z","last_seen":"2026-04-28T13:31:51.945589Z","times_seen":10,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":158,"dns":0,"connect":21,"send":0,"wait":36,"receive":0,"ssl":145},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:30.560Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 30 Mar 2026 08:36:54 GMT","end":"Mon, 22 Jun 2026 08:36:53 GMT"},"fingerprint":{"sha1":"89:20:2A:2D:A3:02:EE:53:E4:CE:46:31:49:99:9A:9E:B0:E7:B5:19","sha256":"23:47:72:09:4E:47:52:14:EB:06:36:94:9D:9F:8D:66:FD:E8:20:45:1A:16:A2:2A:C5:F5:B8:7C:2A:41:2B:61"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://lumapad.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 23 Apr 2026 01:42:27 GMT\r\nexpires: Fri, 23 Apr 2027 01:42:27 GMT\r\ncache-control: public, max-age=31536000\r\nage: 474243\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-05-07T10:57:44.154861Z","times_seen":169260,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":54,"dns":1,"connect":16,"send":0,"wait":16,"receive":16,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"lumapad.org/img/referral-tree.png","fqdn":"lumapad.org","domain":"lumapad.org","tld":"org"},"ip":{"addr":"172.67.150.221","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lumapad.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Apr 2026 17:10:18 GMT","end":"Fri, 24 Jul 2026 17:10:17 GMT"},"fingerprint":{"sha1":"A0:0B:F3:4E:3D:38:BA:9B:1B:6B:DF:A5:30:45:DE:00:EA:86:AB:82","sha256":"4E:D2:53:70:5C:95:DF:52:81:0C:40:17:85:F1:0B:0A:9F:B4:B2:F2:16:48:89:27:2E:99:F3:6E:B6:D2:2D:64"}}},"request":{"raw":"GET /img/referral-tree.png HTTP/1.1\r\nHost: lumapad.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 165347\r\ncast-mode: default\r\nlast-modified: Sun, 26 Apr 2026 13:27:09 GMT\r\netag: \"69ee12ad-285e3\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oYnACO6BHEhHx9ggRs%2BJd5v7aXqCL5UwupitsaUDqvBsAPlMBwAseH73cwgY3FqLPddoHd3HpySill6gOKnGoOWRO31Z05sv6Vwxst2HlOHkWagfpogDrJD0GZ2lMQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9f3666222f6ab51d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":165347,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1188x880, components 3","md5":"18ebab0f50089686607bba87ab382c4f","sha1":"99e5fb40bfff4fea7412d3b2b3ae6711e34b03c0","sha256":"4e7ab84198656753125b1baf589ad1b6f017c3eadbabc48a3a2bfecbcd0bdedf","sha512":"09756a13554967f481cd4f25f92bed525a92baea060755a8b1f3dcc7bb00233b804b04ee5930f88ddd3589e39567da30b17271f048b58a1c036be968dc41c17b","ssdeep":"3072:23I60D7i2lYzAudIQ1ki17wLC9xlcBzloPZAiRBraR:2JXzl/XVUsoBzeRVW","tlshash":"68f30243c1216f15266c17f2f9922c9d630b570accd6a7e74a100eafffa83525ccda5a","first_seen":"2026-04-28T13:26:57.118973Z","last_seen":"2026-04-28T13:31:51.963156Z","times_seen":2,"resource_available":false,"data":null}},"time_used":316,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":109,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"lumapad.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.26.2.143","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://lumapad.org/","date":"2026-04-28T13:26:29.461Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 21 Mar 2026 09:41:26 GMT","end":"Fri, 19 Jun 2026 10:41:19 GMT"},"fingerprint":{"sha1":"1C:D9:C0:8C:4D:FA:FF:5A:2C:CC:48:EB:7B:35:CF:FA:AB:7F:C0:61","sha256":"1E:81:97:52:8B:47:37:54:3B:62:1E:0B:E5:1D:D6:F7:F2:6D:CD:F7:D3:1F:8C:0E:78:14:26:9F:B9:87:EA:5C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://lumapad.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 28 Apr 2026 13:26:29 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::b9kcl-1777382543968-60b149d38fd3\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 245\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AZd1ssHcgW4rcBoyO%2BwRkss2Qc%2Ff%2BpUio8YcEqZ20vv4UvEow%2BL1vPULQaGAe8sjqeUFFvQNZqCA2MoKvyYUksB63BTPYJY9IqwCKpoLjvtG4T%2B7vSZUaofxiZY85zfYbNc%2Blog%3D\"}]}\r\ncf-ray: 9f36662278a80b69-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-07T10:57:30.943449Z","times_seen":14782693,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":54,"dns":33,"connect":1,"send":0,"wait":8,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}