{"report_id":"c856420d-ac2b-4e95-a269-858086605367","version":0,"status":"done","tags":[],"date":"2026-07-12T19:41:20Z","url":{"schema":"http","addr":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","fqdn":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.15","port":0,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"final":{"url":{"schema":"https","addr":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/","fqdn":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","domain":"arweave.net","tld":"net"},"title":"Loadingâ€¦","dom":{"size":463,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"c5ac7c1fee62ea944714b9296b14e6b7","sha1":"f9f69cbe287c4e7473299f21aa86038a116a00d3","sha256":"9dd585f2165c2848613562e42e83e4725129a6c93bbcc4d4d430a8f1219c93af","sha512":"9c7d1724fc2f44214b33c257ee5d0678481ba0a2c9ffbb018827c7a90d9fc2b32b9a279291f1edc4add577d605a8fdb0db4f96aacc17331628713d1351fd6196","ssdeep":"","tlshash":"85f027ab89397c0ae514438648c5714c83a7b3265e5aed80b69de16e28c0aea8897158","dom_hash":"domhash9c074de5cfd76cc56ea13397d34be287","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","fqdn":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.15","port":0,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-16T19:41:20Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"solana-rpc.publicnode.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"2018-01-25","domain_rank":0,"first_seen":"2026-07-12T19:41:20.83832Z","last_seen":"2026-07-12T19:41:20.83832Z","alert_count":2,"request_count":2,"received_data":18739,"sent_data":1137,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]},{"fqdn":"gist.githubusercontent.com","ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":207679,"first_seen":"2014-02-19T20:29:28Z","last_seen":"2026-07-10T08:07:55.56684Z","alert_count":0,"request_count":1,"received_data":15719,"sent_data":624,"comment":"","tags":null,"fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"benchonionderive.com","ip":{"addr":"104.21.67.49","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-05-24","domain_rank":0,"first_seen":"2026-06-14T23:58:19.64133Z","last_seen":"2026-07-08T12:06:55.616672Z","alert_count":0,"request_count":1,"received_data":868,"sent_data":615,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"solana-rpc.publicnode.com","ip":{"addr":"104.20.24.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-08-16","domain_rank":7186759,"first_seen":"2024-12-24T12:29:30.153505Z","last_seen":"2026-07-08T12:06:57.048618Z","alert_count":2,"request_count":2,"received_data":1209,"sent_data":1273,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/","fqdn":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":true,"md5":"381599a3728967fc4604d9997e6a27fb","sha1":"736182bfa97a844269d4423aaf2ab95c3d42d85d","sha256":"f145bccf39024d1f48c95e5dc4f60fd52212038fe17972e91853bddd5508b9c2","sha512":"8a5927a2c77ab8966f23db502064e7f531484110b45278edccb4030682c8d5bc5560c85560b1bedee95aa9755bfb62b9666181c89c33b26e754d96abfd78eb55","ssdeep":"384:lfo4vwHyoVEfSWO64yWmU8x1Vd9CS9WXX0gXYQe2Q+jlrLVe:HeL+SjCRxdZ2Tlle","tlshash":"e752ea6d28f72232466734bd4bdba054b135a0033849dd993e5cc3049fda9789af6fac","size":13638,"data":"","first_seen":"2026-07-10T09:05:59.859063Z","last_seen":"2026-07-12T19:41:25.533256Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":[{"level":"error","text":"[arweave shell error]bundler 404","filename":"https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/","line_number":539,"column_number":17}]},"http":[{"url":{"schema":"https","addr":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/favicon.ico","fqdn":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/","date":"2026-07-12T19:40:54.796Z","timestamp":1783885254796,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"arweave.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 11:43:37 GMT","end":"Mon, 24 Aug 2026 11:43:36 GMT"},"fingerprint":{"sha1":"81:4C:0F:97:80:83:B9:8F:CC:D4:99:28:25:1F:51:87:F4:FA:79:C4","sha256":"BF:8C:52:59:64:87:68:F5:12:83:B1:8C:A4:AB:54:21:4C:DC:21:29:26:F8:9C:90:E4:8A:51:EF:00:4E:1A:32"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 \r\ndate: Sun, 12 Jul 2026 19:40:55 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nx-77-nzt: k74Wex9URy49ZB+dRHvj0eyn9QasBfHQIW73/7FnL1xUA4ni9a8MwifA5eazBubjNA\r\nx-77-nzt-ray: 2a494a15e334f70febed536a17ac862f\r\nx-77-cache: MISS\r\nserver: CDN77-Turbo\r\naccess-control-allow-headers: *\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":2035,"size_decoded":2493,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"dc7707d2b730ffd749bd0ca6d407e5e6","sha1":"03f2bd287e09a1470ae6304bc608e707c62016e8","sha256":"2fa33a34e1ad20fc69c804532cb26b974805882da0f1c48a45150111a88fe3fa","sha512":"36efc7918ea1c1a35960fcb9cfa33b25ec027e07c35fc11e8e108e44805218d3d46454b99209f014063b7abdd6ac8a29ba4914abecd126ccb7a8467c8d774f37","ssdeep":"","tlshash":"324162d888f710eb1164c1d5aa817f294c82804b97e6c960b26c43629f9aca5acd7cdd","first_seen":"2026-03-22T12:51:43.382504Z","last_seen":"2026-07-12T21:39:47.947912Z","times_seen":114,"resource_available":false,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gist.githubusercontent.com/mw3ha31q/06d4655ad00be73c01fff6d233316455/raw/polyfill.js","fqdn":"gist.githubusercontent.com","domain":"gist.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.110.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/","date":"2026-07-12T19:40:54.829Z","timestamp":1783885254829,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"YR2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Jun 2026 23:26:07 GMT","end":"Wed, 02 Sep 2026 23:26:06 GMT"},"fingerprint":{"sha1":"3F:87:BE:75:1A:02:3B:A4:D2:51:D2:72:92:A0:00:61:D1:D0:D7:12","sha256":"32:49:1B:26:BF:AF:7B:FB:55:60:29:EF:32:29:9A:C4:37:4D:B3:4D:09:EE:CD:4F:FD:01:F2:1B:2C:5A:85:67"}}},"request":{"raw":"GET /mw3ha31q/06d4655ad00be73c01fff6d233316455/raw/polyfill.js HTTP/1.1\r\nHost: gist.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/\r\nOrigin: https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"7856228f65a0e33bd315b8a7b36b6f4fea1d22f64b56a6218a145aba0eee662a\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: 1F44:3C4411:403217:818FB5:6A53C7F4\r\naccept-ranges: bytes\r\ndate: Sun, 12 Jul 2026 19:40:54 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-bma-essb1270030-BMA\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1783885255.864867,VS0,VE1\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: 3e1a741b674ed5f6ca5e8ec7d9b580f27a99175b\r\nexpires: Sun, 12 Jul 2026 19:45:54 GMT\r\nsource-age: 261\r\ncontent-length: 14826\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14826,"size_decoded":15719,"mime_type":"text/plain; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"06e6a5b0605e52c5c45877fa659a5281","sha1":"587d5534c261e166ca797e895d6bc6b09f072f83","sha256":"ae21c17f62e2dd4ab9ceaae6f52c199952f874ec954133cfd3872e048e086268","sha512":"9f18b3734a07d5b0165d7845c684e9231ff8c74a11150d7491524553b8bfedf3ccca33df1476eb2802a33905386cd74ed521f95c82ef30819db8ced838339ca4","ssdeep":"192:8QHTcGE0C763vU5xS0Jqy1iPErHXYoiOnJnCn/dnhVnU6pNnrySnFvlqc6n93TH0:86QlJqydnCnFn/nVNnRnBon93TsnF","tlshash":"fd62e0396af220657563f1bc8b0f6008b2787427701cd9a0795db6a05fed13846eaff8","first_seen":"2026-07-08T12:06:59.835386Z","last_seen":"2026-07-12T21:39:47.944101Z","times_seen":28,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":0,"dns":2,"connect":9,"send":0,"wait":11,"receive":1,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benchonionderive.com/content?id=Ux9N6r01zD_D0pYmyKmCRkPGkh38-mwC87qQqYK1j5g","fqdn":"benchonionderive.com","domain":"benchonionderive.com","tld":"com"},"ip":{"addr":"104.21.67.49","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/","date":"2026-07-12T19:40:54.893Z","timestamp":1783885254893,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benchonionderive.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 24 May 2026 13:13:23 GMT","end":"Sat, 22 Aug 2026 13:13:22 GMT"},"fingerprint":{"sha1":"C5:0C:AA:B8:55:96:F7:1E:30:39:3C:ED:85:22:8A:94:32:7C:DF:81","sha256":"4F:50:C0:F7:04:C5:B6:BB:8F:A7:15:C8:A6:84:63:CB:60:BD:D8:A1:65:E7:4B:1A:93:92:82:EF:9D:67:58:EA"}}},"request":{"raw":"GET /content?id=Ux9N6r01zD_D0pYmyKmCRkPGkh38-mwC87qQqYK1j5g HTTP/1.1\r\nHost: benchonionderive.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/\r\nOrigin: https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Sun, 12 Jul 2026 19:40:55 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver-timing: cfExtPri\r\npriority: u=4,i=?0\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\ncache-control: public, max-age=300\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eN35hp8dsK8%2B5w25TDkvaKPFZsjtVcsokvZCRNv%2BtKp4bjaAEUkkzZIKd2P6MJDFc5QZrMV%2FpkcyYH8Y4mOSvcJJyeNT%2BIW2vi0tlnCFs3QWg7GDjzMpyKPxaTSkJHlhLFq0RTJ2Yg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a1a285bb3bbd120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 21\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":868,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"f2220cea887456b53bf947402f24672e","sha1":"de396fe0bb6f494a10aee026af779fecfc74eaed","sha256":"51d0a9e3bd9ffc25483790aaffe7a3597e642edd040dddb16aafc324e6e922ed","sha512":"eedf2a65c400202674cef29c91816d20be13bac0adca5051a102d2fe72da04f97209d2499c34bd8763629eb17722f54669eefa6fd9fbbf2fcfa01ac2b86e88e5","ssdeep":"","tlshash":"1b70000c0082030e0002e8a0088828b000c80a8008208f200030800800002838c00288","first_seen":"2023-05-06T06:57:39Z","last_seen":"2026-07-12T21:39:47.944973Z","times_seen":444,"resource_available":true,"data":null}},"time_used":149,"timings":{"blocked":0,"dns":9,"connect":14,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/","fqdn":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-12T19:40:50.928Z","timestamp":1783885250928,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"arweave.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 26 May 2026 11:43:37 GMT","end":"Mon, 24 Aug 2026 11:43:36 GMT"},"fingerprint":{"sha1":"81:4C:0F:97:80:83:B9:8F:CC:D4:99:28:25:1F:51:87:F4:FA:79:C4","sha256":"BF:8C:52:59:64:87:68:F5:12:83:B1:8C:A4:AB:54:21:4C:DC:21:29:26:F8:9C:90:E4:8A:51:EF:00:4E:1A:32"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ndate: Sun, 12 Jul 2026 19:40:54 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nao-body-key: data\r\nao-types: status=\"integer\"\r\ncontent-digest: sha-256=:c8DwB1/PBTZHUbpzRlDi3NNTKKfSbiOksL0kwNMYzJU=:\r\nsignature: comm-ux9n6r01zd_d0pymykmcrkpgkh38-mwc87qqqyk1j5g=:GK14PdH37+F1y/sHLTCA35vcvlfWf9thcuEr++VCtAMpzrS54FOlIqepOwalLVKxzA/qSKrtylz4GngLUH0z7CR45PciEKMiD8cGsUTniKB7NS9g433fsBlm46xEv0lH9KGc4IguqhO0zcg89RYHh7CxmDHjTyM8MSXNTE0CAFrFfUOyZeCf/V0pRpe11Wu38WI1XievBrNhcp6RijP1ycMUYTsqWS6cXDEOljdR5UXC/UD5SQU3ic27m5JOyWhqQMzcnDcQsvUv0hOkNtObN91I0fVLhGl+fqNhDYeyIm0Umm5jGKNETpjBlB4r7LEudwyNsYQYJvE8Oqr+HiJMKtm0yvzhcMosd1Y2G4+LyU5hvpVf43f7V0uRx55LUeBI4x/52wC1qsxDekSOhJxuSREXvx85xowaOVRN6TnEGInXb0NJJrLnEq8F/mYoCtfi5G98ZCKnMweEpdoyZDq+LDVd4gIF7CwmoFtKld0GFPyJ17z0mBLSiLKhWPb7liGqnNtC5yGpJ8cGfT320cR4HWuIVwnHBHR5ymiVWlBdJyCx/UJ18Bq1dI7HZt9oyWw/39cS0umaWZMpElxswmgAFXwep2oNeiC3fyG8Kms1Bv5xnhczETcD0/JSSRXDn8y6ApB9o6UMLw2n5Tl4BwPfPUHC1/jX3bOIF98FZZmsZ9U=:\r\nsignature-input: comm-ux9n6r01zd_d0pymykmcrkpgkh38-mwc87qqqyk1j5g=(\"ao-body-key\" \"content-digest\" \"content-type\");alg=\"ans104@1.0/rsa-pss-sha256\";keyid=\"publickey:xybdVKiKfafVR-KP2SNTJnjqhndd8YiPxmXatRP2DVOlX0QwROUL5IrDceg8culGF2Fo2JfuBVewq67qNw1QDRDsHvFVNwaM4DBrh4s_5EEDMYEK8g0cXi213SijczXeigbAALvKuxzz0HiY31U0G-LgdQAs2QQqvOdxcqApVlkef4hySJGMqN5XEdKXCBtLcmwjcIlBw5_hW8T19c36uzOcIS2d5nnLzP_v_DAjGNAdw-0wjslm5QoLfdxynFzt3Q_XtwihIttfPxo3iXjZsxX78WSwWOlx1xj0lydvxdkoCTdBcl-6QTUWrarVG5CJHd3jq-2eOJ8vlgm8JzXor8rnAtaoxLeg2sFYzty3dwGwBgWFX1FJ3-VkYbX36Lv07jJBRWwtCLZc9-sPI2Cwbbo1PiNLDvTm_gwqIe_s2TIUyTRuc-vbQC-R_Tyi3D0nVW_gQGNaZUZixpiXe0waA7ntUIv-3-8Zq9053s3xwAi1jle23ZWH3VNT07oZT93_1GDaXrszBCD18gpqNEVH9jS8ldipwLU5WzJIG6STacjwwAroWEcQeXCupKIn0WEidXdLsi3k8F_XoZ-qjZ8GTFpOrWy3KmjF5FBTcXPW3Wv1R_rPnUnw7qClfimJG24v-P774oCC_URCNAGXlYq32hyan7qVt0LB2TKRjL39qdc\";bundle=\"false\";original-tags=\"1:Content-Type:dGV4dC9odG1s\"\r\nstatus: 200\r\nx-77-nzt: k1hU31R3oZZqDhdGFbFNq97R4ZgGQftz84JmGidkuvmEi9WFsBhAlok7SZDv+mvbow\r\nx-77-nzt-ray: 2a494a15e334f70febed536ad610dc06\r\nx-77-cache: MISS\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\naccess-control-allow-headers: *\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":13976,"size_decoded":6564,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"73b2306a8b950974c4f6efe87b6b5d0c","sha1":"763d6c7aca9ee89bb9c5a12bb69ddcacc3dc2b24","sha256":"6dc6e02bf9310dce5b8c7e6d0be1ec31345a9b4ef2546f05a946dcb25278d1e6","sha512":"0c50c1b39162ad17305aa8da5da13e44076890777cac4c6e3e6e8d5c7a1158f986e32d78c35c2021b363c37e1c51db363dfe6cc673a778e814fc5c5b39f3d1e7","ssdeep":"384:0sGJZfo4vwHyoVEfSWO64yWmU8x1Vd9CS9WXX0gXYQe2Q+jlrLVp:seL+SjCRxdZ2Tllp","tlshash":"8152fa6d28f72232466734bd4bdba054b135a0033849dd993e9cc3149fd99788af6bbc","first_seen":"2026-07-10T09:05:59.855396Z","last_seen":"2026-07-12T19:41:25.530562Z","times_seen":2,"resource_available":true,"data":null}},"time_used":3518,"timings":{"blocked":-1,"dns":35,"connect":1,"send":0,"wait":333,"receive":0,"ssl":3148},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solana-rpc.publicnode.com/","fqdn":"solana-rpc.publicnode.com","domain":"publicnode.com","tld":"com"},"ip":{"addr":"104.20.24.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/","date":"2026-07-12T19:40:54.697Z","timestamp":1783885254697,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"publicnode.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Jun 2026 01:05:04 GMT","end":"Mon, 07 Sep 2026 02:05:00 GMT"},"fingerprint":{"sha1":"39:B4:D5:B4:26:71:60:64:13:47:CC:54:ED:BC:AD:E1:33:77:19:00","sha256":"65:A9:40:31:FB:2A:25:C7:3B:B6:B3:F0:4E:96:B9:08:CE:FC:27:5A:F6:DB:32:E8:7E:64:C7:51:34:DA:93:85"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: solana-rpc.publicnode.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/\r\nContent-Type: application/json\r\nContent-Length: 155\r\nOrigin: https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":155,"data":"{\"jsonrpc\":\"2.0\",\"id\":1,\"method\":\"getSignaturesForAddress\",\"params\":[\"2Lvd4NwKjESPwkNFkZN43eJ3o86gdDUrPtGnakKKM4sU\",{\"limit\":25,\"commitment\":\"finalized\"}]}"}},"response":{"raw":"HTTP/3 200 \r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 1728000\r\ncontent-type: application/json\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Origin, accept-encoding\r\ndate: Sun, 12 Jul 2026 19:40:54 GMT\r\nserver-timing: cfExtPri\r\nx-envoy-upstream-service-time: 3\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: a1a285ba4d0d712d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\ncontent-length: 37\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":37,"size_decoded":568,"mime_type":"application/json","magic":"JSON text data","md5":"0a345e49055fb6b1ee55f7a03cdf90c7","sha1":"90481fe7c757af186842ae8c442a3069ebe2b1f7","sha256":"d5d4570915ae356dcee912806f2822465692ce1aa3533894cc2fc1e8385455f6","sha512":"a39e3fe5a83ec4457c8071c802d578fa30ed30fde1f20bae947e3e09178816f04df4209d252976d979453ac1011009dc066b2d3409943e6231cfc250f7583fb7","ssdeep":"","tlshash":"4d8000c02a0a0b30820c0c03e0080880ac803ea823080f000b0c088c228a2abab283ba","first_seen":"2025-07-15T02:55:42.432989Z","last_seen":"2026-07-12T21:11:39.566322Z","times_seen":86,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"solana-rpc.publicnode.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solana-rpc.publicnode.com/","fqdn":"solana-rpc.publicnode.com","domain":"publicnode.com","tld":"com"},"ip":{"addr":"104.20.24.117","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/","date":"2026-07-12T19:40:54.703Z","timestamp":1783885254703,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"publicnode.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Jun 2026 01:05:04 GMT","end":"Mon, 07 Sep 2026 02:05:00 GMT"},"fingerprint":{"sha1":"39:B4:D5:B4:26:71:60:64:13:47:CC:54:ED:BC:AD:E1:33:77:19:00","sha256":"65:A9:40:31:FB:2A:25:C7:3B:B6:B3:F0:4E:96:B9:08:CE:FC:27:5A:F6:DB:32:E8:7E:64:C7:51:34:DA:93:85"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: solana-rpc.publicnode.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net/\r\nOrigin: https://kmpu32v5gxgd7q6ssytmrkmcizb4neq57t5gyaxtxkiktavvr6ma.arweave.net\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 \r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: content-type\r\naccess-control-allow-methods: GET,HEAD,OPTIONS,POST\r\naccess-control-allow-origin: *\r\naccess-control-max-age: 172800\r\nallow: OPTIONS, POST\r\nvary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers\r\ndate: Sun, 12 Jul 2026 19:40:54 GMT\r\nx-envoy-upstream-service-time: 0\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\nx-content-type-options: nosniff\r\ncf-ray: a1a285b9fd0b712d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":641,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-13T21:29:27.794909Z","times_seen":17221024,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":14,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-12","alert":"Sinkholed","trigger":"solana-rpc.publicnode.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
