{"report_id":"cb1293e1-64f0-4395-a7a3-cada30a3f6e3","version":0,"status":"done","tags":[],"date":"2026-06-17T17:11:36Z","url":{"schema":"http","addr":"pumps.mom","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"title":"Pump","dom":{"size":592641,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (553)","md5":"3d7e3408dbdb7fa5cdb149c55273c1b0","sha1":"067a26a61093e818f90c61a632ef3fadd34ec7d0","sha256":"9640bffb61fd2e978a6463fbf983ef511dfe9910a97b701ae6c936a49a12e78f","sha512":"9b9c9b523a43665e51d41831b55ea0e8284ae6e133a226fab48ade91099624c55f732c18a2bd77dd94c6aa141652d27c7f8c5ef508eb4af14c2ef50a36e32558","ssdeep":"3072:lYIQ0nNhhHLLznbktBUB85s8ihMuum0ZYkvlyubjD3TnUle2oK7wcO4h1ICQj9PD:lYIQ0DZLXAtw88qh4A","tlshash":"f4c4d8f0f1e1026b6447c3b9fa69bb2aaa85b17bca17954873fc06b56f44cd35c13188","dom_hash":"domhash695e18908625a0c2d1755041602ed466","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"pumps.mom","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-22T17:11:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"pumps.mom","ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-03","domain_rank":0,"first_seen":"2026-06-17T17:11:40.308864Z","last_seen":"2026-06-17T17:11:40.308864Z","alert_count":232,"request_count":58,"received_data":9865762,"sent_data":29652,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d99d1b253b4e58c09b0c774f6595c18d","sha1":"271f9706bee06554c5eeda1d3905bd305f376f6d","sha256":"5d03e903a8c5280ba55a3c062c30550ac5afa79925727161a1b4cc9111bcb285","sha512":"65a6f71034fb382008edd54b6e46af21868493a52a89434c0fc988abe09b9fc6673e0f9c4abb0103d9adc5d82a3e26dfa64436b16e40b6e9993b51cbb013d4d5","ssdeep":"","tlshash":"9ec02200c43888b10d4800ca043802dcf84039a8004272d282bc5c064848e414608a24","size":180,"data":"","first_seen":"2026-06-17T17:11:44.892723Z","last_seen":"2026-06-17T17:11:44.892723Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"38e3afae2c196377895ac472c991a80c","sha1":"b407af8385e79478575f6bca8446fe74498dddeb","sha256":"5c6b41d2b14257a1e31a8a371daca51b3982a19595711849cfc14c9c11721599","sha512":"113fac127dd2b9008d506466c48fe3b1cbed913d0b28cffaa2acbd9dff70fc0508836304cd22a7b179b69a13337f3a57e8301f40c3d159f9f8319ef18b2dee56","ssdeep":"","tlshash":"0fd0125d7064a96628cf697e5ccf088e7e369812a2080dc999ecd4547fb1e6d42e488c","size":198,"data":"","first_seen":"2025-09-20T14:46:13.54982Z","last_seen":"2026-06-17T17:11:44.894073Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0d62e15d3a1f021145b79e3e028973f9","sha1":"53a9475404db433d653a0309ab886b6d50006983","sha256":"f8eb33e3cb8202f7ea9ee9e016f4894ad4f256c10606d13b095e3523ce677afa","sha512":"f6c61e8efdb46bee9b48912953880265c4d2819e0fa6a15fdc69434b44155947e439e3617430046666b83aae0af467edd9b260b6632abafd3e6c8ee1a9d4672b","ssdeep":"192:JYu8piZs6oGMx77GJcffiknQf3EKV9MngCTjBt3wQe/9O+f4ZAuzdPY+rQV/FDk:ScZBDMxWqQqjsLEA56","tlshash":"4212a37d7aab11206927653fabdfb61830a980130804da10bddc98359ff8e1c66b7cf5","size":9806,"data":"","first_seen":"2026-06-17T17:11:44.895189Z","last_seen":"2026-06-17T17:11:44.895189Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d99d1b253b4e58c09b0c774f6595c18d","sha1":"271f9706bee06554c5eeda1d3905bd305f376f6d","sha256":"5d03e903a8c5280ba55a3c062c30550ac5afa79925727161a1b4cc9111bcb285","sha512":"65a6f71034fb382008edd54b6e46af21868493a52a89434c0fc988abe09b9fc6673e0f9c4abb0103d9adc5d82a3e26dfa64436b16e40b6e9993b51cbb013d4d5","ssdeep":"","tlshash":"9ec02200c43888b10d4800ca043802dcf84039a8004272d282bc5c064848e414608a24","size":180,"data":"","first_seen":"2026-06-17T17:11:44.892723Z","last_seen":"2026-06-17T17:11:44.892723Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"38e3afae2c196377895ac472c991a80c","sha1":"b407af8385e79478575f6bca8446fe74498dddeb","sha256":"5c6b41d2b14257a1e31a8a371daca51b3982a19595711849cfc14c9c11721599","sha512":"113fac127dd2b9008d506466c48fe3b1cbed913d0b28cffaa2acbd9dff70fc0508836304cd22a7b179b69a13337f3a57e8301f40c3d159f9f8319ef18b2dee56","ssdeep":"","tlshash":"0fd0125d7064a96628cf697e5ccf088e7e369812a2080dc999ecd4547fb1e6d42e488c","size":198,"data":"","first_seen":"2025-09-20T14:46:13.54982Z","last_seen":"2026-06-17T17:11:44.894073Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0d62e15d3a1f021145b79e3e028973f9","sha1":"53a9475404db433d653a0309ab886b6d50006983","sha256":"f8eb33e3cb8202f7ea9ee9e016f4894ad4f256c10606d13b095e3523ce677afa","sha512":"f6c61e8efdb46bee9b48912953880265c4d2819e0fa6a15fdc69434b44155947e439e3617430046666b83aae0af467edd9b260b6632abafd3e6c8ee1a9d4672b","ssdeep":"192:JYu8piZs6oGMx77GJcffiknQf3EKV9MngCTjBt3wQe/9O+f4ZAuzdPY+rQV/FDk:ScZBDMxWqQqjsLEA56","tlshash":"4212a37d7aab11206927653fabdfb61830a980130804da10bddc98359ff8e1c66b7cf5","size":9806,"data":"","first_seen":"2026-06-17T17:11:44.895189Z","last_seen":"2026-06-17T17:11:44.895189Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d99d1b253b4e58c09b0c774f6595c18d","sha1":"271f9706bee06554c5eeda1d3905bd305f376f6d","sha256":"5d03e903a8c5280ba55a3c062c30550ac5afa79925727161a1b4cc9111bcb285","sha512":"65a6f71034fb382008edd54b6e46af21868493a52a89434c0fc988abe09b9fc6673e0f9c4abb0103d9adc5d82a3e26dfa64436b16e40b6e9993b51cbb013d4d5","ssdeep":"","tlshash":"9ec02200c43888b10d4800ca043802dcf84039a8004272d282bc5c064848e414608a24","size":180,"data":"","first_seen":"2026-06-17T17:11:44.892723Z","last_seen":"2026-06-17T17:11:44.892723Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"38e3afae2c196377895ac472c991a80c","sha1":"b407af8385e79478575f6bca8446fe74498dddeb","sha256":"5c6b41d2b14257a1e31a8a371daca51b3982a19595711849cfc14c9c11721599","sha512":"113fac127dd2b9008d506466c48fe3b1cbed913d0b28cffaa2acbd9dff70fc0508836304cd22a7b179b69a13337f3a57e8301f40c3d159f9f8319ef18b2dee56","ssdeep":"","tlshash":"0fd0125d7064a96628cf697e5ccf088e7e369812a2080dc999ecd4547fb1e6d42e488c","size":198,"data":"","first_seen":"2025-09-20T14:46:13.54982Z","last_seen":"2026-06-17T17:11:44.894073Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"0d62e15d3a1f021145b79e3e028973f9","sha1":"53a9475404db433d653a0309ab886b6d50006983","sha256":"f8eb33e3cb8202f7ea9ee9e016f4894ad4f256c10606d13b095e3523ce677afa","sha512":"f6c61e8efdb46bee9b48912953880265c4d2819e0fa6a15fdc69434b44155947e439e3617430046666b83aae0af467edd9b260b6632abafd3e6c8ee1a9d4672b","ssdeep":"192:JYu8piZs6oGMx77GJcffiknQf3EKV9MngCTjBt3wQe/9O+f4ZAuzdPY+rQV/FDk:ScZBDMxWqQqjsLEA56","tlshash":"4212a37d7aab11206927653fabdfb61830a980130804da10bddc98359ff8e1c66b7cf5","size":9806,"data":"","first_seen":"2026-06-17T17:11:44.895189Z","last_seen":"2026-06-17T17:11:44.895189Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/secureproxy?c=%2Fipfs%2Fdxzs4balKP0d6cpp3_aKYA4e613b5ee615c9fa2914f8c1fe090cfb%3Ft%3D1781716266108","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"416efea31395d3b99bd0a5f766490d63","sha1":"66900fbd7acd2e744f3ff07bb2961c03a388bbf1","sha256":"ce71987c6ec33e99bc2ed91f69d049e6eeafb55aff4a184fd60416027ce429e4","sha512":"5abd86ea6d3a14d2da26d13f5cd974b3101bf2e0d132e7d2c5436bbe20c27cd4efc64720583597dcdfc54cac2f3cfb9924686345e9b6db780c4e510423a657a5","ssdeep":"6144:Bh5gDjQDCMEWm7ECNF0gct3VyBKbMboOeC2PYqxQWNahLYzO5WuS2KImDnyJnUCL:JsjQDC6m7hFqa/J/","tlshash":"f8d4becaa73d377f5ae01aab0c2b413fefc80d1e216b09c852d1b8d9527970693d915e","size":619219,"data":"","first_seen":"2026-06-17T17:11:44.873752Z","last_seen":"2026-06-17T17:11:44.873752Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pumps.mom/QmeSzchzEPqCU1jwTnsipwcBAeH7S4bmVvFGfF65iA1BY1.png","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.181Z","timestamp":1781716266181,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmeSzchzEPqCU1jwTnsipwcBAeH7S4bmVvFGfF65iA1BY1.png HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-96a\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FBG6KIYA2TKbJlw5fBgYxXQ0vpYFtdCLbkFbjzQ7Ha8YssoRc%2F6Xr%2F%2Bi%2Fr%2BbwQZVDTpy8%2B7AKg3Qqzr4PMtwj8kc%2BxYrx1WiiwmHunujvKJn%2B7443iUKYO4qe%2F8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 2410\r\ncf-ray: a0d3abe7af8bb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2410,"size_decoded":3337,"mime_type":"image/png","magic":"PNG image data, 64 x 51, 8-bit colormap, non-interlaced","md5":"01c0a2dbdcd2087be395e8a4eab047ed","sha1":"fa18c291f3d8fc828ac36825b3f7de19d82516e2","sha256":"41a4a5021384c0b0beb0c21b2842a98e75452ad80066d9825d7222687f653aea","sha512":"f5ea4f58624cb2a14d125d834771778d8b58caed981050c8348cea897244f20429232cd3d74701da4c73917a72c626d7409ff6e121dec86bb7cd8816bf4b2d85","ssdeep":"","tlshash":"fd411d165e533db98d2945d903a3a32dd339f1a8d25c47c0dd97d75381358cc8384ea9","first_seen":"2025-08-29T22:10:37.991619Z","last_seen":"2026-06-18T11:37:36.517463Z","times_seen":115,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmbViKxCrG8e9jdWPcQNqLBYDY18xvvgYrx61ZP8HuFYPd.gif","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.185Z","timestamp":1781716266185,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmbViKxCrG8e9jdWPcQNqLBYDY18xvvgYrx61ZP8HuFYPd.gif HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/gif\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-7a62\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8LuuBdI9wzWSypjFtPpZE0yYObvLpnCa7Eu4b87R1aAx98DdawHXEivlzeZ1gZYeqd9vvIYvHUgVeINupZgyDJCTw3NYFVJHD3vG9RV71CYzHbd9foa%2F09aoF8o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 31330\r\ncf-ray: a0d3abe7af8db505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31330,"size_decoded":32241,"mime_type":"image/gif","magic":"GIF image data, version 89a, 64 x 64","md5":"303c540c9d97f0670bd5632d2806d301","sha1":"16d0319eccace15d6b135e25b5304213819c7a80","sha256":"34ce4f2790d31d512d2b5b34501b445d5123385a4c47573731abae9e2817e4b6","sha512":"a31cc9f0b8411e4866da0cd39d92a2718b0dead4cade0825c1325cb702412214c5c7b0bb5a406955b0dfe2d42501df71ef8e132cc2b1f236eb2627bf310a86af","ssdeep":"768:L5z2/TRvjQxpDaD6uevgsiLZa8shIw2KwZq0PYW+onwZ8/C:L5z2bCvJvpNIw2dPYVonZC","tlshash":"a7e2d09be40674a9f8590bb253d04abd2990bae8704ad3429f4438babd4c5fc371c1fd","first_seen":"2026-05-02T21:27:14.121076Z","last_seen":"2026-06-17T17:11:44.795784Z","times_seen":5,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":22,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/icon1.png","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.211Z","timestamp":1781716266211,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /icon1.png HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-8711\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xvUDEm9ca32GeRY5a55bWKB3%2BobhsqAFP7vLU5U3r9LgnxqQ3Ib9ZpVbuzjxW%2B01pqDEQCYEI6NPZD38XnhFod1eYyyyCOF01pCNNimf9zpBgXO6tBm0En4KtZQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 34577\r\ncf-ray: a0d3abe7ef9bb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":34577,"size_decoded":35490,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"d1470876651be7b256937ad0c15d75f9","sha1":"4b06f91e446eb21504e0e8c332f19120d4f0a320","sha256":"9a0c90cf94e05d59ceb3ddfba3142cce90820a0cb01376d73537273d2b686f86","sha512":"db991cc47396af891cf446df098ee4cdc681e6fda7a5443df205b7817d6e61efda2048a3cf1746f779c12dfa46fdd147c39fe2e1f2c5df17f62f54e86789c807","ssdeep":"768:I1fgGxmXeZj9dBlo0eF9NBsI1n8Jp56sTkS7neBTIqnMt8nXye6XYq684nt:edxCeZjbBReXNBsI12YpF1MKXyRSlt","tlshash":"40f2e1657a763832845123371d2ff10a6367b88d6adbc17dc6f38e0870e262548fdd12","first_seen":"2025-02-16T19:20:16.385756Z","last_seen":"2026-06-17T17:11:44.798022Z","times_seen":74,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/index_2.html","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.698Z","timestamp":1781716266698,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /index_2.html HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Bfynkp2shiEj%2BfzEgpLp7Vn9OAV9vz%2Bll96WemQ2c3UjK9ZpQZbPdMszX6akQnXKCYAA4yJzGBJV48q47NGXKx%2Bh0dJ%2Beym5ZrSci72w%2FZsbGLEkiNMrOB%2Fp37k%3D\"}]}\r\ncf-ray: a0d3abeadfbfb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":142,"size_decoded":981,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"292f74c92c97c686c723a291030cfa93","sha1":"ff7ce2a278d64bb71b8a15797fd10276ea6f0df2","sha256":"baf0572ea402de47c8c0c44f67fe0b4af40bd7bc06f5733bac13f51bb4ac4d08","sha512":"4f34b0d47baba42b1c93958d291540f76e16fb3f67405fec9d87d0d8d57bf4ae454b63e8462a3b238ff1f6306323f7af84e182781658961d0acac1e55b70d953","ssdeep":"","tlshash":"54c02b22dc04480f3d009fd1cb8af1c4c003dc3ce8315c00b867b544e9ac131c012548","first_seen":"2024-08-19T15:34:07.77924Z","last_seen":"2026-06-17T17:11:44.799995Z","times_seen":458,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmNafVMhXbgwChHFZmQW9r5uvjGNoyjqLMCAyzdgSYNvTD.jpg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.833Z","timestamp":1781716266833,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmNafVMhXbgwChHFZmQW9r5uvjGNoyjqLMCAyzdgSYNvTD.jpg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-492\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SefgyNrLmNEWlEqxciS%2Bc6T5ajKS%2F57tNF3ZyNKePRM5QpYxrNZvDe1ZHqcGF33goGEm%2BI9JmPTZwU12Y13iUTmTEt2vPTv8Nuj55KYqLFYGlx%2Bt8xD3wNp9da8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1170\r\ncf-ray: a0d3abebbfd1b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1170,"size_decoded":2086,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x68, components 3","md5":"138bab7a46327f052ba55aef2e1581ab","sha1":"0dcb6a2d3e87810bc9a75b8b0d8bdc9ef63f8d52","sha256":"18df44713b6c20ed1a858ff3a1ae4e5c0f1e76a2af03e688ef427ec3a233c927","sha512":"275c8b25b019afda80784493973f108f925d6d249ade414ae954b8016a096b86e50da4d8681a4d103d5d1280b90d29ab2d47d53afac274cf5d6e184167a327aa","ssdeep":"","tlshash":"7321c6b83f2f89dacf2a92b5074937f0664d901b52a5c1c54e04044569fe0278f6c39c","first_seen":"2026-05-02T21:27:14.16109Z","last_seen":"2026-06-17T17:11:44.800672Z","times_seen":2,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/c43a4607efe63bdf.css","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.150Z","timestamp":1781716266150,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /c43a4607efe63bdf.css HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-33ee9\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JPqbdfhCVZfGYsgb6VBQ4535okBB1JsVJN8%2BfPWHfsCkSHeiY9CcWxWadwEKbkr%2BG4k0bDx2%2Bxn0mLeufjluYr1m1f0LGwiQHYub1rnsbjCCSAI5pQyJ6u08hjU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abe77f82b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":212713,"size_decoded":41519,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"4bf5177e8fc18cb70d7f1c178cad3d88","sha1":"609a177d9d66c9dcbf362ff847d1a4d6e063085d","sha256":"cdd104a91682a2e1f06864a906ee540ae4d6f3d51f1f03dc743fcec6d6629547","sha512":"f98c935761603ee6a22393b4a33d3436f8eaa0f64db2a93303e2ff880c85fe977a23c247fa0ac552eaf256004b0bf2b3f9f51961d2a2e77545989f879ef4fa44","ssdeep":"6144:GXWQ1hflhQZaLAb0MesXbTaHkPSVI2EEJaGF+ChfViJEExfPuh/4AVgO4eEWAinf:IoIIQWo","tlshash":"9d24a36da765443f7c2760f9d29cbcad901ab1c0ef3a1aeafc42511097e17f62da7600","first_seen":"2026-06-07T04:18:21.512977Z","last_seen":"2026-06-18T11:37:36.536507Z","times_seen":5,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/pump-logomark.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.172Z","timestamp":1781716266172,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /pump-logomark.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8A2fXubLv1Ptjt4Gs07KD2bki5BV5jg%2BTCRagQbf2VoO1TDOO7LmV6nxVaVBNGRPnLbEuKwHocHMkXvoajAhQtl%2FRH9DtwkVp1ZnIi1n0qtJkEZpMQsuH%2BI%2FYB4%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-a62\"\r\ncf-ray: a0d3abe79f88b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2658,"size_decoded":2002,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8f63fff8de4385a3e5a132656e5343cd","sha1":"860a2077e73020e3898bbdb847ddbb6a252b8da6","sha256":"b51b06b474d5110c9dd864aa915624a6f4b2d128a289ac48621f69fa42bc6db8","sha512":"c5d475efd0538580110d932ce792335bfa95c9e02fad6bde4e4e4fc11956070a81cc2951eadb6cdf0bb56b14a6feec6349f742db6fef03ced9514797121d047f","ssdeep":"","tlshash":"fa5172ff6b444de5de86c2f8eb252ad7782a24d97120464193d43f2a740236c4d8ac93","first_seen":"2026-04-12T23:10:39.468926Z","last_seen":"2026-06-18T11:37:36.547175Z","times_seen":9,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/mobile-upsell.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.176Z","timestamp":1781716266176,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /mobile-upsell.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CQKYkIc%2B87LYRnRD2sMsMeHuLLutfvW2DfoD%2F5yN8vVw6eE3BHiuH8haS0LTyWa6we0ezZ1HB45OBgrlMmsCz4O5N5ZcNYK%2BbKD8q7zuM4HhWF7qFbtneODtsh0%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-ec48\"\r\ncf-ray: a0d3abe79f89b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":60488,"size_decoded":23432,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"20e346583b6756a13559f1583009b9e2","sha1":"9b7703a462a9c20fb947cc1fd724a75d61ba3238","sha256":"d2161f883307c949aa8149a3de14fe1571e050c577c8af6b38a4a3b56c3cba83","sha512":"ede21f2d59a546e212d8dedd1afdde210ddcbb5706a55325bbb4ca132f96b848fefedaa394b97e4b8843792cc031fc53614e501378a620f4acea8146bab9ca3c","ssdeep":"768:hFj6oZjZWzlcH6iVbSCqjew8xrGfKsqaI4:1ZjZS2RMSRxriH","tlshash":"7c43ab30778c1509d270abdd831ca496e833a0839a1b0594cb433dea5f6a795fd7b1ee","first_seen":"2025-08-29T22:10:37.955387Z","last_seen":"2026-06-18T11:37:36.508542Z","times_seen":201,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/dialog-clickwrap-cover.webp","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.189Z","timestamp":1781716266189,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /dialog-clickwrap-cover.webp HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-c0f8\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MJrKI8MjHI%2BDMw08v1%2FrmGrrZOGs1N5f4GljmBij4LSRH9KhpGwkGaxwYTWb4tDypciZLWLvpgnTsPgp5hLWfDreRCJkMf%2FyLOr4gT03ZbZdRJ4wmewKffcwm34%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abe7af8fb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49400,"size_decoded":50358,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1278x718, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"34a5a0b4ae583e61c7a129c4c7266ed0","sha1":"efd38ddabe4742c1ab3afe38117b53883d68f488","sha256":"614032d71f5b75053629744dae4f3a2b4cebb8640c703700d1a84a0171c93f1c","sha512":"ccbc426b8420c3e0979980d1c900bb0a65e6a90e77b0f63443fddbbc21f55f5f684626860f1eea86e46c12c0e1d14ad5a66d04a6446bae54744e02dc9e81b138","ssdeep":"768:FT+5/vKVdYTzU+QBJ2lbqpt10XDlJrkxSI16Hb27cuKAxKEHpml:h+5nKVmUBJoqpczl5USAQbig5EJml","tlshash":"6a2302a078a33433c80f50419adf5fab9df965803bde13b3087fa9c080cb55b16a914e","first_seen":"2026-04-12T23:10:39.455476Z","last_seen":"2026-06-18T11:37:36.515773Z","times_seen":9,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/wallet_magiceden.webp","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.200Z","timestamp":1781716266200,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /wallet_magiceden.webp HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-642\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wo0GshCscuLV56Ankzrfe%2FqyfM9MByKNwUVyhiuQK3f4U8Que7Y1ybxGm0kgI1aAVGDq9cH6umod0uzoyz3bdy62A%2B5QeWicyPiOpCylE4kLcTdXRxNu8iX8NV4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abe7cf95b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1602,"size_decoded":2547,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 200x200, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b9545f7118bfe56b75fe56c2b67ce762","sha1":"b1dbe54a44548df39418e1979a44a15946a3871c","sha256":"751f8332aea0f7cefabc4c7835cbd69294ca2dad4d8192d77da7123d79f67571","sha512":"0f57266a7d2b388e19e7f70a307c2ae09c228027a68657db737b4b8ab6c369794d469bfc2f08520b11e12d33aad527b1361585884ceed8aa70579f4755d74e0c","ssdeep":"","tlshash":"96312a8c04a873d92a96f6a8679bb6762c480c4ba3d74cf6c074dde00fec1c4b300759","first_seen":"2025-12-31T12:24:56.569709Z","last_seen":"2026-06-17T17:11:44.809335Z","times_seen":105,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/solana-logo-square.webp","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.784Z","timestamp":1781716266784,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /solana-logo-square.webp HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/webp\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-3d4\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=5,i\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xvFL%2FhxnCa%2BhindpzuKrbbvytVWWfutrBhOs4TN89q7E7bjLyfg4bZaKdeLkirMVs6wfFq3G1GRFfNUhBci%2FVXuOLTV0tbG%2BUDgRPH1CPvSmDr%2FOxftLnCtgOWE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abeb6fcdb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":980,"size_decoded":1926,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0cbc759a1b712af205cf8c917417197a","sha1":"397d6cb5137d6f300c91602f7302f594c26f63ff","sha256":"6acf5ab7c9dc0bcb852b17056f6407ba60fb12680d0537f058928c2db6e4aef4","sha512":"042f0e379a47039e67720bb23fb417c4881b25ad40eb6cae55cb2e2fdb1c5b3885707e84f7866225e5764bf2ca0815b57f2ee8cee8747307c78da7b96a1bcafa","ssdeep":"","tlshash":"1811a540f19444908017a218589b24a3e93a54c051b6a27e5bb8bb8190b2535b8ed1fc","first_seen":"2026-02-02T10:11:27.507559Z","last_seen":"2026-06-18T11:37:36.54444Z","times_seen":16,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmdELH6irxDS6E6ByxtHyDZxJbLoPXq9vqVipc3r1nbnvv.png","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.179Z","timestamp":1781716266179,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmdELH6irxDS6E6ByxtHyDZxJbLoPXq9vqVipc3r1nbnvv.png HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-d7f\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cgRINfIdIk6zzshy7vp6Y3yYYDOt6ouarJEHf4ziO2yH0AvMWDZnG30f%2BtPNlVp2OqL3GHabgwhx7Z5deUdjUWbYokApyf2QxEPBrKj9J55B7RXXVZeHEYMj520%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 3455\r\ncf-ray: a0d3abe79f8ab505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3455,"size_decoded":4364,"mime_type":"image/png","magic":"PNG image data, 64 x 64, 8-bit colormap, non-interlaced","md5":"c0cfdfdf600e26de3f1c44cc727a0ad0","sha1":"7834fe1a4ae0130d00b5c8eb0c980be3a9cd9a21","sha256":"a6c376fb1612879c8f3f787447b08121d136425b8a12f4c8609197d0265ae36c","sha512":"ba50d13329091d8e9866aaf34b97e958c183510daaaf93ff7550afcd7e17e30017349e571cf39b931c7c02c930570b160893f16576934385f650445708656b7b","ssdeep":"","tlshash":"45617e585d76f804484775ef3d544260b97c44289fc18f5a98ced583290fa63a03f90d","first_seen":"2026-04-12T23:10:39.545531Z","last_seen":"2026-06-17T17:11:44.812089Z","times_seen":7,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/wallet_phantom.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.194Z","timestamp":1781716266194,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /wallet_phantom.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=AXF3PXQTu%2B4CxXmJTv0H25JQYXBDwFH7haYkJUtquT1X%2FZWKf3RH1LSD8Ini9K8ApqTXQI5AfX%2BLSmVxH1xFH2PMP8xPbNapetbi2xETlw1LiPaHmEdRkejEwr8%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-455\"\r\ncf-ray: a0d3abe7bf92b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1109,"size_decoded":1422,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8c03cefef7d2f9c744962ad68f1a8fac","sha1":"078a264cd05cec66acb42574be3caa03bcba5441","sha256":"f0568a024a8290d744ee7a548839ab9db336357a3fe1b8efcd881d8da1e57013","sha512":"d32da9d18f95111d9185a1ac32bb754aa91af1e3767e168d3acaa272e6c32f62a3346e85380b68682403637407ba104cc6621414563f0b22710fb5ffb677e97e","ssdeep":"","tlshash":"f811ccd53747d375c447eafd0a262dd06c1754f66725b47fc2813c0aa8560a53ca48fe","first_seen":"2025-07-22T14:10:16.992352Z","last_seen":"2026-06-17T17:11:44.812856Z","times_seen":121,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/image_d343204cb47e680b7efba0cad8e7958e07e523fb.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.196Z","timestamp":1781716266196,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /image_d343204cb47e680b7efba0cad8e7958e07e523fb.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fpJrJThE3mLt2GAutOonRaX8ktTIysTZCnUEy7Z%2BqLycwPysvO3Na0or%2BpIeWrOjx%2BCx3PUQDp9tkrPmEX1%2F%2B5fCtiOF6HVMuMUuCRTxOfCyoWG3DNa2%2FqrM2gQ%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-3e4\"\r\ncf-ray: a0d3abe7bf93b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":996,"size_decoded":1402,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"574b9e8c157fdcb1f62db13a3974b268","sha1":"d343204cb47e680b7efba0cad8e7958e07e523fb","sha256":"a27e00c9eae8be042d8ca20180bd1c409f3206739500712b9a1d0a99e59e95b4","sha512":"3ffdf84da9d003dddc8359d894c3979b946c946a6cf4fd0b6061a89e32032154bd8db8fe0cb13b6db177f8ee948076d843829477afe32d8c8e9dc31958deef02","ssdeep":"","tlshash":"2511027f131d11d5f80acfe4d30ba4e37a1254a66628f008806658c2fb08d5c5df6ce4","first_seen":"2025-12-18T09:47:26.932536Z","last_seen":"2026-06-17T17:11:44.813486Z","times_seen":133,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmaUwvaKZ3BEa9CKVEy4L6uHipnZ7BfaTAUydNsgpwX5V5.gif","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.829Z","timestamp":1781716266829,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmaUwvaKZ3BEa9CKVEy4L6uHipnZ7BfaTAUydNsgpwX5V5.gif HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/gif\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-1597c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fsV%2F0yXMrPnqmk%2BuJf3A5wuVNwlDgDEA422VqURmbcHD2PB0P27TxO9n1btF1xhcFD8JVgVZWEs%2FkyYSkEIT3LBPhHY5qmLBI1F3Ps%2B2HQzHEZEK0zEiocL9Bq4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 88444\r\ncf-ray: a0d3abebbfcfb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":88444,"size_decoded":89362,"mime_type":"image/gif","magic":"GIF image data, version 89a, 64 x 64","md5":"1657ed9708024b600149ed6c0103446c","sha1":"2004b37936dda6de0b80b4b968b0ae32eb6bff22","sha256":"36d9b75b91f6dfad12c1abe3da25563a58fec66d7e25f22ed6955de90da9562c","sha512":"1e1731a7198e5ea1b77b46d30e976596e4507b856c9452078284c6ddb7e28f0344b5947d002b2ecf574431251dbc717f26d098b9f75075ae4c6b198ce592616e","ssdeep":"1536:EX8YdyN3RzpiYWm/qiMGsOavpkCz5hMJAJmSgiUBAFuLhpBK5m2fr:s8BDzXvMGsn6CPqAfgigAF+hfK5mGr","tlshash":"9283016727809087f86b3d7573361f870f3e0076ce03e536a16576a9b1a28fa09ec755","first_seen":"2026-06-17T17:11:44.814142Z","last_seen":"2026-06-17T17:11:44.814142Z","times_seen":1,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/icon2.png","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:08.123Z","timestamp":1781716268123,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /icon2.png HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:08 GMT\r\ncontent-type: image/png\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-29c20\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Hw9FDi7LhXN9wQl%2FZznI%2BdGn%2BIaQYvNMbdIH%2BlWGv7n%2BY9KwWf3949sJ0DzXFD0yr0KNOk3oMfAeGkLs2yCLLT6yRyZCwP2CQ9se67Hp3kSuBrykjsJ0kDBBpbI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 171040\r\ncf-ray: a0d3abf3c89fb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":171040,"size_decoded":171964,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"f1bd488f76adea521d1cfd37122ca30e","sha1":"1bbb7d1e1f5307bc38c179d1da114edebf2cc75e","sha256":"7dc9c4c4c538d66db7cb3a92f6481c57cb1d435742ec651e6db3d3953431707d","sha512":"c03166a137e07787b923e1683e7b02199be51f7e41d9497c6f33bc9ab0ccc4111895692be41c36f9c1810d76e1c761d3397e35fa72e4267c73d4aaaad48c66cb","ssdeep":"3072:Cd5h51rQK4TzyXx20z6RqAicPFqIcM5gRy1xNfXE0wBBLhO0y+0pVxX1Hilw:C/1EtyX40z6Y4PAVSCsxNfXElBJ/y+iL","tlshash":"d3f323da1e689adceb1302917db05ded37a670e45ba1b640fcc80d14b5d3379a891bf0","first_seen":"2025-02-16T19:20:16.384713Z","last_seen":"2026-06-18T11:37:36.514537Z","times_seen":181,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":88,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/db808e5b83343dd3.css","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.145Z","timestamp":1781716266145,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /db808e5b83343dd3.css HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-30e85\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2YeVMGaiVgFIsnAtBNw8i3tcr0OqkeSx%2BahNz5kEacsISv33HyFmvqTMHpSQ%2F0fke2ra0dkndGCWzQFrjFC3r0oHV2GUZ2Njp3TCvPyyfRo5%2FVQUYvMzjevQ0zg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abe76f7fb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":200325,"size_decoded":38619,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"80ba684b5a3e800810c797d40a1de559","sha1":"947a1f50491c338e8828e2e1a05332180d3ac876","sha256":"89555ccff6e6f9d7ca76b6b26d67ac3570584b9d45c484f8b84bbdb427bf14f1","sha512":"2455a20d86117c4fd7baf96dd09731a235652498990236bb91a73e1ac9e41ff57e2346450730c3a35551bd3ffe82da0a768b305318b287799ed279f0eb7c1a31","ssdeep":"6144:GGQ1hflhQZaLAb0MesXbTaHkPSVI2EEJaGF+ChfViJEExfPuh/4AVgO4eEWAinZL:OIQWo","tlshash":"6914a26da765443f3c27a0f9d29cbcad911ab1c0ef3a56eafc42511097e17f62ca7600","first_seen":"2026-06-07T04:18:21.526014Z","last_seen":"2026-06-18T11:37:36.551274Z","times_seen":5,"resource_available":false,"data":null}},"time_used":256,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/5e76b3fbfdc7e54e.css","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.148Z","timestamp":1781716266148,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /5e76b3fbfdc7e54e.css HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-cb0\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vuRQ9W2TPQRFy4cvgxW9HFer9I9tXJaSr0XjU8SvT7oD373T6J43Vg%2BzAl03zk9ngekohyerIHlzTwVmEeifK%2Bkuwp3ilRDff4LEL6aDAghYE8YZ2nk2%2FE8nPtY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abe76f81b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3248,"size_decoded":1836,"mime_type":"text/css","magic":"ASCII text, with very long lines (3247)","md5":"ff62e2f01eb791a568c3033cb87d3961","sha1":"af58e2e1d26931dc68d1016942c26beeda3835b0","sha256":"0d789746e233b154f39f0ab97ad2fa51de10c03a624b6b70245faa7c3b08c23d","sha512":"6322263c83123d8003f97fc94c8e79a5c8a7d42de8b2794c30d1a762dd5f8a0b8c97c27595ff44e8ae6c156373cddfe467b7a264329e1ca54ba0b6170664ffe1","ssdeep":"","tlshash":"f7617d24f17269a3531b847e80c6fa86b291520d9f3fabf37f90c424708c65707e967a","first_seen":"2025-12-20T19:39:47.581885Z","last_seen":"2026-06-18T11:37:36.534624Z","times_seen":126,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-17T17:11:05.582Z","timestamp":1781716265582,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:05 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=0,i\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aYiBC7EcdUKQk4xGSnqYECN93FHVAnUjSSJfyXGZyg8Hd6Kx8V5chQdSbyVowHKq5LR%2Be0Xq62t1Pn%2BTqDdxKgzKUeoxVmO49XD9x2eFiwTk8rTQtgpOxRYf8mc%3D\"}]}\r\ncf-ray: a0d3abe46f6fb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":671889,"size_decoded":58094,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (553), with CRLF line terminators","md5":"27e137c1f85946fa0715f6c086290a49","sha1":"8afd39fb849f069fb4c842cd469675e0ec5dd0a2","sha256":"f55311fcc52f66dd609377bce0325baaedb5561d93c91684c70b072c060fb82a","sha512":"f97c8ecb820edfd02189f131a6f444e81e47723e4e5f9467ae6d97f208cd5f14fddd8c011cea2907de2327d87ae4541605b7103eb6b7146f8e908a9b4f0f5142","ssdeep":"3072:hNN124Zc7eRh3sgKqF92VO19Vxy3bl5eYVRcxEkkNMla3L62bHULSY6kHOmtHXdS:hNN12IMeGqHUPgW","tlshash":"f4e4e6b1f1d012aa543bc37af666ab5cea86613bda13914873fc16a72f70c975c0358c","first_seen":"2026-06-17T17:11:44.820655Z","last_seen":"2026-06-17T17:11:44.820655Z","times_seen":1,"resource_available":true,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":61,"connect":18,"send":0,"wait":186,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/b731d5a1fd2592a1.css","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.154Z","timestamp":1781716266154,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /b731d5a1fd2592a1.css HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-c3d4\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PP8Kt02ywdpQhXVYX%2BzfS8RhTDMBwZk2GVLJB58NljbEERxflNP%2FyW0GxSVgq8RKKM6iGxVDKCPxUQL8iwrt7OMTfCI3FugvpR%2Bu9%2Bixjl6ssjt2Cg6VshRlDao%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abe77f84b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":50132,"size_decoded":12037,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (47995)","md5":"337ce5ab722c2ccec8c586343a0dffde","sha1":"87ea45d0d03ed6ba76ab67c422740684864f2fe9","sha256":"2b0f56f296550c868629d8e893f80f2285622be5427adf900e04102a45624712","sha512":"1787db460e83854d9437e40b44c1ae8837decf634eabf8e7706a49f701e39313cc26ace2e4748ebf67dab66e50728d6d158f78e539601b85d749b9bf2ac190ec","ssdeep":"384:peyoBoIUcYPWuOV8Q+cmOzFkR5E2iCsn+D7MJf+EhKRhOrFzR04NZO6QePLlDZbR:gKc5uOR6MJzKjOpRT6qm7C","tlshash":"943345e8ee8ca13aa813615d178c958d922dfe00afd35a98e9d17138cdc7be31578744","first_seen":"2025-12-20T19:39:47.5671Z","last_seen":"2026-06-18T11:37:36.552875Z","times_seen":104,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/image_4bedd7a8bb870242463c32dd6514110998619883.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.190Z","timestamp":1781716266190,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /image_4bedd7a8bb870242463c32dd6514110998619883.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SXbg0Y04pjjqI2D3aALO%2FcxfMtg3Z%2B6fDkx0YzQWltuM3JaoY%2FYLlQ%2BpIIdIV%2FGf8dMGxh8dJRrZs7LRYAegt9x13gVsp3JVFsnXic2e3EG9SBL6i%2FbjZM1Rss8%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-115\"\r\ncf-ray: a0d3abe7bf90b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":277,"size_decoded":1100,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"84e69edfdc5f95304ca09ecdb8b4470a","sha1":"4bedd7a8bb870242463c32dd6514110998619883","sha256":"99dfaae864d697c0c85271501b1c9d3fa055bbcd5891ff143412e482ddd05226","sha512":"b92795a66c3d7f0691604f8448fa2a68bd1e8627148b5d22b55de5805fe9524246d3130e9f69d5613cf42b4f25b34edee62992238ee14cb56599f268fa367469","ssdeep":"","tlshash":"53d02b15530cad1cfe228510c35c723950ea62521b5e054ce9622235751c59f7d3fadd","first_seen":"2025-12-18T09:47:26.941018Z","last_seen":"2026-06-17T17:11:44.822802Z","times_seen":124,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmVfYzBFYHqHqkBMpomm3TSyCjLSepPSh9k34ZmxJ7Ssh5.gif","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.859Z","timestamp":1781716266859,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmVfYzBFYHqHqkBMpomm3TSyCjLSepPSh9k34ZmxJ7Ssh5.gif HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: image/gif\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-12b2\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=U531rxUW9b%2BYsWarkVGJb60oIoA63tpystP5ZpltHekoJuReVbhImpf3Hr9QaYuQ6W1RoWe15OCZyAE3rR6ouXLUdf1ffrgRXoImO19ad5RjwFGHQ6lbQmMBDwo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 4786\r\ncf-ray: a0d3abebefdbb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4786,"size_decoded":5696,"mime_type":"image/gif","magic":"GIF image data, version 89a, 64 x 64","md5":"b8551b1b1e8f220649f84cdbcd7e0a9a","sha1":"081d88716aab95fc98ea338a6a681ab3e9100337","sha256":"30f0293be08197cee9995eb1e81b4cc261c7b73494def437d4b5cacb6994d525","sha512":"f3ac78c5ef8395ecab46ed85932459d647aec333a62e711fb913d078521512722a72a281e29417e1275ffe2bb8c64041801e63c4b2a3988728a8ef3b1d4942ca","ssdeep":"96:6xqsUsL7UV7C5JznWfZQ3qSkf2lITGW/SV/Q1geAt9M:eUJV++xiqS8LSp9eA4","tlshash":"f4a18e1dcbbca063d08da4bed4fac6b16cec83cd40f070b624205a7da35117527309d1","first_seen":"2026-04-12T23:10:39.57262Z","last_seen":"2026-06-17T17:11:44.823413Z","times_seen":2,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmeSzchzEPqCU1jwTnsipwcBAeH7S4bmVvFGfF65iA1BY1.html","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.187Z","timestamp":1781716266187,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmeSzchzEPqCU1jwTnsipwcBAeH7S4bmVvFGfF65iA1BY1.html HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=5,i\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K9b5O5gRtnxWvC5ZLqqQCJQSKIoVEEyY2XboxpQ7kkjOiPraKYGy81oj%2Fahx24U2zR2WYKyrEy%2FQCvsplJYCf81yQhDFtRmp2aYojh%2BBtFLAEl2zLDNCtGR9KFc%3D\"}]}\r\ncf-ray: a0d3abe7af8eb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32322,"size_decoded":8797,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (553), with CRLF line terminators","md5":"8495515e779da05d681157574ffecc28","sha1":"48b45fda67bdcad15fe2f45d6c71318e61c9a015","sha256":"d278793290fc2b3f2fd2a471e3e35618b42f47cf28af02f9cce13aef34e89ddc","sha512":"7cd743c508b8268e1082e9ca25096ba15bfe3bfec347da47acc77fc7b4859644c06b74790bde22903350574b7c6eea988575e620d4465de1b23b68693fe09012","ssdeep":"192:6+hEiRd767JP+6PYNpL9kXboagS1ZFiNrYE6h/uw/I+Ivzc9VLoVviUiUeHuPMRG:6+hEiRd767JP+6PizNNuzOdKda","tlshash":"ede2a204b0060064593b632affd65b0ceb72a053bb061a6976cd059adff63f862b5f5c","first_seen":"2026-06-17T17:11:44.824757Z","last_seen":"2026-06-17T17:11:44.824757Z","times_seen":1,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":113,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/wallet_solflare.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.201Z","timestamp":1781716266201,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /wallet_solflare.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wYT3008e5Dz7C%2FM5cxcTCz4CDNoV7zRhsQ0SG92saaXyrwFC9ZO3Q1UzcG4bhumUQjneRVCDVmS1itjL%2Bhllzu1lHO5r8EGjWVCBeYoFVveyQlXwRA6WDpukhEQ%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-3fd\"\r\ncf-ray: a0d3abe7cf96b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1021,"size_decoded":1527,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4d559b3c7bf65f2029dd8c0acf2fbfe9","sha1":"9c7d272dfad966afc017026c7cca308f86824e86","sha256":"3657af4bb3ce6c20f8703d7620cd965a6441d0806121cea9c5d013ff793b298e","sha512":"05a78b75739fd9fc440adff181350371dfce5ab8d6f7b3fdf0ef001654657a142bd52ef228fa3bbb248b159b360eaec26a80291797bf168e4f02133ef46ee357","ssdeep":"","tlshash":"a311125a033c3674d6e64d20a528b0c326b2b0c5825471eceab35b722229af244b0a78","first_seen":"2025-09-23T12:59:34.155422Z","last_seen":"2026-06-17T17:11:44.82671Z","times_seen":115,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmdLcScq2z5DpQvnJytceBcuthkX5LYFmwCv18KP3CeEmk.gif","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.842Z","timestamp":1781716266842,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmdLcScq2z5DpQvnJytceBcuthkX5LYFmwCv18KP3CeEmk.gif HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/gif\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-26712\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8avNhVKu%2FkXaD4UgdFMA9q%2BGsiwp7VXFzuktP8jLz2%2FaBxUida7NhiGQL2ZUypGd%2BjlEAI8435OBFLrNMzMb2Or246jo6d5hxPhonjS8NNmqqJG9pknfBm2hSZo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 157458\r\ncf-ray: a0d3abebcfd3b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":157458,"size_decoded":158377,"mime_type":"image/gif","magic":"GIF image data, version 89a, 64 x 64","md5":"1ba5e6e117d2a8e2d7415054c10a91fc","sha1":"7bbd73dc82e9507ebc95ab02b4d4caee581e8d59","sha256":"25401dab4c58195b4611ae45c85a4a37def257be94a7c138e0286c1519b765ca","sha512":"4f5aeadfa1845fbbbc7a891d7fb8ec93fefaa81b82288cbcc3942587ebd20513736a738b745ad7e9e86aea4fee5303cc001af0eaa6171558dcec8c291ae0ff70","ssdeep":"3072:bfrbRR2LcQmL5kzjHWVc1RMe08kP9qHW2VhGdwQ:DrbRRIkLOt1Y8o9AZVhrQ","tlshash":"47f312c0861e54d0e93154bde8f61e957cb88786a2aabc22dc1b7133f4fda6c14bed44","first_seen":"2026-06-17T17:11:44.827393Z","last_seen":"2026-06-17T17:11:44.827393Z","times_seen":1,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmXu9ycmP6BFEcAtFjKdhtLxUiBVy2F3FZYYfoyzRjGM1j.gif","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.858Z","timestamp":1781716266858,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmXu9ycmP6BFEcAtFjKdhtLxUiBVy2F3FZYYfoyzRjGM1j.gif HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: image/gif\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-90d2\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LBKfCFI6kT%2BIAv3Y3URVRWtd9AI9WNyuhyV2ZxCJfz1NNkMi01g5eySMnj7%2Bh6d%2BtBlkj7vN%2Bg2LMZm2zSwZKEcknjDzEndMfr0gBQU%2F0CdsAqTJV6R1JKykAwA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 37074\r\ncf-ray: a0d3abebefdab505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37074,"size_decoded":37993,"mime_type":"image/gif","magic":"GIF image data, version 89a, 64 x 64","md5":"ecbbced24c994c6ab9df2dcac203d857","sha1":"99af6f175139ee24a4a368d4cc02ca2543ddd349","sha256":"198a3573d782b38a6766276e107df8a6027a1ebf1a0c3af98d04bf5e544bc7b5","sha512":"567c81364f0220e18733eac545cee99c73b4c7de836eb4be8ae6147b1c45331bda2dad1e5f399f73b3aca9e5c9a140be8ead5023cb1fde50c06b92cbf05b354b","ssdeep":"768:v4/zXIbZe3kSkle1N7il2aB2T8+cLmNKl+omOHA3wG8wPIJ:vFe3kxwWl2oWpNKl+0tEPIJ","tlshash":"b3f2e1379eb08593dea1b0f534f31f352a6a09f2c60118d74c9cfb5a60b0baa84f2557","first_seen":"2026-06-17T17:11:44.828687Z","last_seen":"2026-06-17T17:11:44.828687Z","times_seen":1,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/pump-logomark.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:08.125Z","timestamp":1781716268125,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /pump-logomark.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:08 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3SizdcDLMn9ulJ4rCby65QA2Rmva8HPMIdb1gK%2BBiDWo%2BZjAkg9Q32plKfU8xdAtiu%2FGgMeF4WlaHtjHS96gxKhlVDTH5p258x9uN5KbbbRz9zlgxKKEc2bMB2w%3D\"}]}\r\nage: 1\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-a62\"\r\ncf-ray: a0d3abf3c8a0b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2658,"size_decoded":2010,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8f63fff8de4385a3e5a132656e5343cd","sha1":"860a2077e73020e3898bbdb847ddbb6a252b8da6","sha256":"b51b06b474d5110c9dd864aa915624a6f4b2d128a289ac48621f69fa42bc6db8","sha512":"c5d475efd0538580110d932ce792335bfa95c9e02fad6bde4e4e4fc11956070a81cc2951eadb6cdf0bb56b14a6feec6349f742db6fef03ced9514797121d047f","ssdeep":"","tlshash":"fa5172ff6b444de5de86c2f8eb252ad7782a24d97120464193d43f2a740236c4d8ac93","first_seen":"2026-04-12T23:10:39.468926Z","last_seen":"2026-06-18T11:37:36.547175Z","times_seen":9,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/math_wallet.jpg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.208Z","timestamp":1781716266208,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /math_wallet.jpg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-3c20\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GIA2BNepqu7vDlROfJ8xcf%2BYI9ejtISFZF%2Bj4YvH%2B9dTX5rGYHUlzwC9jmNeWexN2WQbML7h%2BKqZ9K1cFSOdKlv6F77ES6vBPUpNDrxFMScd1nNBMolQJ9M3EGQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 15392\r\ncf-ray: a0d3abe7df99b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15392,"size_decoded":16310,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 400x400, components 3","md5":"ca7e678bdcb1c57f6507b027a35460b3","sha1":"391a4acca26995c78698b6aebfe613f76bf96504","sha256":"318c8ec85c792f74dbd1c9e0e0c6d2bf0444b72f72cef6ce0d9233b8ec89bd22","sha512":"84de1b6bdfbd89f0057876ae93c05a993ffa57695603e78f3f790e67ca47a0083a919adf01295a93e77ccbc65dbcf4b888f4acbfa634363fb68fd4122b88f451","ssdeep":"384:siQPzejPLrRJmPO12SVCcqxvm/A/gofuW8+iN:50SdMm12YCVxwA/goWVrN","tlshash":"8362c01383603802cd3fb67076c0e722db753a2a445d2da5121fe937af4d8a15d5d1f9","first_seen":"2026-01-13T00:13:53.398076Z","last_seen":"2026-06-17T17:11:44.829831Z","times_seen":100,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/Inter-Regular.woff2","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.627Z","timestamp":1781716266627,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /Inter-Regular.woff2 HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/b1ceb54df6a409e5.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: font/woff2\r\npriority: u=3,i=?0\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-1b2a4\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i8nTj7%2BgLFhBSdlsdrAfmgDciUcjYOgqo706x2yQ%2FMXK2y7cdFPpa1KPQIYYxg%2F%2F6gU91OabAf8EdKSyyeh9fVVPdokPZ%2Bjx1UeoDfYdDLtYO2cQevdRUVdrTHU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 111268\r\ncf-ray: a0d3abea6fb4b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":111268,"size_decoded":112193,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 111268, version 4.66","md5":"3875f83574973c732136a45f628e64a6","sha1":"b7a0b6fbebc40eb29b76cf135c4b7be50b981b4b","sha256":"e06f6b1bc553aaea4e4668023ed0ab0a147129c3107f511bc7d03d361b0ae085","sha512":"c4d06c4d73f83f3bc150ec5c3fc792af04161ec98c298a526b717b09e0f10597c688ea1827c1b54324b809cccd7c8a51e637eb822f192744f16556d0fd5b2efb","ssdeep":"3072:oSVIcbST1rITm6KORAGB/6lp7l8MBrVAPg:oSVIcEwm6xlB/6lp7lzBJ/","tlshash":"2ab312cd46ab0e22c7db93b491ea634d5ab188f8e3b630358993ff31155093723e615d","first_seen":"2024-11-19T20:50:46.185622Z","last_seen":"2026-06-19T20:51:37.570442Z","times_seen":53885,"resource_available":false,"data":null}},"time_used":1208,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1182,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/index_4.html","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.701Z","timestamp":1781716266701,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /index_4.html HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KDvI2BlJLWMhvhMH1mVvJzHknVT5GHZJ7nRCKiVgMieNRCw%2BzoZg%2ByK3PbfurzGOfXHGjhRFmRZG9XbAtpKhs3fkP9MqY20cP7p9P9bk2G0IOjWHikchDeH2rzA%3D\"}]}\r\ncf-ray: a0d3abeaefc1b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142,"size_decoded":973,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"292f74c92c97c686c723a291030cfa93","sha1":"ff7ce2a278d64bb71b8a15797fd10276ea6f0df2","sha256":"baf0572ea402de47c8c0c44f67fe0b4af40bd7bc06f5733bac13f51bb4ac4d08","sha512":"4f34b0d47baba42b1c93958d291540f76e16fb3f67405fec9d87d0d8d57bf4ae454b63e8462a3b238ff1f6306323f7af84e182781658961d0acac1e55b70d953","ssdeep":"","tlshash":"54c02b22dc04480f3d009fd1cb8af1c4c003dc3ce8315c00b867b544e9ac131c012548","first_seen":"2024-08-19T15:34:07.77924Z","last_seen":"2026-06-17T17:11:44.799995Z","times_seen":458,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/secureproxy?c=%2Fjmpd%2F","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:08.624Z","timestamp":1781716268624,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /secureproxy?c=%2Fjmpd%2F HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://pumps.mom/\r\ncontent-type: application/json\r\nContent-Length: 1414\r\nOrigin: https://pumps.mom\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-19T21:50:13.241872Z","times_seen":16560154,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/wallet_coinbase.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.203Z","timestamp":1781716266203,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /wallet_coinbase.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q%2BbF4zgzIwu0KBrI5jHMIFOG3upt7Ktl86GV%2BVFFNHZq0bhbroznemlPXmq292MaUmJcNtbCbbz0%2FJWNt0hwM43xmPPLVNoRpNU8WQ8kbfttJ1p%2BnaQySmFi2%2Fo%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-206\"\r\ncf-ray: a0d3abe7cf97b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":518,"size_decoded":1218,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"03d813a0c0c8a475559c8cec40f5d1b3","sha1":"ea4813335e225371c30a56027e2f7e54e247e5d5","sha256":"eb728f9afa3b934f43dc77e99914c2fe62124c056fa6b1c3d00c8b80c917acf4","sha512":"9444c473e807bbc985a03cf74ad5b06cab25237d848c1fbdb6a1b2622a6dfdfc1271adc19df88b0b503d60b5004c54dcbe4c357b9929e735bc112a4d8e61af5c","ssdeep":"","tlshash":"e6f0246f7438a191093cdf786e3ae6c8cc07db4886c5c6ddd3202f055202f851909a86","first_seen":"2024-09-19T20:57:03.484662Z","last_seen":"2026-06-17T17:11:44.846018Z","times_seen":140,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/wallet_tokenpocket.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.206Z","timestamp":1781716266206,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /wallet_tokenpocket.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iloKB%2BQsOF8DEuSxSlzOVNOUBmlE9N5LTw2MHJYJJpmGajO8t04Vh%2BevkJ7thBIOmLoDVDJGSvL%2Bs9Oozdjmo%2BR3f386Qz5uM1WZcVA%2BTE6Fae3m%2FMLxAqK26nY%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-8ac\"\r\ncf-ray: a0d3abe7cf98b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2220,"size_decoded":1939,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c8b05a7db1289009d5b1cff1fce3c318","sha1":"2960c5887c4fc46e03b54edd9c3a814930adae58","sha256":"8639f1b554805fc4f701a8629deddd603c18f622b60d35f63ad686032b91b549","sha512":"adef4da670e5e225fefa46f3f37dd92a6d92a7414b71b07a208c218bdfbfe349ed4cd022884da8caddf62bdb55aabf6f42b5578fc5f492c2961057833ef552ab","ssdeep":"","tlshash":"a84111e93b94d4505114979b7f7874bcc42bc2c6a98588d1d0517f1f64981fe2d2efc1","first_seen":"2025-12-31T12:24:56.570544Z","last_seen":"2026-06-17T17:11:44.86146Z","times_seen":109,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/index_3.html","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.700Z","timestamp":1781716266700,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /index_3.html HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZR%2FtNVwXDMEwOMwI85XFzZ62tu0CoFpRpQ0SlMWUl4el6%2BML9zHuBGdrbllkgJShFiLFUvWmY98t2Iz%2BIENzbh2IaipGQ9Io7WXYgI%2Fx0XF3H%2B89nju1sAoI1FI%3D\"}]}\r\ncf-ray: a0d3abeaefc0b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142,"size_decoded":979,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"292f74c92c97c686c723a291030cfa93","sha1":"ff7ce2a278d64bb71b8a15797fd10276ea6f0df2","sha256":"baf0572ea402de47c8c0c44f67fe0b4af40bd7bc06f5733bac13f51bb4ac4d08","sha512":"4f34b0d47baba42b1c93958d291540f76e16fb3f67405fec9d87d0d8d57bf4ae454b63e8462a3b238ff1f6306323f7af84e182781658961d0acac1e55b70d953","ssdeep":"","tlshash":"54c02b22dc04480f3d009fd1cb8af1c4c003dc3ce8315c00b867b544e9ac131c012548","first_seen":"2024-08-19T15:34:07.77924Z","last_seen":"2026-06-17T17:11:44.799995Z","times_seen":458,"resource_available":true,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/stream-video.mp4","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:07.299Z","timestamp":1781716267299,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /stream-video.mp4 HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=32768-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: video/mp4\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-2c6b4c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 0\r\ncontent-range: bytes 32768-2911051/2911052\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kECIKgg5dy1FkJ%2F4x5Bv3U3k4JIVkZ0wPW%2FtU5dFnu4GHvUL1XkxBRJq70lyVMMjthUvNqi1yn6Jgzm7S%2BFCpixd01sA3HhR6LWt98ErTTO7fagNmHLmtUQFeUg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 2878284\r\ncf-ray: a0d3abeea80eb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2878284,"size_decoded":2879235,"mime_type":"video/mp4","magic":"OpenPGP Public Key","md5":"86f77ef463f7f07fe66fbf43bcedb80c","sha1":"aae789f246625dc3a561025a7e321be46a4a3c15","sha256":"ab6f9daf7a5ac5c1c3f4df99dab6376acfcd7d1b572377db398abf3773fae038","sha512":"77e603459b6161b872d6e90ea90545df380b31d0d52dbf0398b7c1e4be13df092cb427471987e160122f0340a0ae244ceacb43e7852a9394e7cbe08de0ec5016","ssdeep":"24576:FPJMQohgp507DxGhuFBz1I/3C2bJDAeDqNaOtdu:FhmIPuFF1I/3KeWNaOPu","tlshash":"1125128964f13330ca69637b21ec6d03a7c7f526cafe1b2b554c44a6918b4c3edca947","first_seen":"2026-06-17T17:11:44.863107Z","last_seen":"2026-06-18T11:37:30.616641Z","times_seen":2,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":295,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/b1ceb54df6a409e5.css","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.139Z","timestamp":1781716266139,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /b1ceb54df6a409e5.css HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-2b80\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=o9W2hbE9MtMBNCmnnKbqQbkUV8eRGo6cL5Jp5BZzr4sZ2no9igsZ7eghhXqZZ4AM0Cn67pjZT6eNHPp0Q1oXM8YQpJgUfkF89hZmszPN3sTTlr6UhJRnxQIGEp0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abe76f7db505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11136,"size_decoded":3476,"mime_type":"text/css","magic":"ASCII text, with very long lines (4808)","md5":"4c376c0b3d4ff89c29a839d79a68ee63","sha1":"6a988cb659ecb1de8a1df6a2d10258273fc04f28","sha256":"e2d77f1ac5e7001ef39d20e6476d4c1f05899e2460a6462de0999e179c35365f","sha512":"0afdf5e075996fb522ccd2b9d4c05101c953e863c7f0562f62f5aa1be1c070af7ffa1ff5aab0c2b6f2303c550429ac818aaa49dc0ca9c35bbc50ee91449d3283","ssdeep":"192:R+Xuj1zxMi7ttEtfKmw88YtOkKTuaGXYF:QXs1zxMi7ttEtfKmw88YtiTuab","tlshash":"d83222b1b0b01333661f2402f18b5809efc1a6d58a622fe5e97d93e84ad315522fef17","first_seen":"2026-06-07T04:18:21.474158Z","last_seen":"2026-06-17T17:11:44.865386Z","times_seen":3,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmTbWsPMUHRbCarGWtsGaP2bcynNMvzWMQw5MgVYP9vprW.gif","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.780Z","timestamp":1781716266780,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmTbWsPMUHRbCarGWtsGaP2bcynNMvzWMQw5MgVYP9vprW.gif HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/gif\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-22b27\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yc0NNgvwzVtj4Yf7LTunoq%2BbvtvOPpzkfS6QcUR1kErdRik3PTE58wnlvxGctARXlYjg0iZu7K2mrOkEVOpi2OgY4KrlHQMjBZYUOIsY31RgnS5CBJtLDqT53kA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 142119\r\ncf-ray: a0d3abeb6fcab505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":142119,"size_decoded":143032,"mime_type":"image/gif","magic":"GIF image data, version 89a, 64 x 64","md5":"5a2e6c28f5368cb6e21828050b00f59b","sha1":"cf8c655b5bd0a2e593b15f09e688e02c33df1fbf","sha256":"1dc36240e6ef1014a5674165a37be6cb521d57563e77f6d8240fc09617995a44","sha512":"55e87c1f5e6072fb29dea2c177f42b1a1b0e6c1f110d559d052ffd1032d1b55b283f4a474be9e3c60b345c5cef6a4b25b571e8f20ffda7966eb6222dbecdd88b","ssdeep":"3072:n+MntJ7StAkJYLBXiaHePMOeKb0yQjpYZOIMey:+MtJ7StDYLBXrHjOeKb0hjpY1Ly","tlshash":"67d3024eec690ad0fc162431596ddfae162e6289cc10fb06ec6007e875e506b92f67f9","first_seen":"2025-12-20T19:39:47.743294Z","last_seen":"2026-06-17T17:11:44.866137Z","times_seen":102,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":96,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmZQ6LCgSfsBdLBdnum91jPakrr2t2DKoBUpqzTK2oKdGh.gif","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.839Z","timestamp":1781716266839,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmZQ6LCgSfsBdLBdnum91jPakrr2t2DKoBUpqzTK2oKdGh.gif HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: image/gif\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-2ef0\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rL7SELkVuCxt4vb4w7PkXa6NI7j4hO7m9F%2BTJAAxl1qi7BNQn5O7oWR6tjQUFVeTsVvB9tOm24H%2B1x0ALz7e2XIfWvmWqO6wIToqI%2FvZWCH%2BjHYDVH%2BPC2jT2ac%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 12016\r\ncf-ray: a0d3abebcfd2b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12016,"size_decoded":12935,"mime_type":"image/gif","magic":"GIF image data, version 89a, 64 x 65","md5":"117f36f629e14b134838c1b860ab9cc7","sha1":"3915b8eb972b464dffb80be6adef2de00ca0480d","sha256":"7d696fd2293f7ab19b8977771db7afe7b4b463c30aedbd5304a6795f3401cfc5","sha512":"3dd951b976b290089ac15045ba81b6cc5e5c4ef576ea04212a0c5ca20cf980b59e2ff2cc8431860140754f26f72ff2241b5f795b397157418d1a324e3795ce56","ssdeep":"192:fNaf8+rmCv+9Q1LOgg481XWH5le5KTksRPfsNmI2uQAc1ZVnCG0eRCqG:f8DJFlOg782eAkIfs8puQDVnSeRO","tlshash":"c342beba586c78c4cd4d33ac35d5b727013601ee0840a3aabec8eed8bc7697b7152464","first_seen":"2026-06-17T17:11:44.866844Z","last_seen":"2026-06-17T17:11:44.866844Z","times_seen":1,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":171,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmcU4CrTEXkNqJtx6u5DkEYz34oT1d8Z5JyunFiNeH4Kp9.jpg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.844Z","timestamp":1781716266844,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmcU4CrTEXkNqJtx6u5DkEYz34oT1d8Z5JyunFiNeH4Kp9.jpg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-864\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Xx1PMFV45mD6W9ERTCOO5Jfiuq2RYeCwnewBYxKf3eMJr2ypTA2zzv9MpMlKmL%2F9nIlxvvRKsEre3dvzRuF7V%2BQTIlKsk8S8c8i1LndlRU3VXJ2ZIY61r6M7zz4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 2148\r\ncf-ray: a0d3abebcfd4b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2148,"size_decoded":3060,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x85, components 3","md5":"10557d953391f84d7a1fa7e924661b2e","sha1":"6b891e577fba158a2e76f53ea9d481f9eff7ce59","sha256":"edffee7670095f67a9bfbf94f886193779b8d3e99d76ef78900e4fa8e9358319","sha512":"285002ddd67d31354a6771680df90b5215173d3d66f50a12b5fe113182a0eb504ce7a6f33269a91745988511c02794bdcbe6282963fc47f43d235660d6e0917b","ssdeep":"","tlshash":"83410c3aa76c98d6ed48447bc6893394314474238bfa66dc165a2ac0457d585df04b9c","first_seen":"2026-06-17T17:11:44.868656Z","last_seen":"2026-06-17T17:11:44.868656Z","times_seen":1,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmaNqgSCYuWYtRLfeWsjS3dy29ebXZWLNiSMKx2HjLvoSH.gif","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.853Z","timestamp":1781716266853,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmaNqgSCYuWYtRLfeWsjS3dy29ebXZWLNiSMKx2HjLvoSH.gif HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:08 GMT\r\ncontent-type: image/gif\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-11543\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=phY5s2p9eJE%2FMjua51zjlydFhFLUoy%2FucCJkMV3r1qiOMk58zphKPVZTgZByXH5KZ0E7qcGac1yu3gBs8wc73K2smREViY08YMZkz%2Fvh383Nqt84Ww%2FwvD1z73Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 70979\r\ncf-ray: a0d3abebdfd7b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":70979,"size_decoded":71897,"mime_type":"image/gif","magic":"GIF image data, version 89a, 64 x 64","md5":"0c3df5f415befd315f6186bbaa19722e","sha1":"1c083ef1ba5425a4c1f45635f2a5b173bc805af4","sha256":"a80c13729270f2e7f72b364f906c938e1580e49dc1b62d0e3808b506326e80bd","sha512":"852f246662c425db9019b92cd43ba10ad32e6f1e892dcfdada019440d4acdc685da3fe12a038b0c0de5db2fe7d30df8dd9afde412343453ecb2a8fedbeb15cc8","ssdeep":"1536:rmM3y3pty0Uc+M9RK4R3rCBMUgqHoOgIqmPQdfDaATAzs3hP8LOARxNwVxjyG+aV:qr3pY0Uc+M9R/R3+BMUgqHoO9QfDaATf","tlshash":"8d637c2ec16406f5f67a0af1d04f6dca0a0f9bb948659d2b4d1cb6f139247fe30c466a","first_seen":"2026-06-17T17:11:44.869927Z","last_seen":"2026-06-17T17:11:44.869927Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1218,"receive":52,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/stream-video.mp4","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:07.000Z","timestamp":1781716267000,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /stream-video.mp4 HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=2686976-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: video/mp4\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-2c6b4c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 0\r\ncontent-range: bytes 2686976-2911051/2911052\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=t0X%2FnpT90%2FNW6uUQhlly17WL9OiQbIBkLzRGtKi3HFsPFsl2miKp4mnbUfAdesMNGcVR149dDSxrn94J1fg32ead7bKzjHLfXwDV9uGQOm4OY%2BZ592j4vraZt5c%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 224076\r\ncf-ray: a0d3abeccfe6b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":224076,"size_decoded":225028,"mime_type":"video/mp4","magic":"data","md5":"50be76425bd97896c6ca5ce8b47e0344","sha1":"a1eef451690ac6aa0a5931d9baa34adb398f1bb3","sha256":"fd6873b4eff5bc8529370dc61c4f50d5191fc0539427a8bbaa74fb234724f459","sha512":"7ad7130ef487ae590125bfd488cf30814f34f73b6538cda43272c9bc9befcd95c11ef235415f71fc7727466e1eb6f04ce80172471ae9ed3b40ce6ebff3cea5c9","ssdeep":"3072:iHVTKivHN7GBDZpBX6SoWOpTthBM6GlyXFKDVF6vK3OgZBrncJwnRCf5R8Fd1xTr:WTKi17wDBE5+Qrt61QFF8l","tlshash":"eb248f9dbb04803bd6a15372e8f107243372d4a817d7034f4aaca73d4e993a86eb6dd5","first_seen":"2026-04-12T23:10:39.54337Z","last_seen":"2026-06-18T11:37:36.529856Z","times_seen":9,"resource_available":false,"data":null}},"time_used":286,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":277,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/secureproxy?c=%2Fipfs%2Fdxzs4balKP0d6cpp3_aKYA4e613b5ee615c9fa2914f8c1fe090cfb%3Ft%3D1781716266108","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.159Z","timestamp":1781716266159,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /secureproxy?c=%2Fipfs%2Fdxzs4balKP0d6cpp3_aKYA4e613b5ee615c9fa2914f8c1fe090cfb%3Ft%3D1781716266108 HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\ncdn-pullzone: 5966451\r\ncdn-requestcountrycode: NL\r\ncache-control: no-cache\r\netag: W/\"972d3-ZpAPvXrNLnRPP/B7spYcA6OIu/E\"\r\npragma: no-cache\r\ncontent-disposition: attachment; filename=8aysr46iv3QioNcWnwdPMw.js\r\ncdn-proxyver: 1.57\r\ncdn-requestpullsuccess: True\r\ncdn-requestpullcode: 200\r\ncdn-cachedat: 06/17/2026 17:11:07\r\ncdn-edgestorageid: 883\r\ncdn-requestid: bf07cd6162ab02516fba016f7d352958\r\ncdn-cache: BYPASS\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CIYZixo3LMMW1SvAAbOeRCo8UHI7479COXycMyFnl4Yb7H4GZ5luAi9G%2F0%2B2R0hx2Nkb141NhRdcLWm2YNGQbfb1WBEqBACgPWMNXepsriBnnBMEIpOuwXf5uXw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a0d3abe78f87b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":619219,"size_decoded":140213,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"416efea31395d3b99bd0a5f766490d63","sha1":"66900fbd7acd2e744f3ff07bb2961c03a388bbf1","sha256":"ce71987c6ec33e99bc2ed91f69d049e6eeafb55aff4a184fd60416027ce429e4","sha512":"5abd86ea6d3a14d2da26d13f5cd974b3101bf2e0d132e7d2c5436bbe20c27cd4efc64720583597dcdfc54cac2f3cfb9924686345e9b6db780c4e510423a657a5","ssdeep":"6144:Bh5gDjQDCMEWm7ECNF0gct3VyBKbMboOeC2PYqxQWNahLYzO5WuS2KImDnyJnUCL:JsjQDC6m7hFqa/J/","tlshash":"f8d4becaa73d377f5ae01aab0c2b413fefc80d1e216b09c852d1b8d9527970693d915e","first_seen":"2026-06-17T17:11:44.873752Z","last_seen":"2026-06-17T17:11:44.873752Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1200,"receive":100,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/stream-video.mp4","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.769Z","timestamp":1781716266769,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /stream-video.mp4 HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: video/mp4\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-2c6b4c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-range: bytes 0-2911051/2911052\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GR9gSP6d%2BXN%2FdpP%2FEzaqDwLn7WtgDfQQ48%2FqPKrv7VtnqZmtnfjcW%2Br%2BeQ5SewSW1Sj%2FYBiF%2Fozue6A5svkwG%2F%2BpQxzM8HQbLAXCsoSnQnDtDjuZej%2BgIS6%2FJ%2Fg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 2911052\r\ncf-ray: a0d3abeb5fc8b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":40140,"size_decoded":41100,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"37d6c41be72076de6fa55a5667bc5fc0","sha1":"3ecb9b8cee63e8146e3202fdb0bbc9b8607d7a02","sha256":"d8cc76fc246e35cb8a3ee030378a9f3616de9682cd81c0b5e10ef6b3cad0cb9e","sha512":"508c46ad91341716936b6f501b8064dc9051c64acdbbd72da3603c3ca75a29784468506af31bcfd3609f7d0c5454e51b6d7aebda28a2704cfa21ec96cf42d0f3","ssdeep":"768:T+xWbBa6RkX5CkIcHL1jbvIY9rAuPd7ddLGWUtAkG6p4G4zmc7aUSByM4Z:IWt/kXkkLZDIYx/PRZDB445JSAz","tlshash":"0a03f1b6f59e6bf4943d207fb5c24da31f562940ea767b07920474ba22b74c2cf54a03","first_seen":"2026-06-17T17:11:44.877669Z","last_seen":"2026-06-17T17:11:44.877669Z","times_seen":1,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/stream-video.mp4","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.772Z","timestamp":1781716266772,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /stream-video.mp4 HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=0-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: video/mp4\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-2c6b4c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 0\r\ncontent-range: bytes 0-2911051/2911052\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=FCxxTdzgT9IMkCzg39pHUnuBmGfe3nrbxrlDbk8cX9dXPXurMGuP4DLy1Vs%2FCz60hNlbRvQUZNKQDngh0Dj4qW5JhbzVH2xYFUJPuIGGsZeJJbUkyIwaz4jquwk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 2911052\r\ncf-ray: a0d3abeb5fc9b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":40140,"size_decoded":41083,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"37d6c41be72076de6fa55a5667bc5fc0","sha1":"3ecb9b8cee63e8146e3202fdb0bbc9b8607d7a02","sha256":"d8cc76fc246e35cb8a3ee030378a9f3616de9682cd81c0b5e10ef6b3cad0cb9e","sha512":"508c46ad91341716936b6f501b8064dc9051c64acdbbd72da3603c3ca75a29784468506af31bcfd3609f7d0c5454e51b6d7aebda28a2704cfa21ec96cf42d0f3","ssdeep":"768:T+xWbBa6RkX5CkIcHL1jbvIY9rAuPd7ddLGWUtAkG6p4G4zmc7aUSByM4Z:IWt/kXkkLZDIYx/PRZDB445JSAz","tlshash":"0a03f1b6f59e6bf4943d207fb5c24da31f562940ea767b07920474ba22b74c2cf54a03","first_seen":"2026-06-17T17:11:44.877669Z","last_seen":"2026-06-17T17:11:44.877669Z","times_seen":1,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmRNZ8dzk34RhMMyoSiR4QzHCbSB4Fo9utMMsLG1mtqaua.jpg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.783Z","timestamp":1781716266783,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmRNZ8dzk34RhMMyoSiR4QzHCbSB4Fo9utMMsLG1mtqaua.jpg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-533\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sbDI%2BRI%2FEKvDfodNvdWlzD6DMYKcdsApCeWPKRAr6rUEnKtzsyINA80wLnI7Tyv8mp7qImUFr4q%2BnUO2mzO%2B2nkZ%2Frl%2BVx%2BNF4iS3SZgFPx4WuaS4AXNUBbsUJo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1331\r\ncf-ray: a0d3abeb6fccb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1331,"size_decoded":2253,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3","md5":"2f4e2ec11d224287a3012da780a67ff9","sha1":"4394b071e38e95205a7c1d42e34003a0321d6700","sha256":"7fa8737433a619abe632d305306e6b00201e5a16159ee8ce3b92262081790341","sha512":"e485cac6ec1478e9d874e96fa1f716989b178e8ec17810a3b5a1e99ecb0d50562d71320b74dc7b72e2d4b1699105be6ddd9d31d9d292b554cbe5dbb17c28a384","ssdeep":"","tlshash":"d721c5aebf38e4a3edcea3b407950d326803b9c3105d870a9141ecd510ff042479274a","first_seen":"2025-12-20T19:39:47.628849Z","last_seen":"2026-06-18T11:37:36.520448Z","times_seen":104,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/stream-video.mp4","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:07.005Z","timestamp":1781716267005,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /stream-video.mp4 HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=2686976-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: video/mp4\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-2c6b4c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 0\r\ncontent-range: bytes 2686976-2911051/2911052\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FYAJDl91UuvOTIpUN9V%2F7t5dH7mabeBODNv65Uyx44RcjLkysfLHcy3EIxvOA8qwAcU8l11ZsMVPmzGwLA5zotRQ0a%2B4P90ewSJV1TBWkJ%2FNyc%2FTBIqmoHtqork%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 224076\r\ncf-ray: a0d3abeccfe7b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":224076,"size_decoded":225032,"mime_type":"video/mp4","magic":"data","md5":"50be76425bd97896c6ca5ce8b47e0344","sha1":"a1eef451690ac6aa0a5931d9baa34adb398f1bb3","sha256":"fd6873b4eff5bc8529370dc61c4f50d5191fc0539427a8bbaa74fb234724f459","sha512":"7ad7130ef487ae590125bfd488cf30814f34f73b6538cda43272c9bc9befcd95c11ef235415f71fc7727466e1eb6f04ce80172471ae9ed3b40ce6ebff3cea5c9","ssdeep":"3072:iHVTKivHN7GBDZpBX6SoWOpTthBM6GlyXFKDVF6vK3OgZBrncJwnRCf5R8Fd1xTr:WTKi17wDBE5+Qrt61QFF8l","tlshash":"eb248f9dbb04803bd6a15372e8f107243372d4a817d7034f4aaca73d4e993a86eb6dd5","first_seen":"2026-04-12T23:10:39.54337Z","last_seen":"2026-06-18T11:37:36.529856Z","times_seen":9,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":270,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/stream-video.mp4","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:07.303Z","timestamp":1781716267303,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /stream-video.mp4 HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nRange: bytes=32768-\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 206 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: video/mp4\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-2c6b4c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nage: 0\r\ncontent-range: bytes 32768-2911051/2911052\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NZvWmvIpxfd1cwKDb38k0s1r%2B103LvAmYK5iImkx9bxpZ0H3Tf%2FGrdgJDt6T5Kl%2F3esM7482GnhJDbG%2FdklHyTnoxNs2dNQXu4zzwLR8UG6m0HWvl8TfJ6cb9g4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 2878284\r\ncf-ray: a0d3abeea80fb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2878284,"size_decoded":2879237,"mime_type":"video/mp4","magic":"OpenPGP Public Key","md5":"86f77ef463f7f07fe66fbf43bcedb80c","sha1":"aae789f246625dc3a561025a7e321be46a4a3c15","sha256":"ab6f9daf7a5ac5c1c3f4df99dab6376acfcd7d1b572377db398abf3773fae038","sha512":"77e603459b6161b872d6e90ea90545df380b31d0d52dbf0398b7c1e4be13df092cb427471987e160122f0340a0ae244ceacb43e7852a9394e7cbe08de0ec5016","ssdeep":"24576:FPJMQohgp507DxGhuFBz1I/3C2bJDAeDqNaOtdu:FhmIPuFF1I/3KeWNaOPu","tlshash":"1125128964f13330ca69637b21ec6d03a7c7f526cafe1b2b554c44a6918b4c3edca947","first_seen":"2026-06-17T17:11:44.863107Z","last_seen":"2026-06-18T11:37:30.616641Z","times_seen":2,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":304,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/css2.css","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.156Z","timestamp":1781716266156,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-1dcc\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TVqquUPWml%2FDhtuGuFXdlmss2RQDVDf5Fs0tFa6Q14BeDqRGjd9QeuTjqATSMoRKvKWkRjC4A9H5Ek4vebB%2BB6wNIb7yM05DPcF%2Fm3TfUe7zWksRMRY2KtT93g4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abe77f85b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7628,"size_decoded":1595,"mime_type":"text/css","magic":"ASCII text","md5":"a945690afba190bdf35bdbc8dca91152","sha1":"d93d79ba5c4ff541fb62d683c5d6b488b9f53ba8","sha256":"e3588f89e8f3d36d7befdcd1ad777d37963acce98132704f84f1d7ab2d5e1b4b","sha512":"72a22e14d311d595ee72e60b3ae2692c0cf6745594fab8f6f60c522f0f91a227d67e0dbbbc34e4fdfae78e152a29498981398ad2f56e511e7abe26664268a393","ssdeep":"192:9/NAPt34yaDD/OnIt3/ha8G/rKht3iIall/E5yt3RPaGc:JwSfyGKVm","tlshash":"ebf14490046b9400eb872cd277cf7f376d9da148a045c9795ffd1898acded2613a1b4d","first_seen":"2024-12-17T11:31:53.647668Z","last_seen":"2026-06-19T04:53:26.203072Z","times_seen":531,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/wallet_metamask.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.198Z","timestamp":1781716266198,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /wallet_metamask.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CzfDuyfdcsW%2FLrFo8L8IGSRzJ5GaTYPY9J%2B0pOXqhQ3NmgPOuNkCjaMhuv1V9XoQ0vV6S83W0X5glUu1L5LZsO8WyQ1zux57QKsg5voU%2BTgAT35gUDly6qpAO1g%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-676\"\r\ncf-ray: a0d3abe7bf94b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1654,"size_decoded":1692,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1515717ec860410450bca1a8ff648326","sha1":"d3add77c919057501b4dcc619a2178c3be401b85","sha256":"fe9211cd30dbcbbbf40bc3dab22c8f29e5e8c9159085c524e93ff0d555a4f7e0","sha512":"f51d8d0d53db239f3d0317bfc6e4405a657e6f406764355a29900c8a05b9726b344e2167fcffefe463a99c700d4b115a2fe16bb1b0d5ffcf6b0ff8f72524f545","ssdeep":"","tlshash":"3d311284e1b90bbd180357f0c528b5e375677cae6b6483e8248843b02107befc4d466c","first_seen":"2025-09-28T19:09:38.680842Z","last_seen":"2026-06-17T17:11:44.881703Z","times_seen":112,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/wallet.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.210Z","timestamp":1781716266210,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /wallet.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NfuURTI0iYsmV0B0TzKGjWLUjke9nvEguoXODF4SMBtK4h5T1pU1fUNXv99ogChJMFeCmZk9v3ZmfcrBUwmOw4xz%2Bwrci7PiqzC0UEqfnFmUHwDH3YyR1FyHSBk%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-3e4\"\r\ncf-ray: a0d3abe7df9ab505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":996,"size_decoded":1392,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"574b9e8c157fdcb1f62db13a3974b268","sha1":"d343204cb47e680b7efba0cad8e7958e07e523fb","sha256":"a27e00c9eae8be042d8ca20180bd1c409f3206739500712b9a1d0a99e59e95b4","sha512":"3ffdf84da9d003dddc8359d894c3979b946c946a6cf4fd0b6061a89e32032154bd8db8fe0cb13b6db177f8ee948076d843829477afe32d8c8e9dc31958deef02","ssdeep":"","tlshash":"2511027f131d11d5f80acfe4d30ba4e37a1254a66628f008806658c2fb08d5c5df6ce4","first_seen":"2025-12-18T09:47:26.932536Z","last_seen":"2026-06-17T17:11:44.813486Z","times_seen":133,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmddSKp7Acv6Y2KxaUGVkHF1GKp8peSXdUhMMCbdjSsJ7p.jpg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.855Z","timestamp":1781716266855,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmddSKp7Acv6Y2KxaUGVkHF1GKp8peSXdUhMMCbdjSsJ7p.jpg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-7db\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4CLrJJYo6J6vDMyPViN%2BXvIcNliiSM2bPFOgK9oMbLIdrovrWt6brH%2FemBuEA1czMLuCVCnhRh5UM5L3u3modLfm%2BB10hxX2gacBNT0NwAgT4Xcl4W%2FbNSLiIY8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 2011\r\ncf-ray: a0d3abebdfd8b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2011,"size_decoded":2927,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3","md5":"e88856d087c6be13458322c504bea06e","sha1":"192abeb9e61300a921c37066b4792d56bbce6f0b","sha256":"dc8c317c0fe53b2c2d8809f008ecc29b132a39f4c22f34365cb30faf4e97be85","sha512":"9a4478866733918ec3103946c729b9697ab7213cda8ab50ab9b23f05bf1d7410ff79f0ed58e9f3298b2d08c7d8a867953637862212e56959c9884cf2a65de59f","ssdeep":"","tlshash":"63412cd1c92542d0e6688770a664b31613f59e5ff2dedee30f8c32208346584c3603be","first_seen":"2026-06-17T17:11:44.885161Z","last_seen":"2026-06-17T17:11:44.885161Z","times_seen":1,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/35907fda4c28fba3.css","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.152Z","timestamp":1781716266152,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /35907fda4c28fba3.css HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/css\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: W/\"6a26426b-4b85\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=loYWurSbOyKzZR5ifJIoT8eaMzX8YfmTE5q97d0KFccooBmOtmgNIuM99dMtTmkllZROJo43x62awCUYSG1ci3fTdio%2BbRczi2FW7%2FR1yC8cM4r9uQ9cd%2BNRyZk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: a0d3abe77f83b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19333,"size_decoded":5796,"mime_type":"text/css","magic":"ASCII text, with very long lines (19332)","md5":"42875ef18ebb0e99a71ad1b8b17844ea","sha1":"bc843fb81c83ae9a849feb83daf273e81c945e14","sha256":"2c27a675d98de5722db706d01f648740a913cdd7a82ea9fd6382a1dd191e5df2","sha512":"595e29ad1bd4115f20abfc539a1f6e44237f1a3de3594877e75951e57bf76156075a80cf8fd174477eaba1b43e8d9e55e481b43d692a45e4f564887d1f6ea9c4","ssdeep":"384:vvQAz/wArLLymtEttAhrNHDRW8xQIj4d27UseF2:LLyftANDRW8aIj4DseF2","tlshash":"8592a6bb2530a3fcbd6792076ac985cc6234f1c4da3115ede5a7a2b005cb6d13b26e53","first_seen":"2025-12-20T19:39:47.56599Z","last_seen":"2026-06-18T11:37:36.556351Z","times_seen":104,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmeSzchzEPqCU1jwTnsipwcBAeH7S4bmVvFGfF65iA1BY1.html","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.668Z","timestamp":1781716266668,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmeSzchzEPqCU1jwTnsipwcBAeH7S4bmVvFGfF65iA1BY1.html HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=5,i\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EiSdQShYV30Fr1kahJ9BGlWLouJnG7EmR5Bjr9cVd%2BF1m9DAdONWGNyj5Eumom5HHDFnrqFUefBvp9soTGZZZlvrEfQhMMi41TSxPASVgK4D3oTUxrTykde1hxY%3D\"}]}\r\ncf-ray: a0d3abeabfbbb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":671889,"size_decoded":57927,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (553), with CRLF line terminators","md5":"27e137c1f85946fa0715f6c086290a49","sha1":"8afd39fb849f069fb4c842cd469675e0ec5dd0a2","sha256":"f55311fcc52f66dd609377bce0325baaedb5561d93c91684c70b072c060fb82a","sha512":"f97c8ecb820edfd02189f131a6f444e81e47723e4e5f9467ae6d97f208cd5f14fddd8c011cea2907de2327d87ae4541605b7103eb6b7146f8e908a9b4f0f5142","ssdeep":"3072:hNN124Zc7eRh3sgKqF92VO19Vxy3bl5eYVRcxEkkNMla3L62bHULSY6kHOmtHXdS:hNN12IMeGqHUPgW","tlshash":"f4e4e6b1f1d012aa543bc37af666ab5cea86613bda13914873fc16a72f70c975c0358c","first_seen":"2026-06-17T17:11:44.820655Z","last_seen":"2026-06-17T17:11:44.820655Z","times_seen":1,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":101,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmPWTD2Yn5JiCzc11diHwvd7YQ5NnviYhGjcDj7CkmQr1S.jpg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.851Z","timestamp":1781716266851,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmPWTD2Yn5JiCzc11diHwvd7YQ5NnviYhGjcDj7CkmQr1S.jpg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:07 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-713\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dFFsANSJnRsyW2s8JEYI8ueCZGGjgoauC3qppXRyxUMo4qH0gpBhoooNuT2134djeDYP8eGfU%2FG4KbJbKqE16eGprIlitguVmiKOarAUkKas1QFm8HE6qpcIKJQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1811\r\ncf-ray: a0d3abebdfd6b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1811,"size_decoded":2721,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3","md5":"a5fcb4865c7c039aa2c94de38fe78f77","sha1":"2adaf0e4b7533a56360f9e02ca046b07e591be36","sha256":"64a86f89595ead6a6c862cbd421873d918cef2d128262e252e940b8561259235","sha512":"623b6b64a571b8290e2a502c5dc36f63b533671bdb0093eb5c406521bf1378b88a0e55d52be50d5c09c902edcda67781b88f34070508f8525d66185c74e0cb98","ssdeep":"","tlshash":"c331c5662936d1d3fd568838e8deb760674c70aba096db0cb08862f15e571eacf21718","first_seen":"2026-06-17T17:11:44.88772Z","last_seen":"2026-06-17T17:11:44.88772Z","times_seen":1,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/image_6499a8936200143cdbce9dd84f628c77ed25c7cd.svg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.192Z","timestamp":1781716266192,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /image_6499a8936200143cdbce9dd84f628c77ed25c7cd.svg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Apd7ZsnB7QP%2BRHNgHpFPp8nC%2FdN2l0ADVK8efLOUlo8Wkp47G%2BbTTbA6iXQz0copFjVxKa%2FFcZmebVVTTUsWwf0MFQH7KDNty6l6y%2Fz0UuXxTXqInmbfa9bJzuU%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a26426b-89b\"\r\ncf-ray: a0d3abe7bf91b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2203,"size_decoded":1870,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2453bde6c21392341f27c6d2152db2cd","sha1":"6499a8936200143cdbce9dd84f628c77ed25c7cd","sha256":"5fd26b35cde9423feac2a555312cd5a8e32bc07d934c59e6b750bdbdebac5049","sha512":"8417ad500c4643fcf4333cede2ac6b93051a97d29bea9e731d317156d357c3d8e394dce7a25e213bf07851b2168ab3a982473e298aa4d8ff7b41400e56dfbe35","ssdeep":"","tlshash":"a54181ecb71498bcea9807bfb61420d8361981f93a2740de903e339034219adc414ccf","first_seen":"2025-12-18T09:47:26.931007Z","last_seen":"2026-06-17T17:11:44.888891Z","times_seen":120,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmaEKip6kK7sTCX1TLqfcK7dS2x5hGWhVP2D33P56ZZ4Kq.jpg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.849Z","timestamp":1781716266849,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmaEKip6kK7sTCX1TLqfcK7dS2x5hGWhVP2D33P56ZZ4Kq.jpg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:08 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-19ac\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EkX9WroFKRLfrip9dDWyfqzImpA%2Bv3HTXOh%2BfdjRhc7EIgQ3YqBDuiTEQyoWYf8TnotO7rl%2FJMwNKphWOINkxADNGmxlrzLL4Yvca6WIsML7W%2FM0r32oeRKHoNY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 6572\r\ncf-ray: a0d3abebcfd5b505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6572,"size_decoded":7489,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x96, components 3","md5":"7a9d8ca399190526f201a6079a089e88","sha1":"8906449b4e1b9b81a35ac1ec017806d2ac809ba1","sha256":"cc8f0b46c9fde8dc3f912a4dea7ea4c976d5e97f901daa0813fa0c8a559cc37f","sha512":"1a1ba8c027694afd3100f2ede727a06b6ead677f5b8cac8ee5dd3d674417764b7d0d45b67996f5f192ac4bb2bb408f6542e7ea08e77b4ed4ab0cba8f75256f11","ssdeep":"192:gwajebVfrXUwa2HNaUKeFH4+5C7L5fJ3HrEgD/Og5:xFxEwBUeS6+fJbEK/L","tlshash":"fbd19f50ff57f89bfda5673c34283be051a37f812454f8a50c0c01a67531dcb2a58d64","first_seen":"2026-06-17T17:11:44.889576Z","last_seen":"2026-06-17T17:11:44.889576Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1169,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/QmNa1AZq4wdhJpVEt5D5kDriNPAUFFP5PjhehT36BquQqi.jpg","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.183Z","timestamp":1781716266183,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /QmNa1AZq4wdhJpVEt5D5kDriNPAUFFP5PjhehT36BquQqi.jpg HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: image/jpeg\r\npriority: u=5,i\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\netag: \"6a26426b-6b3\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3QgFdudASIWT5YMkC5osYn2Ohrt8zScGKyMxjQbiEIRoFibqE%2FTHNgddL88G01Sk20mCrK2b5AMSqB1jZXGaLZAR%2Ft86oRSjJYAaRni0v2Enb03nindbJ3LLdzU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1715\r\ncf-ray: a0d3abe7af8cb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1715,"size_decoded":2627,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x63, components 3","md5":"1d23c0100a797fb2c494136293958d79","sha1":"c22b2396d8081a29fdc70f867d278e523e4f7919","sha256":"25541c2e919c1130cde9b1844eb21786a942dfdbf592c70155c2cfed4f2422f6","sha512":"6ea445d656a550e104e0457a2dacb027fb87e47ef99b2fba1afd3373452549aeea2e4733b71f28b89ddbb9ce7cea70c13912cdd01f8cd5065497bab521fcf787","ssdeep":"","tlshash":"3031f82aaf1393e2f8ccc3b06ba3275bf69458bbc3b247015e40226608e72519740759","first_seen":"2026-04-12T23:11:38.130434Z","last_seen":"2026-06-18T11:37:36.542786Z","times_seen":6,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pumps.mom/index_1.html","fqdn":"pumps.mom","domain":"pumps.mom","tld":"mom"},"ip":{"addr":"104.21.22.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://pumps.mom/","date":"2026-06-17T17:11:06.696Z","timestamp":1781716266696,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pumps.mom","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 02:11:10 GMT","end":"Sun, 06 Sep 2026 03:08:55 GMT"},"fingerprint":{"sha1":"EF:1C:DD:04:5A:9E:82:1F:95:92:A6:34:B5:42:02:E0:A2:32:C3:E5","sha256":"72:53:A4:33:95:36:BB:61:21:AB:A2:BB:86:6E:CF:98:32:B3:DE:5A:8C:0B:AB:33:FA:24:7A:C6:37:D7:7C:B0"}}},"request":{"raw":"GET /index_1.html HTTP/1.1\r\nHost: pumps.mom\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://pumps.mom/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Wed, 17 Jun 2026 17:11:06 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Mon, 08 Jun 2026 04:17:47 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VOQusleChBkqtkRsoBGQJVjzlUuwtRb2GkSWiQgLoCNLGFnUENyZRaZ26tmV0sP9N8nuYEmpuei1KraqKDCcmzHRnOURcLFt92wbzfrK%2FtB7ML2xOtIno8yz1t0%3D\"}]}\r\ncf-ray: a0d3abeadfbeb505-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":142,"size_decoded":971,"mime_type":"text/html","magic":"HTML document, ASCII text, with no line terminators","md5":"292f74c92c97c686c723a291030cfa93","sha1":"ff7ce2a278d64bb71b8a15797fd10276ea6f0df2","sha256":"baf0572ea402de47c8c0c44f67fe0b4af40bd7bc06f5733bac13f51bb4ac4d08","sha512":"4f34b0d47baba42b1c93958d291540f76e16fb3f67405fec9d87d0d8d57bf4ae454b63e8462a3b238ff1f6306323f7af84e182781658961d0acac1e55b70d953","ssdeep":"","tlshash":"54c02b22dc04480f3d009fd1cb8af1c4c003dc3ce8315c00b867b544e9ac131c012548","first_seen":"2024-08-19T15:34:07.77924Z","last_seen":"2026-06-17T17:11:44.799995Z","times_seen":458,"resource_available":true,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-17","alert":"Sinkholed","trigger":"pumps.mom","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}