{"report_id":"d3223ca5-d8c8-4013-b380-725e2277479c","version":6,"status":"done","tags":[],"date":"2026-03-13T04:09:49Z","url":{"schema":"https","addr":"trader-pump.fun/","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":0,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"trader-pump.fun/","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"title":"Pump.fun Cashback | Get 30% Back on Rug Pull Losses","dom":{"size":35787,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1429)","md5":"540339387d42b5429d30e6cd8199f571","sha1":"9aea54a9d4690dee3edb3d1cbf0803341432b995","sha256":"505512d0774979f010f4d5cadf150fcb3795a6040b3a2f55f513ccca5cd9551a","sha512":"a540503d9094ec5f37ba972c351b733d4c81b528757d5a0fad50736a04284532a4c6c9dbd456c29d98cc20d32f051dd51d66051ea85117466178ba97f100e780","ssdeep":"384:kpso1sFs91zZXLpiKnBmY8d3hT28lrik3bF0:kph1Oqt9Rmt9c8lFbF0","tlshash":"11f293a452f4183e70438395db76733f2eaaa1a3960e5104b6bc06b4af85dcadd371dc","dom_hash":"domhash8e17d2efe2288bf9ec2d2cbe9cb7ebc3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"trader-pump.fun/","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":0,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-17T04:09:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"pump-helpy.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-13","alert":"Phishing Block","trigger":"pump-helpy.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"pump-helpy.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"pump-helpy.fun","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-02-28","domain_rank":0,"first_seen":"2026-03-02T13:24:08.192142Z","last_seen":"2026-03-11T01:40:58.899732Z","alert_count":3,"request_count":1,"received_data":3442,"sent_data":448,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"trader-pump.fun","ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"domain_registered":"2026-03-05","domain_rank":0,"first_seen":"2026-03-13T04:09:49.683572Z","last_seen":"2026-03-13T04:09:49.683572Z","alert_count":13,"request_count":13,"received_data":999872,"sent_data":6239,"comment":"","tags":null,"fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"PHP:8.3.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"trader-pump.fun/","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"651ac366f9feddc4d14e2e8e8eaa6043","sha1":"5a0b8482475b42672b30a40b4aba691f81820c07","sha256":"359f53445f59a557670afab0d771881e00a57053d0e2b996b165938ea8ee6efd","sha512":"e32e479b0f04a5f87c9f3f692eac37056a13b5bfd5b090b1a245a2277eb61e1d2ffa227a04e514f568e64d072b8847f3d0395afb3a6d256ea1063c44e329aacb","ssdeep":"","tlshash":"a5c0227491f44c311abe00db32709640302024ae4553608682bccfcb22d8e844f04820","size":187,"data":"","first_seen":"2026-03-03T10:32:52.113198Z","last_seen":"2026-03-13T06:09:34.056246Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/XhjIRijk.php?s=%2Fipfs%2FDz18gwzuGzxm9J8lEkk95Q180f5b5bf61bc8808bcbaf69f6ff97d1%3Ft%3D1773374967831","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9df0c3429190cf3de8a47393726c845","sha1":"18045ee411fdd5588afeb56cc40ab06abf7e4ab6","sha256":"d1ea09add15ef015ab2156d8b84abf1e16e2c25955495cd45e871660d650ebd9","sha512":"036eed666e205f521d339b693211115b03c91f465d5094db6baa8acf9b42bb249dd6cc80a80254d1a99bff4d180273f54d6d301bab334041114fa2c551595903","ssdeep":"6144:qh5gDN6Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qsNZunzvlzSWP8p0Q+Bz","tlshash":"22d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd098b5e379b8351e5998","size":634356,"data":"","first_seen":"2026-03-13T04:09:52.514612Z","last_seen":"2026-03-13T04:09:52.514612Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"pump-helpy.fun/images/pump-logomark.svg","fqdn":"pump-helpy.fun","domain":"pump-helpy.fun","tld":"fun"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:28.169Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pump-helpy.fun","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 19:42:02 GMT","end":"Fri, 29 May 2026 19:42:01 GMT"},"fingerprint":{"sha1":"E9:09:79:78:65:C0:98:17:BC:DB:39:29:B3:4B:2F:29:34:F8:FC:C2","sha256":"07:75:B7:1B:80:AE:1C:6B:BE:50:5D:BD:BB:47:22:85:66:60:0B:95:8D:0A:10:F9:B7:31:7D:F5:6B:A0:05:98"}}},"request":{"raw":"GET /images/pump-logomark.svg HTTP/1.1\r\nHost: pump-helpy.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 13 Mar 2026 04:09:28 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nx-frame-options: DENY\r\nreferrer-policy: no-referrer\r\npermissions-policy: geolocation=(), camera=(), microphone=()\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aonyBi85N%2BEwdusg10Z1QE9YnSpZSsi%2B12Ph%2F9FLVBg2V2OX4pfAHDXHmFqN%2BIH7NsvMTVXp2IDQGU5ptWLWI519ZTuSaJnnJ2yLQ9KY\"}]}\r\ncache-control: public, max-age=14400\r\nlast-modified: Fri, 27 Feb 2026 12:45:37 GMT\r\netag: W/\"a64-19c9f2215bc\"\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\ncf-ray: 9db82eefbe394e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2660,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3e13e575d784e1c0623f9eec1240b21d","sha1":"b37951e967df5b53bd4446b1a3e48c1bd56d9a42","sha256":"8d3ae3eadbf555b9f5302c2c31429ff8420e90eb8eaee34b3fc0e7781566f1ba","sha512":"218ec60489e62cdd55510bb31f30c9b0b149aeec374501ed9b04d7003409a39df4883038765a7efd829af3e534a83c60ce58ea742bc79065ef0b28879c442279","ssdeep":"","tlshash":"7c5172ff6b444de5de86c2f8eb252ad7782a24d97121464193d43f2a740236c4d8ac93","first_seen":"2026-02-20T15:35:56.995338Z","last_seen":"2026-06-12T12:17:10.886629Z","times_seen":158,"resource_available":false,"data":null}},"time_used":155,"timings":{"blocked":-1,"dns":77,"connect":1,"send":0,"wait":53,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"pump-helpy.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-13","alert":"Phishing Block","trigger":"pump-helpy.fun","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"pump-helpy.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/chat-support.css","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /chat-support.css HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"37c4-69a9593f-64535e022c2dd691;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 2713\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":14276,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF, LF line terminators","md5":"e7b1486c350960d2e159fab373273845","sha1":"602259772e9a91c32b4c914e2f1263678967f03f","sha256":"b911a220da794ecf28d5690d69e2799203f9064b844c6b2bb601858976ac4c0c","sha512":"76e8f194e7007e3e0f8e283e03b19c7735508fde045c72ae8fb6fc3e95a5e0e4c80f3b3d515810c1ce902131313af84bdbfd9209ab245112eb82efedd934b60a","ssdeep":"192:1RjmabwEOS9ei+DVDU6NVFnxiTQ+V10yxxpgTVSpcCpBxTV6g/8v49M9V4A6WwcH:JSrSVzBSo+4v+","tlshash":"a5523278d601506a7a77a7b4afa94605e2a910439b03417f7bec51b90fb23fc8261fdc","first_seen":"2026-02-25T13:18:14.499293Z","last_seen":"2026-06-12T12:17:10.885659Z","times_seen":112,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/css2.css","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /css2.css HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"2c6f-69a9593f-6b0a722d747fb7b6;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 624\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":11375,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"2d16eef99ead716acb3eb2f5e917792e","sha1":"1caaecddcfe59dcb512b1c8436f95a964d7ea006","sha256":"4883188fb11e4c3bca4dc1638922b425bb81733b8a0cf1825a18abbac2ebddc3","sha512":"2b03060becfdcef70d6d52a3036f94201fba068dab01a7bf6912d0af9642fd7fe6c14d8661de5ed0967d63dae5134a8ef5c593f216d08020777c361baddbdc5d","ssdeep":"192:9TNSbO34o5DMTOB0O3/v581Tro9O3iS5lWTEv+O3RB5GXTxePO3kU5Hp:NvWsk1i6kbp","tlshash":"39327a91002b6400a7a71cc277ce3f3aaedd6044a049da782ffd0d8a6cdeda953a575d","first_seen":"2025-09-08T14:20:32.7916Z","last_seen":"2026-06-12T12:17:10.890586Z","times_seen":82,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/pump-logomark.svg","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.865Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /pump-logomark.svg HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:27 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"a64-69a9593f-f548cc6ed22c3c7d;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1050\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":2660,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3e13e575d784e1c0623f9eec1240b21d","sha1":"b37951e967df5b53bd4446b1a3e48c1bd56d9a42","sha256":"8d3ae3eadbf555b9f5302c2c31429ff8420e90eb8eaee34b3fc0e7781566f1ba","sha512":"218ec60489e62cdd55510bb31f30c9b0b149aeec374501ed9b04d7003409a39df4883038765a7efd829af3e534a83c60ce58ea742bc79065ef0b28879c442279","ssdeep":"","tlshash":"7c5172ff6b444de5de86c2f8eb252ad7782a24d97121464193d43f2a740236c4d8ac93","first_seen":"2026-02-20T15:35:56.995338Z","last_seen":"2026-06-12T12:17:10.886629Z","times_seen":158,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:27 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"bd94-69a9593f-4e950789ff09b496;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T14:32:26.03549Z","times_seen":209859,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:27 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"bd94-69a9593f-4e950789ff09b496;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T14:32:26.03549Z","times_seen":209859,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/pump-logomark.svg","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:28.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /pump-logomark.svg HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:28 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"a64-69a9593f-f548cc6ed22c3c7d;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 1050\r\ndate: Fri, 13 Mar 2026 04:09:28 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":2660,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3e13e575d784e1c0623f9eec1240b21d","sha1":"b37951e967df5b53bd4446b1a3e48c1bd56d9a42","sha256":"8d3ae3eadbf555b9f5302c2c31429ff8420e90eb8eaee34b3fc0e7781566f1ba","sha512":"218ec60489e62cdd55510bb31f30c9b0b149aeec374501ed9b04d7003409a39df4883038765a7efd829af3e534a83c60ce58ea742bc79065ef0b28879c442279","ssdeep":"","tlshash":"7c5172ff6b444de5de86c2f8eb252ad7782a24d97121464193d43f2a740236c4d8ac93","first_seen":"2026-02-20T15:35:56.995338Z","last_seen":"2026-06-12T12:17:10.886629Z","times_seen":158,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/XhjIRijk.php?s=%2Fjmpd%2F","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:30.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"POST /XhjIRijk.php?s=%2Fjmpd%2F HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://trader-pump.fun/\r\ncontent-type: application/json\r\nContent-Length: 1438\r\nOrigin: https://trader-pump.fun\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1438,"data":"{\"route\":\"n9POyFeFG1tUtiSU-z9JOx3n\",\"payload\":\"0hqM-6_N52QBvAKvAikADQAHAzUDIgDeAi4AAgEAPgMAAO8nhn2XtsKCARqaK0qfn8tuuFIiWWYCAABwx2hQjHOJu3ikAI7uNCiP3jNxJXZt5YbhwiR-9KTOpLgr9abjSfOdwU4iTQUfnw4fxzoCQEPaP6XsqtYMDDckAHlAwt9Ve2bQ9248gb-HYbZFUcUUMehLFUPWhZ3zwfW2ct6BBq3mUA5JA3Y1N366q-KLjwreSWcAkTtgnQaCeKODhtDWRqus7HQ6OWM1yPSslShfOFReWqFD6gnFXKaSvLQRp1O5IqWqn1FZ3U7tOmP_vjJyM3NUAnuOdSwB_DCQSawE37FqnEwkHOxAEYHTMSLtEN8QpJlWi-GSBFHVHij6p4W8TWt9hLMeXdofrSR7H-cZlJQwDhiAsFVYeLCf7FmUroop9uq49RwiwOdxCup90dMSTWme1WtcrLtdabKbkW8CWtRzyktynqlY8pD-tPP9X1te6hi-nRWMWLCCnzEoRxa2TcwEU2gLo6kev0qWTwtD9MxCtjDWQSV7USYYe9YUcF7pMQO5Eu4b7jxn1U1lvh1cVGpP3wovmCRbdg6I4IPd3ts_sMngt8c0I63bsrr0jkMhnRngJMqoq4Z-l_iEgJaiFeT-4tvcaPKhfdtLpPrmbQxVjFvBssXr-Crojw20wtaQ9zp2SZ1MGESn0s5YaaAEl0KPVKYTNwde5nFs4bUOvwTrYy7cqMNPOhARb_YKHcyGacBUE4RTFR2pNw0LINWnUnXwA9hHZbOpx5y42U0sYlGLekDSMc9_2VvYcMZVCT5q8JCKBZvnNZ89BbeSZXgC91xBtM58JR5WBLvvUJ7vceH-DF61CQNxCA6LMMXOaRLXV2igXkpK2L6IZu3KklswAe1vgLoHyPui5i5YoFoM5HjHL_aMbnRFFTVIpn_OWbu2wHBmFAKwRPj-Rc9ntIMrztXW3bgqL_XBpx7pJ1bmt04Pqc7jJUoBJh7_PenaReEWLBLx4e1VCZzWVZorpMd2Gigue5bdXO4ILuqIAXuV-8v8DYIYgcZHB1XbSv0OcJKrpYMVgXic_IqYM5ZQgYGtVxXdYLXsXIdJyf2wf5kMYCSOLa5sPGOoWlNOU4f0l18vCuAjIk0132lpPfRh6ipmSqSYHh8zhvB0JvVnTMMDWkbGijo0K4RILbb6-WZSJpYwfKUwAWWvC0togiq1cv0JEA\",\"challenge\":\"eyJpZCI6InBZdHNVRV9DZHJHaG9NTVFoa3pzYmciLCJub25jZSI6MTUxLCJoYXNoIjoiMDBmNzUyNjdmNmFkYmMwMzUzZDM5ZTQ3ZTBjZTRjMDFmOWFlMGYzMzg4ODlhODMyNTcwZmI3ODM4OGE4ZDVkZiJ9\"}"}},"response":{"raw":"HTTP/3 400 Bad Request\r\nx-powered-by: PHP/8.3.28\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 15\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 13 Mar 2026 04:09:30 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"PHP:8.3.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":11,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"825644f747baab2c00e420dbbc39e4b3","sha1":"10588307553e766ab3c7d328d948dc6754893cef","sha256":"7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa","sha512":"bfe6e8df36c78cbfd17ba9270c86860ee9b051b82594fb8f34a0adf6a14e1596d2a9dcdc7eb6857101e1502aff6ff515a36e8ba6c80da327bc11831624a5daea","ssdeep":"","tlshash":"6550003300c0300cc0000000cc00cf00003000003000003300000cc300000030000c00","first_seen":"2023-04-05T23:04:48Z","last_seen":"2026-06-13T03:32:14.412746Z","times_seen":10330,"resource_available":true,"data":null}},"time_used":638,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":638,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-13T04:09:27.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"8ad7-69a9593f-267d3ea95c7c894b;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7193\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":35543,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1317)","md5":"31cca38379ac40a1698e75412a6929bd","sha1":"cf427243308b5742573ad5d6ae61e7bec8593b63","sha256":"05634610a23d2718a80bf5f4057838f4532b51df74a42f0a38427e97a33f2b30","sha512":"0ebb18f3b3f9930bd8f4ce100609be35f0da8fa6302c4c97b6e5f3ccd73792100176e2b3e448fbf4e688e3a269422c616cfd1417ccd414eaaececdba18f930aa","ssdeep":"384:k4so1sFsmzZXLpiKnBmY8d3hT28lrik3bF0:k4h1On9Rmt9c8lFbF0","tlshash":"0cf293a452f4183e70438395db76733f2eaaa1a3960e1104b6bc06b4af85dcadd371dc","first_seen":"2026-03-03T10:32:52.10806Z","last_seen":"2026-03-13T06:09:34.047217Z","times_seen":7,"resource_available":false,"data":null}},"time_used":720,"timings":{"blocked":341,"dns":64,"connect":28,"send":0,"wait":30,"receive":1,"ssl":250},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/styles.css","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /styles.css HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:27 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"c474-69a9593f-6c3334ae5a02dbce;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 7390\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":50292,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF, LF line terminators","md5":"b43c724e6677a1679df9ef3dad996ce1","sha1":"2f71b79e5a1c3bab710e23175f850665086f936f","sha256":"2fc99c040a6ccae1cf1e40364120eb8d84ee06bb5280eaeaa047b770c43795c5","sha512":"0caae2983614aa6dae10db7326d6281cdd03762fb2c394a73144ae4235a8edd973ece9f5b86e3a27df4df5ed8c7d362441dbae985040fdf145186df849ce4b16","ssdeep":"192:evmd5M1c3vV4oUqt6R9AaqHGIL7POqqXiqJcTNNYUPetnkXhBI5Y8oz1S5fFJtUI:e2tt6ix+oz4MH2WDQgb3Q5GfJh9vxvq","tlshash":"17333158a71561a66633bbb4aff60719f298a0539b02456e7fdc22450ff13bc41a2fcc","first_seen":"2026-02-20T23:54:40.355055Z","last_seen":"2026-06-12T12:17:10.889818Z","times_seen":127,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/XhjIRijk.php?s=%2Fipfs%2FDz18gwzuGzxm9J8lEkk95Q180f5b5bf61bc8808bcbaf69f6ff97d1%3Ft%3D1773374967831","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /XhjIRijk.php?s=%2Fipfs%2FDz18gwzuGzxm9J8lEkk95Q180f5b5bf61bc8808bcbaf69f6ff97d1%3Ft%3D1773374967831 HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nx-powered-by: PHP/8.3.28\r\naccess-control-max-age: 3600\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, HEAD, POST, OPTIONS\r\naccess-control-allow-headers: *\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 13 Mar 2026 04:09:29 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"PHP:8.3.28","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":634356,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"b9df0c3429190cf3de8a47393726c845","sha1":"18045ee411fdd5588afeb56cc40ab06abf7e4ab6","sha256":"d1ea09add15ef015ab2156d8b84abf1e16e2c25955495cd45e871660d650ebd9","sha512":"036eed666e205f521d339b693211115b03c91f465d5094db6baa8acf9b42bb249dd6cc80a80254d1a99bff4d180273f54d6d301bab334041114fa2c551595903","ssdeep":"6144:qh5gDN6Euno4xvlISDhTl0WHvfUp+v+9J87XGQOwOyyGpMy:qsNZunzvlzSWP8p0Q+Bz","tlshash":"22d499c08b4c357364802aea15fb446fdfdc0de82e4be8536bd098b5e379b8351e5998","first_seen":"2026-03-13T04:09:52.514612Z","last_seen":"2026-03-13T04:09:52.514612Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1282,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1282,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:27 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"bd94-69a9593f-4e950789ff09b496;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T14:32:26.03549Z","times_seen":209859,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.957Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:27 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"bd94-69a9593f-4e950789ff09b496;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T14:32:26.03549Z","times_seen":209859,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trader-pump.fun/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"trader-pump.fun","domain":"trader-pump.fun","tld":"fun"},"ip":{"addr":"145.79.20.143","port":443,"asn":0,"as":"","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://trader-pump.fun/","date":"2026-03-13T04:09:27.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trader-pump.fun","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Thu, 05 Mar 2026 09:22:23 GMT","end":"Wed, 03 Jun 2026 09:22:22 GMT"},"fingerprint":{"sha1":"77:44:BF:D3:77:23:D0:42:CD:E6:B3:2D:28:96:A1:A5:C8:F0:FA:9B","sha256":"12:1A:77:E2:08:33:53:FE:C2:70:6C:FE:2E:1B:87:10:FD:10:1F:79:7C:BE:6C:51:21:60:0E:85:B7:D2:4C:3E"}}},"request":{"raw":"GET /UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: trader-pump.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://trader-pump.fun/css2.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 20 Mar 2026 04:09:27 GMT\r\ncontent-type: font/woff2\r\nlast-modified: Thu, 05 Mar 2026 10:21:51 GMT\r\netag: \"bd94-69a9593f-4e950789ff09b496;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 48532\r\ndate: Fri, 13 Mar 2026 04:09:27 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-06-13T14:32:26.03549Z","times_seen":209859,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-13","alert":"Sinkholed","trigger":"trader-pump.fun","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}