{"report_id":"1cc0e91c-cbda-4b2d-8b8d-d213c77954b6","version":0,"status":"done","tags":[],"date":"2026-06-21T20:23:37Z","url":{"schema":"http","addr":"kintara.app-events.xyz","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"kintara.app-events.xyz/","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"title":"Kintara Bot — Auto-farm Wood, Stone \u0026 Coal","dom":{"size":22969,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15667)","md5":"bceba6063ddd029b570a411595348e45","sha1":"2cea002ec06726f1429610e4c66e6205005beb0e","sha256":"af04ddebed9d641d8b69512529f0f17e7393d756e5347dd6a8b6113c30e549de","sha512":"94e1b2309584e1a2e0db6271b09b5b831ce401f6169f12548bb8a798b41457a178a07ee4f5ce21b4e62be113d8c519bf4ee1dd5b9d0d11cec90854114a231f7b","ssdeep":"384:l+8yyRpszYULZsUYH2L0r82It4uSRhKutTxXNRgl+FU+xHyvfSDIJPJWf3b8fzwO:l+8rRpsz4H2L0r82It4uSRhKut5NRgln","tlshash":"68a2ee14f9504d3f3a17a2fe52c5de9ca25174029857bb5cb2b880c2e7c7eb34eb6528","dom_hash":"domhashac98bf1f4e654ee33da7362e2966f7f2","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"kintara.app-events.xyz","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-26T20:23:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"kintara.app-events.xyz","ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-07","domain_rank":0,"first_seen":"2026-06-21T20:23:39.748496Z","last_seen":"2026-06-21T20:23:39.748496Z","alert_count":42,"request_count":21,"received_data":8962378,"sent_data":10748,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"kintara.app-events.xyz/","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9b39ad58d8d5044d0443d81d51462071","sha1":"b171eb3271394f2c9c8757f86a01331450a7e9b6","sha256":"31573a6111f8988a9f6c01ae95206e6bd57d02a6e4bbc64aa7229407c67c2904","sha512":"311e1d5870e2dc8dd5246063a5cb2c006224e109f3c1adb5d242c7d47bf277db35b7fc52ee99736bffb28eb576fdc2678bbbce098c26803cad9894f78723ada9","ssdeep":"","tlshash":"d7c02290887088a0080808d9503e01942800345800a760a982acd887580df881788810","size":181,"data":"","first_seen":"2026-06-13T04:41:27.625347Z","last_seen":"2026-06-21T20:25:53.222108Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b37afbe52c8565f19f3f670c1eded78f","sha1":"9240556974a9f4aa28aa88699327bc9b4713db64","sha256":"1a626a5060a390c4588206a022ec9f0131f0c90f7b81ab84c6b5fd87a9d56e44","sha512":"8f4d16c3558f2798b8d766d6eaa87b75e02437e4bbcaaa503e491cd7ac5dc67e2142955d91bb746fad435f9f635c542475ad50c2efee2e9db013f1d1d9b67c01","ssdeep":"","tlshash":"8ef02b19f2244b337cee853f647356df7ab3216cd2052424741bad0936b0c802ad0d06","size":444,"data":"","first_seen":"2023-10-24T21:10:14Z","last_seen":"2026-06-30T20:16:43.374485Z","times_seen":346,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"9b39ad58d8d5044d0443d81d51462071","sha1":"b171eb3271394f2c9c8757f86a01331450a7e9b6","sha256":"31573a6111f8988a9f6c01ae95206e6bd57d02a6e4bbc64aa7229407c67c2904","sha512":"311e1d5870e2dc8dd5246063a5cb2c006224e109f3c1adb5d242c7d47bf277db35b7fc52ee99736bffb28eb576fdc2678bbbce098c26803cad9894f78723ada9","ssdeep":"","tlshash":"d7c02290887088a0080808d9503e01942800345800a760a982acd887580df881788810","size":181,"data":"","first_seen":"2026-06-13T04:41:27.625347Z","last_seen":"2026-06-21T20:25:53.222108Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"b37afbe52c8565f19f3f670c1eded78f","sha1":"9240556974a9f4aa28aa88699327bc9b4713db64","sha256":"1a626a5060a390c4588206a022ec9f0131f0c90f7b81ab84c6b5fd87a9d56e44","sha512":"8f4d16c3558f2798b8d766d6eaa87b75e02437e4bbcaaa503e491cd7ac5dc67e2142955d91bb746fad435f9f635c542475ad50c2efee2e9db013f1d1d9b67c01","ssdeep":"","tlshash":"8ef02b19f2244b337cee853f647356df7ab3216cd2052424741bad0936b0c802ad0d06","size":444,"data":"","first_seen":"2023-10-24T21:10:14Z","last_seen":"2026-06-30T20:16:43.374485Z","times_seen":346,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/5.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.593Z","timestamp":1782073383593,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/5.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-128165\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9ySCGzEbGkBGp3YPOEkPrSJEe75tfHCNw%2FdhFA5f60tt%2BBHol8hlOY9Rgt4fYJV4Fa3Rp8GhMv52E8c0je9%2FeI%2F3ER5dQNbNkO%2Fmq%2FXc5HFQmFGCMdnCWyzn4hFy%2BzUJq%2Bp36DvMAPjp\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1212773\r\ncf-ray: a0f5ba9779be4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1212773,"size_decoded":1213482,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced","md5":"3c68104ddc85c0789609c23a71645529","sha1":"25bf74053fef163efbad0c7228691d47a9bcf24d","sha256":"e882d5d957d1dde8e92e6f23e3db4810df072c633ecdabd033ca601738402d97","sha512":"0920786280c791b967ac23e0e0a78686c67d1264dee6d6c51cf410fee543ccb025fd7dda749f40cf42e5e04070deef193a1cbfe85c7fadd211b101cb5b0f833a","ssdeep":"24576:m94yDV/TKf+SL0AbnsUYycf+5lpoTAAPS:eLN2ft0AbU08S","tlshash":"b2253384a119fc9d120824ec18e1f0a168fbe35c3f04758218ffbb7d3697669936e5e6","first_seen":"2026-05-31T22:39:41.043557Z","last_seen":"2026-06-24T19:05:04.105979Z","times_seen":17,"resource_available":false,"data":null}},"time_used":442,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":288,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/6.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.594Z","timestamp":1782073383594,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/6.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-1057e4\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YdZUMxFdtrPUoCGKGMQuY969dMG9l9tsW9va%2BNF14SEgDcWYOUlYnjtrIv%2Fx2DKnfZdup%2BhzV9z%2BIOgJstez%2Bsi%2F8u2H4xisHbHitpLvypGbJD4WIblaKbHuItb%2FgIMth6x2mr%2F1fNb9\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1071076\r\ncf-ray: a0f5ba9779bf4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1071076,"size_decoded":1071785,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced","md5":"8895ed09638e642d98a0c3a58585b9cf","sha1":"da220fb2290233beb701f1b1095128f1bb12f1f9","sha256":"40746ca809bc4043e5fbac87b675d970a5a113d76dfa009da4a0a7663c3aa39d","sha512":"cbc46f357c077792570b00133f137cca2357c16658ac0e3015a734323df6f374a0d792f52f26fc2f82e44cec0575a08e8129e91395b0cd2f2264e8229abf8a7a","ssdeep":"24576:ApW/qbZMQzLNURoiU2kB0zVS6pTZ/7/PkyAuLPGtVdMkILZSwKZY5Xr+AFi+seBQ:Agy9zzLuReaZS6TT/PkRVdBIdD5to+HK","tlshash":"3c25330c3b3c78fbd684722c206a6a977dd7422566020a57b92940acf9b5bdfd17c783","first_seen":"2026-05-31T22:39:41.060346Z","last_seen":"2026-06-24T19:05:04.108485Z","times_seen":17,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":242,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/8.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.599Z","timestamp":1782073383599,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/8.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-47a14\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=R1X3JQFwkpcAe8EKxJxgSM%2FWkStxx1rqXIGuIoMT2CzC%2B%2B4FyQugE5zQK2eUmUXZzi86xlHhs8yaPwQY43ST0uipAq%2BwhcHmUAxvSQvuu1K%2B9wjr%2Feive0Vm1Zjx30VhgM8EXmFHYDI3\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 293396\r\ncf-ray: a0f5ba9779c24e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":293396,"size_decoded":294099,"mime_type":"image/png","magic":"PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced","md5":"8fa8f3f068f207aa91bbb81e4ce6898b","sha1":"464c70486af0d006cff150d7c84610ebd95d6c51","sha256":"a203d5e9031fbbdf2288abf0f669f7f6ea462c7c929230f98f8d6dfe37422b50","sha512":"c08632cfa8d8a4996f83d5c68c807658677a5b67d9432cc405da8887cca2ba289d161ffc1195d48ca57b60a1628f7bf0b14e8b35f6f87721dc011e7dca1322d7","ssdeep":"6144:nTL4Yup1SSAse+69kDA4hSzOd99XLk8ZJ1NVmA3bzh:nTLtY161+0kcApD7ZZJvlLV","tlshash":"475423c2fe4e847149ee1c43afd8876c415c143b2caf9dd88315132a7e7a17872d99a2","first_seen":"2026-06-19T07:14:27.792258Z","last_seen":"2026-06-21T20:25:53.211396Z","times_seen":3,"resource_available":false,"data":null}},"time_used":385,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":211,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/10.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.601Z","timestamp":1782073383601,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/10.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-4033d\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TETbeNnyBt%2FNj6Az%2FiEuB7N5FbNFN%2FsDxwjG9ZCFX7PeRcKiNFSXJniehcrACA7HxgZtWoukEYW0Qcdspfgnw%2BEbmQ4T%2BMivJAZiTytuCe5%2FyT7z79CRvD9PQc8%2BXYQc1BuH3b9Rw1dt\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 262973\r\ncf-ray: a0f5ba9789c54e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":262973,"size_decoded":263678,"mime_type":"image/png","magic":"PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced","md5":"2b4be6eb640a1a70eddf9e165ff4693c","sha1":"08d9904059a2ec564bacc412573a57d7f84ba714","sha256":"fedd577937b004fff99c6fec889c8d296042d5ad698af646cd60b5171ddde11a","sha512":"b195e3622a27b7b556e134717542a64015815d2c0975674df47a915589544277b7fbec8e1f723f3b3523df8b97614b7a787cd09212180a58097ebb696ec7542c","ssdeep":"6144:C/hzhCjPyVMi4rhtL0ZEGkz/pzq0+x+OMr1CXcA9d/:MhVIPyVMi6X0VAj+xhMEXcAr","tlshash":"394423fb24457f6968afb85d437fae20b3a0992f4ef114e3f2eba870940955c0685c17","first_seen":"2026-06-19T07:14:27.795546Z","last_seen":"2026-06-21T20:25:53.201561Z","times_seen":3,"resource_available":false,"data":null}},"time_used":325,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":179,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/12.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.604Z","timestamp":1782073383604,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/12.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ALmpgi0jMf2DlGXeaKunpjJjxo98wjaWMvZKxOOuDCQCKWFpuqW7Vc1B5RFC2L1jrZSJE7G3kKs5XGA%2BI3d7ERqG812MnPvNw3bxi00xr4dENcIixxnGymiZFGtbTOV5d4%2F2r%2BtaJhUs\"}]}\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-28baf\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 166831\r\ncf-ray: a0f5ba9789c84e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":166831,"size_decoded":167528,"mime_type":"image/png","magic":"PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced","md5":"8bc2f9c0354059b0d85019fead825951","sha1":"b8cc9c32f4e73d2504ac7a66c0931b83b03b1fbd","sha256":"63aa9e9914cca7167a55eaa308c256168e65f4eb70472e4ddcfef15523a7c03f","sha512":"fbf67a360d3538ae82a9ece749ca4d301de673b4a45ad4dbb5d4860bc46c8e72754321659ca66938a27ab3c8d2dbbe54287d8db8e75caca10f1d88eaee6446c7","ssdeep":"3072:1PUcDxQ2+QT7Ulm0L9P8mpOtQlj2kSqEoJtd2wVTHN3hrtoGZwBeurQoP4b4X:1PUcdQ2+KCDL7KQlClqEoJtDj5toGCBX","tlshash":"28f31287d5ed29f7a8ed47fe618f3f0c851849bce2a6c542c13b11a51dd3063205b2b9","first_seen":"2026-06-19T07:14:27.803558Z","last_seen":"2026-06-21T20:25:53.204414Z","times_seen":3,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/fonts/0.woff2","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.931Z","timestamp":1782073383931,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /fonts/0.woff2 HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/stylesheet_1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:04 GMT\r\ncontent-type: font/woff2\r\npriority: u=3,i=?0\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-bd30\"\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zla478jjrupQq%2BRd3couYH5ni%2Bz5OPQcKa%2F%2BE9TJfo9FTlI%2F4ibnq1DIZY1T6UoicIGXlOcSH5yt61D5sRdIemec7tvY33eKrRgcfzE8R8LmAQlSK7H1eF8rmyQ5eg9BZdZEDv2JQ%2F9d\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 48432\r\ncf-ray: a0f5ba999a5d4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48432,"size_decoded":49144,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-07-01T05:10:42.256413Z","times_seen":71599,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/favicon.ico","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:04.252Z","timestamp":1782073384252,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:04 GMT\r\ncontent-type: text/html\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2GFFddiNhfhNmv%2FEKN9ZDqpiCEBvI%2BeDO4VqaKZQl5RE37HRcFt4doyRtgzJO0KNaYG9OjbFPJ7ZuCCevw4xH0ftpaUOsaC3sJNreSam4LqZ9A2LDQ3xRi6un4JXsHDbztEeUXo9lPE2\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: zstd\r\nvary: accept-encoding\r\ncf-ray: a0f5ba9b9adc4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":162,"size_decoded":748,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"37d5c3a24983196361e6ce9b1a499464","sha1":"2dd5878df894f3c648e42408879e9a61c112d1b3","sha256":"766c1d6bcb81d3e983fb7adbc19c616d7fc01dafb7893738edc242e2adc59c07","sha512":"cc140d1f61a01ba5f282d682dfeb19229426c7164b147a3031d3b5544c2d7213ce19b075a81d5e00750bdac7b1d9232b8b971e026d838ccae9466523338b09a9","ssdeep":"","tlshash":"eac08c6e2513bd4cc663217432c36490c08b93a7a4ea42228440805331cb2aa8ac7396","first_seen":"2023-11-07T17:46:00Z","last_seen":"2026-07-01T05:23:01.334551Z","times_seen":26087,"resource_available":true,"data":null}},"time_used":143,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/stylesheet_2.css","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.574Z","timestamp":1782073383574,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /stylesheet_2.css HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: text/css\r\npriority: u=2,i=?0\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cW3PTT4bR1ZzgCpXxunnqQCrLWokmdK02Ci0pBtYurF7BLegkp%2Fe6f1zDm1qP%2BR95yTVRqOWCsp1%2BqIp8ZdxlgE1hte0Ni6QSh2DokfE3Djfs1j%2F5TCO2wl1EeJu0HRNrpQqjvCruRp9\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a37c5b9-1bdb\"\r\ncf-ray: a0f5ba9759ab4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7131,"size_decoded":3229,"mime_type":"text/css","magic":"ASCII text, with very long lines (7131), with no line terminators","md5":"0161e6fb0ab4ad6be9bc34053387687b","sha1":"894ed71ce1a9faf4a893757e1850fd55d6e798ed","sha256":"297ca1d58a5703f358558371816bc1102902691e5ee869d0789091caf292e670","sha512":"fe0e756ef862acabfa532516ff90ff5baeb6a6c8c89500f6f83e5d766e6e2692bce3086459a1832149ca1cb45b32d2927f97ee058a1ead1e987820202ad304e2","ssdeep":"192:sJ7JXE4GUmXYgx9nsfORsQZnsKZ1KM559tY0:s702gP3RR9HjhN","tlshash":"0fe1762f6d18140a6c2684ead6d07f99f119e4c3eb1b96eae6c31701bfd76b709d0308","first_seen":"2026-06-21T20:23:46.754529Z","last_seen":"2026-06-21T20:25:53.21214Z","times_seen":2,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/2.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.588Z","timestamp":1782073383588,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/2.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n0tOiSNiguKkLxfo58Jqjk1V%2ByVjmULxBr1Pgm6PF%2BVklPk2w3Lre13%2BS9xM66v%2F80aU5lnt%2BDEdYCp1Hn%2FHCkqw%2FMQenAtLkvTb5hyPoZZlY0RSW%2B3nPTCUlb7Xf8MuQmF59z8sjSQG\"}]}\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-15aee8\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 1421032\r\ncf-ray: a0f5ba9769b94e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1421032,"size_decoded":1421741,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced","md5":"a97e3a63147d2862189929bc706e9548","sha1":"83ad53bd0998a214cc33037e96be1fe70ccb2c77","sha256":"a8cfdaae32d6a8c2696c648f1d3a41b65df3eede83f7563134af984413aa6cd5","sha512":"475647b4017df569b2fbf934b2a6308376d80ed0f66e4665c5ff4b9fd6ea04cb978046c59ea0476669d38d2abcf747d21670aecf5ee408de5365fef02f3f5c1a","ssdeep":"24576:WvF1ndO95JdAl+F5x3SRmXuhf6wyLvGVCKLCRtJoiFPNTk:8Hs5J95hih8tRtGiFlI","tlshash":"ee2533c9844b8c8740fdf75bc044a80b36aaa941df1271da75ff12510baaf2f1b5acc6","first_seen":"2026-05-31T22:39:41.048994Z","last_seen":"2026-06-24T19:05:04.165305Z","times_seen":16,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":221,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/4.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.591Z","timestamp":1782073383591,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/4.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-12a668\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XodMFI3Ny%2BIFdc2JFvnwq3PUB7Sswt5kLlalDG6IO%2FkQ68U7buRdr654MyUdYaI1DUmiRCh4SEj%2Fdt%2F%2FzXMRs1XKfxvz47JIg%2Bu%2Fp6Qxtr3IK7Tw6W80TKs1w%2B4jN92IkMmKefNMNcMQ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1222248\r\ncf-ray: a0f5ba9779bd4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1222248,"size_decoded":1222957,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced","md5":"a71de7bf29aa354d063147ad4876f217","sha1":"bea9b542ed343fa1188994c74cb327eb00c6d506","sha256":"28f1365e76b0f89bdd17084b4543244f7fba3317d407895a0146c7b4b9075f6d","sha512":"b96292e519abb770478e12f77cd942de531922ee827c0a89b1757888502aa3667c0ee9a7f694f7f6112af1ed50d963f7e9888fe688773b49f573150602dbaf95","ssdeep":"24576:oqYQmr4iSTGOQfsPkiVm4eBtl5b2KsnRHd4rB6QeZm1cOO3yFT45m/W9:oqYQa4ieAs8iVhe/2ZRHdqze0DF45KI","tlshash":"3025338093bff71497b842bc74163f1e551aa7b1eeecac627a54071e40fc928e64c4e9","first_seen":"2026-05-31T22:39:41.057759Z","last_seen":"2026-06-24T19:05:04.166801Z","times_seen":17,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":205,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/7.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.596Z","timestamp":1782073383596,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/7.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-14ee5d\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Qxmkg1I%2FypnqJfs4ZqqsgrxsQxmWx5JaFdMm6NhsR7bzsmQCs0hngVqiP1ZHMkU8VN%2BxSkkK0NS4p77LzPzGWIqyD2MziyQDDq8DAPcR78YVKHKZ2mtbLe2PE8PuDMEeqVUZMk9KJSsZ\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 1371741\r\ncf-ray: a0f5ba9779c04e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1371741,"size_decoded":1372438,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced","md5":"95be905a305cd0f8614b26a02fe4aff7","sha1":"8b6fc54e2b03206887c391356c31715c80fae0bd","sha256":"d1012a805ad95005a169fe94c826028b538b89f7f452a6f19d1ae25502337877","sha512":"dcd77f07f15b2ba232cda54d8dabdbb5eb25a2281618d7508ac85a5b09c2913d17a68a33e04bd2a534d71287391e37544ff892a033eb662186aed6a18fe9604e","ssdeep":"24576:Tssf6VjYDfM3cbb2Zis5AvUEQPVtCWb3ctfFf2n3bLznYDBIXX:7fEoww2Is5zPPFjctfFf0r0a","tlshash":"cb253360723f97f785de990c1f0ba202d6c1a2aa1182856261fb787dd9fd07646e0df3","first_seen":"2026-05-31T22:39:41.064944Z","last_seen":"2026-06-24T19:05:04.137458Z","times_seen":17,"resource_available":false,"data":null}},"time_used":390,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":181,"receive":209,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/11.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.603Z","timestamp":1782073383603,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/11.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VaSPnugba8m94GlPRDEmpmJwT1eefzpDEJKqE1gNKIziV1%2BFnpTZzsMH4sWOH7%2BYqQWpYGviYIbtrlLUV%2FCvkXEj9et0blPRaDi78C%2B69zjWwNTnZjU8vyg3PLR%2F1s24xv%2BhmQUtNg2I\"}]}\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-20a15\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 133653\r\ncf-ray: a0f5ba9789c74e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":133653,"size_decoded":134356,"mime_type":"image/png","magic":"PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced","md5":"bd7f52b5af201d119005d7cc74f525d1","sha1":"3a94c6f0bb00b3e448a8dd34480456770b8fa88a","sha256":"8bd201df585dc60d4c0e90d0d1bc6282e99f07c7da57e05da7f4d5e7d66c69e2","sha512":"84b33dbedc72ce8c46b2742876bd8e60eb50986e2b85b46dc1f8037a22b30fe6e3268469c23a6cf706b29dcd1d05cda4b39e5317daf19ac708e9a767e9cf5bc3","ssdeep":"3072:pp3hL7/NC7sicCfQtNvFA7R6zmx2iLZtLFiWrT:pthNwsi7Qt+2mHFiWH","tlshash":"66d312c5ab10c3690d085ef24351a4d5f621120eb7d3ab2e85f3f9b937114be179b29b","first_seen":"2026-06-19T07:14:27.794113Z","last_seen":"2026-06-21T20:25:53.202835Z","times_seen":3,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":149,"receive":130,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/stylesheet_1.css","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.575Z","timestamp":1782073383575,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /stylesheet_1.css HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: text/css\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B0bI6eYL2uC%2FHlyES58AYuNfrovxFEf%2B%2B%2BupVqH8fZ0FhrWiBgVRZ64zmTlGo7RcAQw25Ua%2B8LIUqqm6FOesC%2FzA5n5ysxZP7XYFED%2F1qMJ%2BxPVQqKfnmVOdsuH9mS1FPL8i%2Blc2mARR\"}]}\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a37c5b9-438\"\r\ncf-ray: a0f5ba9759ad4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1080,"size_decoded":910,"mime_type":"text/css","magic":"ASCII text, with very long lines (1080), with no line terminators","md5":"f6cce600527418618d05f84461e993b5","sha1":"34c6a47910f94e48a27d67a4b651d2a3bb4f5905","sha256":"e614c1385bb5ddd312d9c676d94aca1d37825786a8d556852a754a8b42ef5aa4","sha512":"a3bf6aa1df6618edac7dfa04ade859cdfa205cc12a2460405168fae677240f8e93ee80b8010a8d7c1348d224c471a4c76a4c83c889c31cda8d9f57f9c14b19ae","ssdeep":"","tlshash":"ab112b30082ab844d2fb8c3230c878031c0de04487d76952e71a15f84fe99366397725","first_seen":"2026-06-21T20:23:46.758603Z","last_seen":"2026-06-21T20:25:53.198621Z","times_seen":2,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":165,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/BL7N81F7.php?s=%2Fipfs%2F82u8i9BTFuAZQbOVu_m9Nw9501e02785d6794b4ca270dd2c61d02f%3Ft%3D1782073383556","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.585Z","timestamp":1782073383585,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /BL7N81F7.php?s=%2Fipfs%2F82u8i9BTFuAZQbOVu_m9Nw9501e02785d6794b4ca270dd2c61d02f%3Ft%3D1782073383556 HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T05:18:53.694782Z","times_seen":16880888,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/9.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.600Z","timestamp":1782073383600,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/9.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\npriority: u=5,i\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-2a429\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NQJWCAQ5BzK3Ia3Pze3qkG7rJxvVEglI%2BSoCwXFS6P%2FukVdF5hXUbCcJ3vxwTToXWSinEKx5hIPKfB7D9b%2Fdvb5QAtXp00e749GvD7iow1lu6XNdaRgYe7EvjNhgIALt1IGwkz9bG%2B5n\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 173097\r\ncf-ray: a0f5ba9789c44e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":173097,"size_decoded":173796,"mime_type":"image/png","magic":"PNG image data, 450 x 450, 8-bit/color RGBA, non-interlaced","md5":"f14101015f923544c84157f58610a990","sha1":"ce6de177f9c8e456baa6d58c2656b46e70552004","sha256":"4084c98e924ab9ac190f1c4cfd2681203cad310929e4f1beb8846342ac687994","sha512":"128c2d5a427d7deeb2f7032c684d0c8f726afe9d552ec0b7b7e0e65a4be3c250eb0b288fda11b88256b3e4085260ebf1e77fe511f74cceb32c091a2b70a7bd42","ssdeep":"3072:8dlx53tJPUWwxgbNFTGnaNNdPSyCxsGa/fkb7B/mlGf2hew1kT5dFGpuABl:mLygbX4axPSyZGVFmi2hTOv88gl","tlshash":"b80412490057d36954ae03eaa052880bb4e87ba0e3519df63f59299df43cbd37ba931c","first_seen":"2026-06-19T07:14:27.793218Z","last_seen":"2026-06-21T20:25:53.200837Z","times_seen":3,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":155,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/fonts/0.woff2","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.943Z","timestamp":1782073383943,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /fonts/0.woff2 HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/stylesheet_1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:04 GMT\r\ncontent-type: font/woff2\r\npriority: u=3,i=?0\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-bd30\"\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=SS%2BpHROPZDXc2Qu84CfTfaxw9x3kCdWUlPEBVuaCoKjEJg9WAz9QJONNXK0dIV9%2BWwLPvWRNTYTCEBA48a9P6OON33eASM092nit3aDvg6rDvzqBknb2Q10d3N%2B8GoBykv4VLni%2BPJXD\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 48432\r\ncf-ray: a0f5ba99aa634e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48432,"size_decoded":49140,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-07-01T05:10:42.256413Z","times_seen":71599,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":130,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-21T20:23:03.063Z","timestamp":1782073383063,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: text/html\r\nlast-modified: Sun, 21 Jun 2026 12:20:37 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-cache-status: DYNAMIC\r\npriority: u=0,i\r\ncontent-encoding: zstd\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=E2JBgJ%2FK16z5MS29ofOnK9uDBle6yxmy75Iil8%2BXgAKlMu622KN9F6lJtPtMHKDtl8%2FICGxUZrbiXCUz3kDfN9zjsTDfwBp%2BL7dILmB0lrcSLfBk4PvrYLmDVoa36bnGbxZsyN3qgcSK\"}]}\r\ncf-ray: a0f5ba94b8e14e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23358,"size_decoded":6538,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (15667)","md5":"2b2249032c1862e55c75c288b3b7d248","sha1":"e77b7ce184cf66cd0581b91fb2e2851a379bc9a1","sha256":"7cbd50b323025773910caee523d044bdc50d0a35e4330e4ac71e2634e6e05d91","sha512":"b1ba8dd1109bbfd52c7dd08383c57f1b40081792c6f01a3d90ebbce9737df9b49c7d31719b67ab47680b0a33d8c50c1ad6aa1061625f5bc5285a9620178cabcd","ssdeep":"384:Fk8cRpszYULZsUYH2L0r82It4uSRhKutTxXNRgl+FU+xHyvfSDIJPJWf3b8fzwZF:Fk8cRpsz4H2L0r82It4uSRhKut5NRglo","tlshash":"70a2dd04f9504d3f3a17a2fe52d5de9ca2517402d857bb5cb2b880c2e7c6eb34eb6528","first_seen":"2026-06-21T20:23:46.760782Z","last_seen":"2026-06-21T20:25:53.197327Z","times_seen":2,"resource_available":true,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":68,"connect":19,"send":0,"wait":155,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/images/3.png","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.590Z","timestamp":1782073383590,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /images/3.png HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: image/png\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ACrYiozbaENqrtM5wRGlaSt0rHWcSS9veac8pzGFQ6pu5vKfh6pA5a9RrKr8gf4q05l4ct4W2MHxB%2BR0WJN3NRYEG4PM5RbukAWjWIcxKZEvCVCTlzp7C4N%2BmAgII0OOlmNK5SUZh3s0\"}]}\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-1545ab\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=5,i\r\ncontent-length: 1394091\r\ncf-ray: a0f5ba9779bb4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1394091,"size_decoded":1394788,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced","md5":"06f128505b8c36156cf7fafb4752696d","sha1":"a11e0ea53267192e4897b0c5dd8f8dcabfe67cd4","sha256":"f18afa754ab250fc8bf01ce560c7b66db26b36e22b64b676fb023cb436ba9f7b","sha512":"7d1999e75a81ffab734a5edb3a02e6bc48ac831f1524779b2829f6b0b3e6feab26c3d3d88845a7072a0c632bb12ef9444621cd8a5118dce81b9952f0fc3d0b0e","ssdeep":"24576:+ZZeZ27pOIBiLmZKzj0HHihsG5cujAETAPNNzulf+leKyjAO+TCQ:+ZZ4spfBiLmoEHYs4cuj1UbKlGlxB","tlshash":"c32533abc565ec5507aa91ec8168ec52c98ec4314bec07d69bdc6c00ccbde76b18cda7","first_seen":"2026-05-31T22:39:41.040323Z","last_seen":"2026-06-24T19:05:04.152576Z","times_seen":17,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":132,"receive":249,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/stylesheet_0.css","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.723Z","timestamp":1782073383723,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /stylesheet_0.css HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/stylesheet_2.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:03 GMT\r\ncontent-type: text/css\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TAB3sZOYrxpsylTIS8HViJUGGsYYIlU%2FAyviK8lDleC50JEeEJ%2BwCvWpOq72m2BPcUSB8Mz7dGlTy9ASni2%2FHlC0VrKSTJrcJR7Hi72uOyccm5R9ZnA3ofsRN869wbM4RPZ3BWC038Qk\"}]}\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: zstd\r\netag: W/\"6a37c5b9-77\"\r\ncf-ray: a0f5ba984a0e4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":119,"size_decoded":776,"mime_type":"text/css","magic":"ASCII text, with no line terminators","md5":"5ca8cabed6e34e05a754219ba4cee94b","sha1":"3be8c591cf05166b95395e3552798a769ad55312","sha256":"df89cff7784f4aa2c53e72c7a7fb5cc59cf7aa2a30ddeeee483b7ad261f6799d","sha512":"2988abcc4d7ef2d78bf9ccb48eb64ab24dde14cb6666359f2dcdd4f5a8ee2e5237dbe4507a1155c7698825255a7e387b9bc6e3f642d7b6862e3e23c21c4597cd","ssdeep":"","tlshash":"08b0928969d1001c9095c2a1c9d08ab82a7dd78270228d6e734b629b4b402dc23ae6a7","first_seen":"2026-06-21T20:23:46.762924Z","last_seen":"2026-06-21T20:25:53.205321Z","times_seen":2,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":146,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/fonts/0.woff2","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.928Z","timestamp":1782073383928,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /fonts/0.woff2 HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/stylesheet_1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:04 GMT\r\ncontent-type: font/woff2\r\npriority: u=3,i=?0\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-bd30\"\r\naccept-ranges: bytes\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5WzBjPOlR9APRZhi7VHHRjlkk7QntO59ZffnsJjeh9lyddBc3wcYFnRH0PCPFbnvAlIaBXJ%2BaYYGJJJUgKKIChucPUyjyCFSdDAk1nu8zQHAvIe28gtnfFg8A1apSV0yLRVxXOPgR%2Bki\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 48432\r\ncf-ray: a0f5ba999a5a4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48432,"size_decoded":49129,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-07-01T05:10:42.256413Z","times_seen":71599,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":140,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kintara.app-events.xyz/fonts/0.woff2","fqdn":"kintara.app-events.xyz","domain":"app-events.xyz","tld":"xyz"},"ip":{"addr":"172.67.191.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://kintara.app-events.xyz/","date":"2026-06-21T20:23:03.939Z","timestamp":1782073383939,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app-events.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 07 Jun 2026 19:40:28 GMT","end":"Sat, 05 Sep 2026 20:38:57 GMT"},"fingerprint":{"sha1":"68:01:61:EC:E5:58:20:6D:82:27:94:AF:5E:BF:99:C5:0E:81:38:FA","sha256":"7B:44:D3:86:7E:3A:5A:17:26:AE:A9:D2:2B:74:62:B5:D4:B6:A5:E5:76:A2:0C:3E:36:A4:7F:35:60:C3:BF:5B"}}},"request":{"raw":"GET /fonts/0.woff2 HTTP/1.1\r\nHost: kintara.app-events.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://kintara.app-events.xyz/stylesheet_1.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 21 Jun 2026 20:23:04 GMT\r\ncontent-type: font/woff2\r\npriority: u=3,i=?0\r\nlast-modified: Sun, 21 Jun 2026 11:06:33 GMT\r\netag: \"6a37c5b9-bd30\"\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TNIQ8xoNtw1q0JMhXFzgyYve6B0DvV2I2zsGu1mzMgf1qAig4%2B6pnP8N7Bapj%2BxyCrDTe08JOgXQ%2FqV1zuvIJCRoIMvoHtx56ko%2FoYvYGAfyu8tWT1VfMzoKPVVx%2F6jnAiGdjXnbzvBN\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-length: 48432\r\ncf-ray: a0f5ba99aa614e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48432,"size_decoded":49142,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48432, version 1.0","md5":"65850a373e258f1c897a2b3d75eb74de","sha1":"1dc044f4824fd5af6bfed67fee48be70fa069f3f","sha256":"c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4","sha512":"df2683f3dd9724de589451a47bc608c9925d54b874ad97b733dd465ef41f9db75e9e31604762415c2fc1433d050e45fdefc6ecd7ecadf58d1243d9ca5f4bf74b","ssdeep":"768:3IkDHBYoX5Pi4JxTGz9CDR0s1ROSsA8mF77YNt7wFhVq9oN2WfpdqWjBA:tNYoX53xTl/R8W77YNtUFrWoUWvdA","tlshash":"56230251f5f8624a7fc3003fbc317bd862909fe5996ee5d91288f30225611dd29ee017","first_seen":"2025-05-30T12:57:00.85385Z","last_seen":"2026-07-01T05:10:42.256413Z","times_seen":71599,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":71,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-21","alert":"Sinkholed","trigger":"kintara.app-events.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}
