{"report_id":"d89a462c-89bc-4cc9-a626-11e64cc3c665","version":6,"status":"done","tags":["microsoft","phishing"],"date":"2026-03-22T12:51:41Z","url":{"schema":"http","addr":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","fqdn":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.14","port":0,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"final":{"url":{"schema":"https","addr":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","fqdn":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","domain":"arweave.net","tld":"net"},"title":"Sign in to your account","dom":{"size":19470,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (19110)","md5":"0bd6945d4b17247aaf1de765766bae52","sha1":"d1070448137a23216fe95e7f9ad92fcaf1713b1e","sha256":"d4cb46c70b4c2d01b2870b5c4d74b94acabbd5fab08b16239f360832e2a32403","sha512":"f0314e3ba5009f25671a91ab963b6da215e621eda2a87a9b3418d58ede097fbabffcccfcf84097819de43110183da1645081b0d6d7fa438564e604e2e6842e0f","ssdeep":"384:y7i76pyFJ7eFJ7ecR7ec47Dd7747R7RqytPhgTwZz08B7W7L7m7J7L7GqGs+7som:y2OWCDCcRCcQNEldtOioKCXStXygTL","tlshash":"0192f9f6b0111e7a53ab9db9f033d204312ae64dc3038d60ed7c8a9416ffd19f52699a","dom_hash":"domhash9ed2d8b99fcf27da555495cc696aa162","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","fqdn":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.14","port":0,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-26T12:51:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"summary":[{"fqdn":"cdn-jm-tools.web.app","ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2019-01-08","domain_rank":0,"first_seen":"2021-05-28T20:34:17Z","last_seen":"2026-03-18T19:00:18.00867Z","alert_count":0,"request_count":4,"received_data":109282,"sent_data":2197,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Firebase","description":"Firebase is a Google-backed application development software that enables developers to develop iOS, Android and Web apps.","website":"https://firebase.google.com","common_platform_enumeration":"cpe:2.3:a:google:firebase_cloud_messaging:*:*:*:*:*:*:*:*","icon":"Firebase.svg","categories":["Databases","Development"]}]},{"fqdn":"aadcdn.msauth.net","ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"domain_registered":"2018-10-25","domain_rank":5248,"first_seen":"2018-11-19T10:50:03Z","last_seen":"2026-03-18T13:13:23.569448Z","alert_count":0,"request_count":1,"received_data":2641,"sent_data":552,"comment":"","tags":null,"fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}]},{"fqdn":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"domain_registered":"2018-01-25","domain_rank":0,"first_seen":"2026-03-22T12:51:41.647238Z","last_seen":"2026-03-22T12:51:41.647238Z","alert_count":4,"request_count":2,"received_data":25030,"sent_data":1162,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"jQuery:3.5.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-03-15T22:30:49.343058Z","alert_count":0,"request_count":1,"received_data":90487,"sent_data":573,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"12108007906290015100837a6a61e9f4","sha1":"1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3","sha256":"c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4","sha512":"93658f3eb4a044523a7136871e125d73c9005da44ce09045103a35a4f18695888ecafe2f9c0d0fa741b95cc618c6000f9ad9affc821a400ea7e5f2c0c8968530","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakF:YYh8eip3hXuf6IidlrvakdtQ47GK1","tlshash":"c393f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89493,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-06-13T18:46:59.542758Z","times_seen":20458,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","fqdn":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":true,"md5":"b4b8469599472b37051d92dade028aa1","sha1":"9be189a32f89783e0f4ba1b618cd0331fd004d5f","sha256":"197235278b91145eeda7a9581d7e196f0c91f66a54a45caa9700b5cffd3693bc","sha512":"7829cd27e247a71b8b7e45c2bc94ecebc2456b25d32b725e214cda3f4227e32b88b48a089b16f1bb79cfaa9c738264bb388ef52a048183f536f61a806172d4e0","ssdeep":"","tlshash":"13e0c27b7606e13469649541a215e258f22d018f0d8cc25afd4c459a6f118ba19e54cc","size":309,"data":"","first_seen":"2026-03-22T12:51:43.384779Z","last_seen":"2026-03-22T12:51:43.384779Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","fqdn":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":true,"md5":"9931e8964f3f61f180ec3b7d0e14f871","sha1":"57b2932eaad0420688415fe708dc19262048494c","sha256":"7c0dfba519cd6eab8ce2f3bbe82ff23a1c25249dc791924cabcdbfbe8d13a75a","sha512":"251b359e3e08452feb331da781dad6602304ad1435709598596ce9dd9ce7d6909aff9afed5255aabc1cfba45642f3944d5458e26905b3ca4c0f6d43f7c91ddeb","ssdeep":"","tlshash":"206133ca72460fba67ff795434271104f431e5a5ca05580156389ba92f3bfcaf12b74b","size":3183,"data":"","first_seen":"2023-03-07T13:12:26Z","last_seen":"2026-05-28T22:23:21.323757Z","times_seen":1460,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/Converged_v21033_U7M7Fc-d_yiO2hIJng7nRg2.css","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","date":"2026-03-22T12:51:19.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"WR4","organization":"Google Trust Services"},"validity":{"start":"Fri, 20 Mar 2026 16:23:07 GMT","end":"Thu, 18 Jun 2026 16:23:06 GMT"},"fingerprint":{"sha1":"BE:D1:01:2B:DD:AE:2E:C1:88:8D:14:24:87:DE:A3:C4:61:0C:8C:F3","sha256":"38:E3:C9:2D:48:5D:84:E6:17:95:F0:95:CB:3C:5F:8D:B0:70:98:CD:4F:AA:45:3F:26:56:68:22:10:22:A6:FC"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/Converged_v21033_U7M7Fc-d_yiO2hIJng7nRg2.css HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-encoding: gzip\r\ncontent-type: text/css; charset=utf-8\r\netag: \"180ed6b42ce49176e493ebf3f2145e670be96178b9e2f60001e81532e32268cb\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sun, 22 Mar 2026 12:51:19 GMT\r\nx-served-by: cache-hel1410029-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1774183880.809947,VS0,VE1\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 18705\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Firebase","description":"Firebase is a Google-backed application development software that enables developers to develop iOS, Android and Web apps.","website":"https://firebase.google.com","common_platform_enumeration":"cpe:2.3:a:google:firebase_cloud_messaging:*:*:*:*:*:*:*:*","icon":"Firebase.svg","categories":["Databases","Development"]}],"data":{"size":102041,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (61112)","md5":"53b33b15cf9dff288eda12099e0ee746","sha1":"1748b7bd3b89b84d800374083af646fec11ff082","sha256":"30c90ea15ddeec7d675ed3eaaf26e8283b908265c5a6a5ff00345d03c24233f0","sha512":"8ba4bcbe63b72e6dff001b441d0fe100ecb3a6a6d664816eac7d89e8bb088c6653c9f7bc646f20884842c19c7516ed751332e4585ff49202d4b3f73e6438f24d","ssdeep":"1536:IpHDgWeWJw+k4zazA/PWrF7qvEAFiQcpmeh1+zy35o:ORUyy3+","tlshash":"46a3c8946d243d269037c73561c1bd87a2121503f637aebbf6226db9cf896cb0b31e49","first_seen":"2023-04-05T03:19:57Z","last_seen":"2026-06-04T11:29:34.483922Z","times_seen":9917,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":114,"dns":50,"connect":28,"send":0,"wait":28,"receive":5,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","date":"2026-03-22T12:51:19.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"WR4","organization":"Google Trust Services"},"validity":{"start":"Fri, 20 Mar 2026 16:23:07 GMT","end":"Thu, 18 Jun 2026 16:23:06 GMT"},"fingerprint":{"sha1":"BE:D1:01:2B:DD:AE:2E:C1:88:8D:14:24:87:DE:A3:C4:61:0C:8C:F3","sha256":"38:E3:C9:2D:48:5D:84:E6:17:95:F0:95:CB:3C:5F:8D:B0:70:98:CD:4F:AA:45:3F:26:56:68:22:10:22:A6:FC"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/arrow_left_7cc096da6aa2dba3f81fcc1c8262157c.png HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-type: image/png\r\netag: \"a512441fed43fc63c5a2bbce213d4081532632f57c75eb60cb7dd0e4a1126b38\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sun, 22 Mar 2026 12:51:19 GMT\r\nx-served-by: cache-hel1410029-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1774183880.810282,VS0,VE1\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 240\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Firebase","description":"Firebase is a Google-backed application development software that enables developers to develop iOS, Android and Web apps.","website":"https://firebase.google.com","common_platform_enumeration":"cpe:2.3:a:google:firebase_cloud_messaging:*:*:*:*:*:*:*:*","icon":"Firebase.svg","categories":["Databases","Development"]}],"data":{"size":240,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced","md5":"7cc096da6aa2dba3f81fcc1c8262157c","sha1":"a50776316f0220ed7cd7882a68c742a8861c999d","sha256":"ab50358475adae73a435466c72d1a48ab124e8ae06614663716a46dce5ac8b83","sha512":"ec046758ec2d6588b9b103e5bb1b035dee57dfbb068ad902c869ed22b14f78282461709bdb20366ee887b814f00ae39a4ebd82db42bd831be85fe5b4bf4037af","ssdeep":"","tlshash":"a0d0979373129c2dcfb4e733920e0c22cc1382a3872ab74c58529050bf18c002a9085d","first_seen":"2023-04-27T20:18:37Z","last_seen":"2026-06-12T01:33:26.126074Z","times_seen":12252,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":110,"dns":0,"connect":0,"send":0,"wait":28,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg","fqdn":"aadcdn.msauth.net","domain":"msauth.net","tld":"net"},"ip":{"addr":"13.107.246.53","port":443,"asn":8075,"as":"MICROSOFT-CORP-MSN-AS-BLOCK","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","date":"2026-03-22T12:51:19.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"aadcdn.msauth.net","organization":"Microsoft Corporation"},"issuer":{"commonName":"Microsoft TLS G2 RSA CA OCSP 04","organization":"Microsoft Corporation"},"validity":{"start":"Fri, 06 Mar 2026 19:39:46 GMT","end":"Wed, 02 Sep 2026 19:39:46 GMT"},"fingerprint":{"sha1":"90:D1:7D:09:02:B5:35:F1:FD:F7:6C:6A:EF:1D:B2:99:60:B0:E2:0C","sha256":"9C:1A:83:B2:23:49:7D:D8:8A:D4:AE:F6:D2:F6:A4:AB:35:F3:21:16:30:7F:01:51:68:8C:F6:B3:04:EA:91:B0"}}},"request":{"raw":"GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1\r\nHost: aadcdn.msauth.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Mar 2026 12:51:20 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 673\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\nlast-modified: Wed, 12 Feb 2020 22:01:30 GMT\r\netag: 0x8D7B0071D86E386\r\nx-ms-request-id: 5713b8d0-901e-002c-3bf8-ab5846000000\r\nx-ms-version: 2009-09-19\r\nx-ms-lease-status: unlocked\r\nx-ms-blob-type: BlockBlob\r\naccess-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,ETag,Last-Modified,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding\r\naccess-control-allow-origin: *\r\nx-azure-ref: 20260322T125120Z-16c6dc4f4d64wvnjhC1SVGmwbw000000120g000000005qhn\r\nx-fd-int-roxy-purgeid: 0\r\nx-cache: TCP_HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Azure Front Door","description":"Azure Front Door is a scalable and secure entry point for fast delivery of your global web applications.","website":"https://docs.microsoft.com/en-us/azure/frontdoor/","common_platform_enumeration":"","icon":"Azure.svg","categories":["Load balancers"]},{"name":"Azure","description":"Azure is a cloud computing service for building, testing, deploying, and managing applications and services through Microsoft-managed data centers.","website":"https://azure.microsoft.com","common_platform_enumeration":"","icon":"Azure.svg","categories":["PaaS"]}],"data":{"size":1864,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"bc3d32a696895f78c19df6c717586a5d","sha1":"9191cb156a30a3ed79c44c0a16c95159e8ff689d","sha256":"0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68","sha512":"8d4f38907f3423a86d90575772b292680f7970527d2090fc005f9b096cc81d3f279d59ad76eafca30c3d4bbaf2276bbaa753e2a46a149424cf6f1c319ded5a64","ssdeep":"","tlshash":"4e310059c51d3566ec04c3aceae1d468315e71efa8a581c961849b3f95b0dce0eccb70","first_seen":"2023-04-12T23:20:27Z","last_seen":"2026-06-13T12:35:48.423405Z","times_seen":103524,"resource_available":false,"data":null}},"time_used":344,"timings":{"blocked":166,"dns":143,"connect":9,"send":0,"wait":9,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","fqdn":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-22T12:51:18.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"arweave.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 19:58:35 GMT","end":"Sat, 25 Apr 2026 19:58:34 GMT"},"fingerprint":{"sha1":"2E:4B:58:39:3D:6D:7D:8D:31:69:F4:33:C6:04:3C:40:43:F3:76:78","sha256":"05:10:A2:2F:AB:FA:8F:80:75:5A:8A:41:03:25:19:C4:DA:63:BD:39:D3:BD:48:6B:7D:E0:87:1E:CC:C1:55:C3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Mar 2026 12:51:19 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-ArNS-Resolved-Id, X-ArNS-TTL-Seconds, X-ArNS-Process-Id, X-ArNS-Undername-Limit, X-ArNS-Record-Index\r\nao-body-key: data\r\nao-types: status=\"integer\"\r\napp-name: ArDrive-App\r\napp-platform: Web\r\napp-version: 1.41.1\r\ncontent-digest: sha-256=:lz6vFx3iCkAuXZQIHS0gYlPlR3/JU6QHn+FIBjEF7Qc=:\r\nsignature: comm-5dxewzpx3mh9ph5f6zqfvawet2txd4hgwdqiw65_syo=:Iohh6fQTDAmILSpim/ORx1DzKnQ23NLAPEA6LI3VwT0=:, comm-twyyo2qqnacy2t32rmt8zeox4vqpqivfqbr2u_rehpy=:wX4h+DWHcDoKqQg6n69+3ufpYr6ngNOnhFxCOlomwvnttOerGrqvGpKLa3SbYRDXMeozDsBMBWISsHlPYUXKormLii9HAZbJ0NM1k1xiTrqnQexrDlO+7l8sAAS/8X2qNghrsjXIu/rBhfdhtayXvzRdGT53cyyner0LxXZ2DuTC1KZOBp+hV53vtWplQ7cKQu2NtOIJmbUG0prPTB3ofjP+Q4gvzwGyyb9M8gYLTyBkcGOCWyG8nc2q7W9qqqbsUMnfmHIL2o1OuxLNZrWN4KrdV2BrRJcIaU242x2xCBFuiy/tN1epBeNBkNJSUvDpCp3BktzEt8JGImrd2cTEUARDDNmg9ty6CigQCOOy1FeUdsN0fG9KN85I7shDFO1Re3NZAVE7g+cNbdUmAi+dehrjuITw3htpvMtMqrqxqhOZyzuUb+ldEqGDBt50xgo03RCA4dTOj1oThi0aeHDYH9fkjAg+56sHj5+WClfXBqcE6Re6Ju+76iqVpF9QxyZMYkG6OEe1pst7/li+9wPCZD0Rto4wbUAwOVUqDylq5pGyrgwUQ19/BYFOkvqE5p9NW9t0f4K8+iy5KuftRT6T/Ffk2cXPOqdgmV6NkirBTocySryE0Qd+Oc8zMAdKPdUnAH7F/y1zG4Ohp00WW+bnPtnflvxuLW+Pb5Ht0UczKR8=:\r\nsignature-input: comm-5dxewzpx3mh9ph5f6zqfvawet2txd4hgwdqiw65_syo=(\"ao-body-key\" \"app-name\" \"app-platform\" \"app-version\" \"content-digest\" \"content-type\" \"unix-time\");alg=\"hmac-sha256\";keyid=\"constant:ao\", comm-twyyo2qqnacy2t32rmt8zeox4vqpqivfqbr2u_rehpy=(\"ao-body-key\" \"app-name\" \"app-platform\" \"app-version\" \"content-digest\" \"content-type\" \"unix-time\");alg=\"ans104@1.0/rsa-pss-sha256\";keyid=\"publickey:xfWYUr4Fs3XBC9h4b2LWdoVoNPsSY0KS_zyFaPDZt-iSJ_WiqZkh66E77lvRaDqqx39k3LZJ0BHKSY_b1oTE_2rKRKCNdhFZloF94ZHgmK0Fvw5ZAoCs3WomByNaqLAfPWue3kRsGVBzScC8YDXA4LJXcfeDWUZSWDvLE94qf4LLyZHXS-eBLbt4FXeLSDzB2rCD9w9fa49pToF-m6uokrLtmN4IgTMrxJy1zfTBGcE5csJZk6yUwEHEpYrfkoL8u_BI_4d6vhp7tbsTzTMSDg4sYbg6QeKWWk1tTE-GmuQlCZ8Ggbf4Cf-5N1QGrCN7KvAG8lBqV-TvEd4UmQRt1oocnKV0rqaA4TIPDliV-czHltRl9CljjKrB1_iWwJTBKqn7y1e14VzeVRmPRe6hS_lB4QL2nYkuqqS8QWAvfV7zPZgGFBdzsz7chsSBijW1mjjGR4e91RKz6mBQ7CNIumTBkafd0fpAkY0Z7pElL3ft9hGMuWuyB8jmZy8twBhJzR53Q8YVolGiE4_bWMJxP6sRQAbETR9NviX5HxTWqOMQSRaTNUdODjs0yiPUmlNViioi28gM6IhT-sQAfzlg36bvDB_15FqiFydFxBLhG7m8VgD_2MzaCWlxXAahNJZSwIrK5AqkVYkHr0114yuibW4YPBCSD9CNVwZNlFiE-kM\";bundle=\"false\";original-tags=\"1:App-Name:QXJEcml2ZS1BcHA, 2:App-Platform:V2Vi, 3:App-Version:MS40MS4x, 4:Unix-Time:MTY3MzkwMjEzOA, 5:Content-Type:dGV4dC9odG1s\"\r\nstatus: 200\r\nunix-time: 1673902138\r\nx-77-nzt: k5xAiT46LW8utw3fIlLHXsNls8SxNt9T72h9MnwuqidQ2MCI+GpB7gJNp2Q3UslfUg\r\nx-77-nzt-ray: 2a494a1560143e3cebe5bf692cbc9c38\r\nx-77-cache: MISS\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\naccess-control-allow-headers: *\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]},{"name":"jQuery:3.5.0","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"cdnjs","description":"cdnjs is a free distributed JS library delivery service.","website":"https://cdnjs.com","common_platform_enumeration":"","icon":"cdnjs.svg","categories":["CDN"]}],"data":{"size":19518,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (19148), with CRLF line terminators","md5":"53ad34f1c98f7cf2590bf67d81ab0d95","sha1":"b02ae7965961f7b86db9f4c1cf4ea9feedd14ebd","sha256":"973eaf171de20a402e5d94081d2d206253e5477fc953a4079fe148063105ed07","sha512":"c690470824809317f3f48ee807f6670b83c29c2cc8940140dce6347a1c1e6287e2bc11822b33d49f41dcd2ef465ca83dceffb5cd71e54e3fff2ab18777ed0373","ssdeep":"384:e7i76pyKJ7eFJ7ecR7ec47Dd7747R7RqytPhgTwZz08B7W7L7m7J7L7GqGs+7soC:e2OFCDCcRCcQNEldtOioKCXStXygTT","tlshash":"e19208f6b0111e7a53ab9db9f033d204712ae24dc3034d60ed7c8a9416ffe19f52699a","first_seen":"2026-03-22T12:51:43.3752Z","last_seen":"2026-03-22T12:51:43.3752Z","times_seen":1,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":46,"dns":33,"connect":1,"send":0,"wait":532,"receive":0,"ssl":9},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","date":"2026-03-22T12:51:19.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"WR4","organization":"Google Trust Services"},"validity":{"start":"Fri, 20 Mar 2026 16:23:07 GMT","end":"Thu, 18 Jun 2026 16:23:06 GMT"},"fingerprint":{"sha1":"BE:D1:01:2B:DD:AE:2E:C1:88:8D:14:24:87:DE:A3:C4:61:0C:8C:F3","sha256":"38:E3:C9:2D:48:5D:84:E6:17:95:F0:95:CB:3C:5F:8D:B0:70:98:CD:4F:AA:45:3F:26:56:68:22:10:22:A6:FC"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\netag: \"2084deafc36fbaca40a6352319b3c1edb1262245428033547de6b82e0c2dcfe8-br\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sun, 22 Mar 2026 12:51:19 GMT\r\nx-served-by: cache-hel1410029-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1774183880.810282,VS0,VE1\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 1274\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Firebase","description":"Firebase is a Google-backed application development software that enables developers to develop iOS, Android and Web apps.","website":"https://firebase.google.com","common_platform_enumeration":"cpe:2.3:a:google:firebase_cloud_messaging:*:*:*:*:*:*:*:*","icon":"Firebase.svg","categories":["Databases","Development"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3651,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ee5c8d9fb6248c938fd0dc19370e90bd","sha1":"d01a22720918b781338b5bbf9202b241a5f99ee4","sha256":"04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a","sha512":"c77215b729d0e60c97f075998e88775cd0f813b4d094dc2fdd13e5711d16f4e5993d4521d0fbd5bf7150b0dbe253d88b1b1ff60901f053113c5d7c1919852d58","ssdeep":"","tlshash":"6371117b132887dae9d4a78c2e997b8d377095c4b1b24290874328a5bc086f7f038d60","first_seen":"2023-04-06T08:44:24Z","last_seen":"2026-06-13T19:12:01.451961Z","times_seen":127056,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":111,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","date":"2026-03-22T12:51:19.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 22 Mar 2026 12:51:19 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 27964\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03ec4-15d95\"\r\nlast-modified: Mon, 04 May 2020 16:11:48 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 300379\r\nexpires: Fri, 12 Mar 2027 12:51:19 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GPYgTRqmNAJQx%2FundWODVBIPLH4C%2BRhbzF1b1SHTWo87K5%2FtdNkrSZEv%2F33AbF5Nx6v0cDbs8tqqn8F6FGxymeHEnX2GruJunq6x6nPYZQwhOeY%3D\"}]}\r\ncf-ray: 9e0553c01c5e49c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":89493,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"12108007906290015100837a6a61e9f4","sha1":"1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3","sha256":"c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4","sha512":"93658f3eb4a044523a7136871e125d73c9005da44ce09045103a35a4f18695888ecafe2f9c0d0fa741b95cc618c6000f9ad9affc821a400ea7e5f2c0c8968530","ssdeep":"1536:YjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h5cApwEjOPrBeU6QLiTFbc0QlQvakF:YYh8eip3hXuf6IidlrvakdtQ47GK1","tlshash":"c393f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-06-13T18:46:59.542758Z","times_seen":20458,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":10,"dns":1,"connect":1,"send":0,"wait":28,"receive":3,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn-jm-tools.web.app/d..p/others/mi..cro---t/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg","fqdn":"cdn-jm-tools.web.app","domain":"cdn-jm-tools.web.app","tld":"web.app"},"ip":{"addr":"199.36.158.100","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","date":"2026-03-22T12:51:19.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"web.app","organization":""},"issuer":{"commonName":"WR4","organization":"Google Trust Services"},"validity":{"start":"Fri, 20 Mar 2026 16:23:07 GMT","end":"Thu, 18 Jun 2026 16:23:06 GMT"},"fingerprint":{"sha1":"BE:D1:01:2B:DD:AE:2E:C1:88:8D:14:24:87:DE:A3:C4:61:0C:8C:F3","sha256":"38:E3:C9:2D:48:5D:84:E6:17:95:F0:95:CB:3C:5F:8D:B0:70:98:CD:4F:AA:45:3F:26:56:68:22:10:22:A6:FC"}}},"request":{"raw":"GET /d..p/others/mi..cro---t/ellipsis_grey_2b5d393db04a5e6e1f739cb266e65b4c.svg HTTP/1.1\r\nHost: cdn-jm-tools.web.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=3600\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\netag: \"cf034e803491c0dbb1074332cd18fac418b94b0a139a7ddbf92ec40574951a8a-br\"\r\nlast-modified: Sat, 25 Apr 2020 21:22:54 GMT\r\nstrict-transport-security: max-age=31556926; includeSubDomains; preload\r\naccept-ranges: bytes\r\ndate: Sun, 22 Mar 2026 12:51:19 GMT\r\nx-served-by: cache-hel1410029-HEL\r\nx-cache: HIT\r\nx-cache-hits: 0\r\nx-timer: S1774183880.810621,VS0,VE1\r\nvary: x-fh-requested-host, accept-encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 230\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Firebase","description":"Firebase is a Google-backed application development software that enables developers to develop iOS, Android and Web apps.","website":"https://firebase.google.com","common_platform_enumeration":"cpe:2.3:a:google:firebase_cloud_messaging:*:*:*:*:*:*:*:*","icon":"Firebase.svg","categories":["Databases","Development"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":915,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"2b5d393db04a5e6e1f739cb266e65b4c","sha1":"6a435df5cac3d58ccad655fe022ccf3dd4b9b721","sha256":"16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6","sha512":"3a692635ee8ebd7b15930e78d9e7e808e48c7ed3ed79003b8ca6f9290fa0e2b0fa3573409001489c00fb41d5710e75d17c3c4d65d26f9665849fb7406562a406","ssdeep":"","tlshash":"4211c9bb2f78c66ea09197943762a7791f76a14873883590f3432f11ee44dbb203dc40","first_seen":"2023-04-14T08:32:49Z","last_seen":"2026-06-12T07:31:44.115277Z","times_seen":15763,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":109,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/*https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg*/","fqdn":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","domain":"arweave.net","tld":"net"},"ip":{"addr":"95.173.205.14","port":443,"asn":60068,"as":"Datacamp Limited","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/","date":"2026-03-22T12:51:19.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"arweave.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 25 Jan 2026 19:58:35 GMT","end":"Sat, 25 Apr 2026 19:58:34 GMT"},"fingerprint":{"sha1":"2E:4B:58:39:3D:6D:7D:8D:31:69:F4:33:C6:04:3C:40:43:F3:76:78","sha256":"05:10:A2:2F:AB:FA:8F:80:75:5A:8A:41:03:25:19:C4:DA:63:BD:39:D3:BD:48:6B:7D:E0:87:1E:CC:C1:55:C3"}}},"request":{"raw":"GET /*https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg*/ HTTP/1.1\r\nHost: j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 22 Mar 2026 12:51:20 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\naccess-control-allow-methods: GET, POST, HEAD, OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-ArNS-Resolved-Id, X-ArNS-TTL-Seconds, X-ArNS-Process-Id, X-ArNS-Undername-Limit, X-ArNS-Record-Index\r\nx-77-nzt: k20FXsZzKaE491g4xT50a1CUeH4vScDcyb0U4AIwb9/1gWMtayBLnM+fyJlflz4QMA\r\nx-77-nzt-ray: 2a494a1560143e3cece5bf69a2c00e36\r\nx-77-cache: HIT\r\nx-77-age: 1\r\nserver: CDN77-Turbo\r\naccess-control-allow-headers: *\r\nx-77-pop: osloNO\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":2035,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"dc7707d2b730ffd749bd0ca6d407e5e6","sha1":"03f2bd287e09a1470ae6304bc608e707c62016e8","sha256":"2fa33a34e1ad20fc69c804532cb26b974805882da0f1c48a45150111a88fe3fa","sha512":"36efc7918ea1c1a35960fcb9cfa33b25ec027e07c35fc11e8e108e44805218d3d46454b99209f014063b7abdd6ac8a29ba4914abecd126ccb7a8467c8d774f37","ssdeep":"","tlshash":"324162d888f710eb1164c1d5aa817f294c82804b97e6c960b26c43629f9aca5acd7cdd","first_seen":"2026-03-22T12:51:43.382504Z","last_seen":"2026-06-08T18:08:15.931526Z","times_seen":69,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-22","alert":"Sinkholed","trigger":"j4dbqo3efkoabmw23x3kzrh4mxvbpyk2vguikx2adl3lx6wedt3a.arweave.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Resource associated with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}}]}