{"report_id":"5ee60bee-2673-47a9-9a5c-5cacfa170a74","version":6,"status":"done","tags":["suspicious"],"date":"2026-04-15T00:15:57Z","url":{"schema":"http","addr":"marinamessage07apr.wasmer.app","fqdn":"marinamessage07apr.wasmer.app","domain":"marinamessage07apr.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"marinamessage07apr.wasmer.app/","fqdn":"marinamessage07apr.wasmer.app","domain":"marinamessage07apr.wasmer.app","tld":"wasmer.app"},"title":"Navy Federal Credit Union - Our Members are the MissionĀ®","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"marinamessage07apr.wasmer.app","fqdn":"marinamessage07apr.wasmer.app","domain":"marinamessage07apr.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-20T00:15:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-15","alert":"Phishing Block","trigger":"marinamessage07apr.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"marinamessage07apr.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"digitalapps.navyfederal.org","ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"1997-03-24","domain_rank":93913,"first_seen":"2020-08-13T16:50:55Z","last_seen":"2026-04-13T16:02:54.803994Z","alert_count":0,"request_count":4,"received_data":2730,"sent_data":4263,"comment":"","tags":null,"fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Akamai Bot Manager","description":"Akamai Bot Manager detect bots using device fingerprinting bot signatures.","website":"https://www.akamai.com/us/en/products/security/bot-manager.jsp","common_platform_enumeration":"","icon":"Akamai.svg","categories":["Security"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-04-12T22:33:20.808909Z","alert_count":0,"request_count":1,"received_data":31998,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"marinamessage07apr.wasmer.app","ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2018-10-16","domain_rank":0,"first_seen":"2026-04-15T00:16:01.642603Z","last_seen":"2026-04-15T00:16:02.163064Z","alert_count":7,"request_count":3,"received_data":5056872,"sent_data":1526,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.3.21","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"marinamessage07apr.wasmer.app/","fqdn":"marinamessage07apr.wasmer.app","domain":"marinamessage07apr.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"fe9691e224de0a1e540872278dc69657","sha1":"73225d3f52fe2eaba881e21bfb16a0f75b857427","sha256":"29eb1ed3b0068f79e8862dfd0d608ffc67b8fdd07c4d5c84e054bc75b5cbe27f","sha512":"25562b1cc75ff497f161bcfd570358131fc5a46504e943623fc79ec7a18b501990ddae7a8887d59f3696697266938a0bb3547c5889dbac8e7d9c7c76435e2942","ssdeep":"768:YWUfJLQeYPdJxIPdHoHoaDjGNNBTMPz2eYCqHmY6xIGv052bCSYu9E+uLqj+CtjJ:jL7","tlshash":"f264b23cf323c44d99b35abbfcbc1a14a144aec7e9dda6c80c5d42462fe0d6a35186e5","size":314109,"data":"","first_seen":"2026-04-03T00:11:13.697787Z","last_seen":"2026-04-17T10:56:14.31889Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marinamessage07apr.wasmer.app/","fqdn":"marinamessage07apr.wasmer.app","domain":"marinamessage07apr.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"6860ce1d6b1ff9dce286f6528c96cb18","sha1":"d17777984c1bf250c378b2becd856d75edbba66f","sha256":"8367c436c9109829401162a8d2756f023075947a6f1d3cef46b04cbace7b5d84","sha512":"8b24dad3eb2bdabbc1fdbaf306e1de00b8f13906f0d8fe9a199ae25126de8b5160079bbd2d372f4c6d9be60612dd36d7e5c97de8e70453049f297e7a2a550c90","ssdeep":"12288:pSdeNP5bYItCbZeF4+hDgCIcmk3FfydReRDOdGi5GJSChr4DDh:zNhbbuMRAk3xy7N4i5cSCle","tlshash":"04759a7cdd25086dfdb89d1bf1bcea9abe901d17e2c86f5ea51f38818f80654b110a0d","size":1685109,"data":"","first_seen":"2026-04-03T00:11:13.694772Z","last_seen":"2026-04-17T10:56:14.317466Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marinamessage07apr.wasmer.app/","fqdn":"marinamessage07apr.wasmer.app","domain":"marinamessage07apr.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"65d01f8698d2d8cc14c091897488e881","sha1":"fcb4cb68ee6bd56524fd28ef41293317155e6880","sha256":"27e2ea2c63aa2ad08b5ba768e13d4ff5c7eb511a8454828f9fccd460a1bd183d","sha512":"05856c96550e56bfba6946686b223dcea19372c6f4d5a35eb8c5b63563c4361932ab78612283132ac30b9aa859e632c796a12f56f6401a4f151162260ae4982e","ssdeep":"1536:mL+ijtnw1wNz8ikMO3cRwcuyk71nSODgmagQlG0ddSzd6WOOGekx6l6l62HHp4t1:X","tlshash":"9c3625779103e83d78a398ffe96c9ed100d1edcaeec9968701fc84592be1a6e35184c5","size":5055409,"data":"","first_seen":"2026-04-03T00:11:13.701337Z","last_seen":"2026-04-17T10:56:14.320419Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"03e15e57d5b834fe634c634a4127e4e1","sha1":"5ff426cac4c6638ccfdaa48dd2e074da1e3cd0a7","sha256":"b5bf3fa2f72943895a26549a91d2c1526831698db1a5c565dc7237fd5e73eed9","sha512":"2fb42b218a5b65414f736cabc934a90fc50793aa733bec63c7aefa16377b24d7a6be4eb8dedd03fa7651e595f143e7d16828189b02ebdd2bd5ebb022762f76de","ssdeep":"12288:sSdeNP5bYItCbZeF4+hDgCIcmk3FfydReRDOdGi5GJSChr4DDb:KNhbbuMRAk3xy7N4i5cSClQ","tlshash":"10759a7cdd25086dfdb89d1bf1bcea9abe901d17e2c86f5ea51f38818f80654b110a0d","size":1685127,"data":"","first_seen":"2026-04-03T00:11:13.703479Z","last_seen":"2026-04-17T10:56:14.321496Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"e2657f31d5062ff201f47bc21fbff295","sha1":"dc82b1032a91cc14b7b98cb002208b4115fdbb92","sha256":"14de214b36797229bbebed5b0c57ae5190562212aeba17124e3714ee21049c10","sha512":"1e3fa900db8d9e092651b3f18aa7134fb4ee967fbbe6a476be04ae0fcdb46fa74a341b6ffac6bf57b83ae834508373f99cdc6045cf90aee63bfd1d172b70f551","ssdeep":"12288:F0SZthg6wLMLHej3ev2b27iPQ23CtDoW8jqCyYdTUD4W8jS0:ZZng7w+jMOR/jqHil/jX","tlshash":"6e45f83ce663d84c9d73167bfcac1a106e189d83d9ddaee83c1d46450fd0aa57a18bc8","size":1260777,"data":"","first_seen":"2026-04-03T00:11:13.70594Z","last_seen":"2026-04-17T10:56:10.382339Z","times_seen":9,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T09:23:21.870352Z","times_seen":13929305,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://marinamessage07apr.wasmer.app/","date":"2026-04-15T00:15:36.436Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 14 Mar 2026 00:38:49 GMT","end":"Fri, 12 Jun 2026 01:38:45 GMT"},"fingerprint":{"sha1":"7A:4A:F6:D6:63:62:70:CA:51:C5:5A:06:41:17:71:BF:9D:2C:C9:42","sha256":"7F:F5:F5:FE:73:1F:E7:AF:1A:82:5B:59:EE:E8:E9:65:D6:87:68:61:8C:11:1E:94:4A:9A:C4:14:BD:4B:04:BA"}}},"request":{"raw":"GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marinamessage07apr.wasmer.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Apr 2026 00:15:36 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 5631\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e5f-7918\"\r\nlast-modified: Mon, 04 May 2020 16:10:07 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 404149\r\nexpires: Mon, 05 Apr 2027 00:15:36 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IqsoT6pZqYQwbgcw9uF%2FZ4rS1qWO7CfAN0ys0%2B5Lcj82Va9ltbBQah26K6lRYSQS2BNu2lYSQKdvN467oaRPmpQ2a4v3Br6h%2F6wSxwmlJc4EjFr1S46XdpIIJoTtUQv4cDvxCSXb\"}]}\r\ncf-ray: 9ec6c1bcdc93783d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31000,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-04-19T08:23:57.105017Z","times_seen":246442,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":18,"dns":1,"connect":1,"send":0,"wait":5,"receive":1,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marinamessage07apr.wasmer.app/.11ty/reload-client.js","fqdn":"marinamessage07apr.wasmer.app","domain":"marinamessage07apr.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://marinamessage07apr.wasmer.app/","date":"2026-04-15T00:15:36.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Feb 2026 16:03:14 GMT","end":"Sat, 16 May 2026 16:03:13 GMT"},"fingerprint":{"sha1":"D7:0C:10:A8:62:E1:78:E2:19:9C:E3:06:90:C5:00:76:34:5C:B5:BC","sha256":"92:14:FC:44:C7:7C:76:1D:61:EC:9E:A9:FF:1C:A6:BC:37:AE:71:4C:50:F3:20:7B:0D:EB:A4:38:E6:D2:BB:0B"}}},"request":{"raw":"GET /.11ty/reload-client.js HTTP/1.1\r\nHost: marinamessage07apr.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marinamessage07apr.wasmer.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 15 Apr 2026 00:15:36 GMT\r\nx-edge-app-version-id: dav_nkPI5tdubQbQ\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 555\r\nx-wasmer-request-id: e3ea97bc-3905-450c-b43b-a7ce18d8bb09\r\nx-edge-rty: w\r\nx-edge-region: de-falkenstein\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T09:23:21.870352Z","times_seen":13929305,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-15","alert":"Phishing Block","trigger":"marinamessage07apr.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"marinamessage07apr.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/static/media/img-BecomeAMember.64255d0d02ef64234628.jpg","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marinamessage07apr.wasmer.app/","date":"2026-04-15T00:15:36.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Tue, 14 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:3E:C8:F6:C4:4E:39:59:15:CF:9F:93:12:3E:72:D3:5C:5D:3C:D8","sha256":"6E:26:72:45:79:05:34:94:73:39:41:1B:68:A0:48:2E:93:56:2C:A2:1A:AC:A9:6D:93:67:92:48:8D:CA:A0:3E"}}},"request":{"raw":"GET /signin/static/media/img-BecomeAMember.64255d0d02ef64234628.jpg HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marinamessage07apr.wasmer.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 502 Bad Gateway\r\ncontent-type: text/html\r\nserver: Microsoft-IIS/10.0\r\ncontent-length: 1477\r\nx-edgeconnect-midmile-rtt: 76\r\nx-edgeconnect-origin-mex-latency: 19\r\ncache-control: max-age=86400\r\nexpires: Thu, 16 Apr 2026 00:15:36 GMT\r\ndate: Wed, 15 Apr 2026 00:15:36 GMT\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nset-cookie: akaalb_Digital_ALB=~op=~rv=34~m=~os=~id=3918bd2801fcd455114d1b276bd73f04; path=/; Secure; SameSite=None\nak_bmsc=43C2044C48DC5BDF2891DEED90A3DA25~000000000000000000000000000000~YAAQJ08kF/emfk2dAQAAKlN+jh+DTthyG9ynN2sCXZyxbuP8ib7GoAdGJu8Mg3ILrcmbcpyYr4ylkj3YMpYG+cm9aZG64LcAD+JZMdxDVp2F9QYM+BdP/BujaRS48eck6rI+MvG3+fk/COawOhna7WCfx7P93UInWtpP7SkTozZGQUMsb+m5RpsHOOZiiI/+MTz5tq6rsUjn/KaWBxwJhVZ8LV6AMxjOwaSn+UdtD50TwXU2YA6sFfI0wBAV7VHj1xXRYay4Lqr12VgmnZsi69BrogP7J6kX55oAJYeu9wlMEikYqxVzswNwhlwVV8UkdlKRn2IafuFhwCOej0Q/0kS2O+pGiBwx3qkxLnzdmQOdpqG4wy9oQjtMn2xcrcyA36pHIQQymNG6hLvIw5ST; Domain=.navyfederal.org; Path=/; Expires=Wed, 15 Apr 2026 02:15:36 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T09:23:21.870352Z","times_seen":13929305,"resource_available":true,"data":null}},"time_used":166,"timings":{"blocked":17,"dns":1,"connect":1,"send":0,"wait":120,"receive":10,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marinamessage07apr.wasmer.app/navy_files/saved_resource.html","fqdn":"marinamessage07apr.wasmer.app","domain":"marinamessage07apr.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://marinamessage07apr.wasmer.app/","date":"2026-04-15T00:15:36.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Feb 2026 16:03:14 GMT","end":"Sat, 16 May 2026 16:03:13 GMT"},"fingerprint":{"sha1":"D7:0C:10:A8:62:E1:78:E2:19:9C:E3:06:90:C5:00:76:34:5C:B5:BC","sha256":"92:14:FC:44:C7:7C:76:1D:61:EC:9E:A9:FF:1C:A6:BC:37:AE:71:4C:50:F3:20:7B:0D:EB:A4:38:E6:D2:BB:0B"}}},"request":{"raw":"GET /navy_files/saved_resource.html HTTP/1.1\r\nHost: marinamessage07apr.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marinamessage07apr.wasmer.app/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Wed, 15 Apr 2026 00:15:36 GMT\r\nx-edge-app-version-id: dav_nkPI5tdubQbQ\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 563\r\nx-wasmer-request-id: 84e146d6-40a9-47cf-9aa4-f8926b593ea4\r\nx-edge-rty: w\r\nx-edge-region: de-falkenstein\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":563,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"6fb93d93e03f47ab0462de916115ea4c","sha1":"455c85d6a73fc28069a6b57eb89c7b1118b6170c","sha256":"424f19fb6203f21d253ea011890be5fd70e4193d88f26cc6aa65bd6f323d1512","sha512":"d1f48099c8e60d649785f30d9d9faf448b5196bdaef6fb7291e573278393758c111010349c666da96bc2547658160973ac2746139939e84ecd98505d01494acf","ssdeep":"","tlshash":"d9f0eb1bc3a2210ef079a4e42dc36350731e0262f4204f38bc562e38e05c8b4287bbcd","first_seen":"2026-04-03T00:11:13.691079Z","last_seen":"2026-04-15T05:35:18.575649Z","times_seen":13,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"marinamessage07apr.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-15","alert":"Phishing Block","trigger":"marinamessage07apr.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/static/media/bubbles.9f2a1919448e1d79ac6b.svg","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marinamessage07apr.wasmer.app/","date":"2026-04-15T00:15:36.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Tue, 14 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:3E:C8:F6:C4:4E:39:59:15:CF:9F:93:12:3E:72:D3:5C:5D:3C:D8","sha256":"6E:26:72:45:79:05:34:94:73:39:41:1B:68:A0:48:2E:93:56:2C:A2:1A:AC:A9:6D:93:67:92:48:8D:CA:A0:3E"}}},"request":{"raw":"GET /signin/static/media/bubbles.9f2a1919448e1d79ac6b.svg HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marinamessage07apr.wasmer.app/\r\nCookie: akaalb_Digital_ALB=~op=~rv=34~m=~os=~id=3918bd2801fcd455114d1b276bd73f04; ak_bmsc=43C2044C48DC5BDF2891DEED90A3DA25~000000000000000000000000000000~YAAQJ08kF/emfk2dAQAAKlN+jh+DTthyG9ynN2sCXZyxbuP8ib7GoAdGJu8Mg3ILrcmbcpyYr4ylkj3YMpYG+cm9aZG64LcAD+JZMdxDVp2F9QYM+BdP/BujaRS48eck6rI+MvG3+fk/COawOhna7WCfx7P93UInWtpP7SkTozZGQUMsb+m5RpsHOOZiiI/+MTz5tq6rsUjn/KaWBxwJhVZ8LV6AMxjOwaSn+UdtD50TwXU2YA6sFfI0wBAV7VHj1xXRYay4Lqr12VgmnZsi69BrogP7J6kX55oAJYeu9wlMEikYqxVzswNwhlwVV8UkdlKRn2IafuFhwCOej0Q/0kS2O+pGiBwx3qkxLnzdmQOdpqG4wy9oQjtMn2xcrcyA36pHIQQymNG6hLvIw5ST\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 502 Bad Gateway\r\ncontent-type: text/html\r\nserver: Microsoft-IIS/10.0\r\nx-edgeconnect-midmile-rtt: 76\r\nx-edgeconnect-origin-mex-latency: 28\r\nx-akamai-transformed: 0 - 0 -\r\ncache-control: max-age=86400\r\nexpires: Thu, 16 Apr 2026 00:15:37 GMT\r\ndate: Wed, 15 Apr 2026 00:15:37 GMT\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nset-cookie: bm_sv=0680E2E59E2F6B65C88EEC6D3959BE3B~YAAQJ08kF/qmfk2dAQAAWFR+jh9QvKEiHhjHX5J2okmvR5KPdj+tGwDTGcsH4LkSImyKbyq8B/ZzTH2mFtLyYDTl3VIaJLbNHJFD3T/6PiCoR0kIr/r5umxKH0OUxbPyTWh7OUZ1G4XdJtn4b2PRQFqKmwwdqgodmAAt0/G/Ta33k5htwAH+O6KDm019Wzoh1Tc5VR3JXOG5TdFWWmZy7pvu61D5+x5T6R0LXrSTvQ/ik1sYZZlDA+4qRISRCczVKoYirtI=~1; Domain=.navyfederal.org; Path=/; Expires=Wed, 15 Apr 2026 02:15:37 GMT; Max-Age=7200; SameSite=None; Secure\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"Akamai Bot Manager","description":"Akamai Bot Manager detect bots using device fingerprinting bot signatures.","website":"https://www.akamai.com/us/en/products/security/bot-manager.jsp","common_platform_enumeration":"","icon":"Akamai.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T09:23:21.870352Z","times_seen":13929305,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/apple-touch-icon.png","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marinamessage07apr.wasmer.app/","date":"2026-04-15T00:15:37.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Tue, 14 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:3E:C8:F6:C4:4E:39:59:15:CF:9F:93:12:3E:72:D3:5C:5D:3C:D8","sha256":"6E:26:72:45:79:05:34:94:73:39:41:1B:68:A0:48:2E:93:56:2C:A2:1A:AC:A9:6D:93:67:92:48:8D:CA:A0:3E"}}},"request":{"raw":"GET /signin/apple-touch-icon.png HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marinamessage07apr.wasmer.app/\r\nCookie: akaalb_Digital_ALB=~op=~rv=34~m=~os=~id=3918bd2801fcd455114d1b276bd73f04; ak_bmsc=43C2044C48DC5BDF2891DEED90A3DA25~000000000000000000000000000000~YAAQJ08kF/emfk2dAQAAKlN+jh+DTthyG9ynN2sCXZyxbuP8ib7GoAdGJu8Mg3ILrcmbcpyYr4ylkj3YMpYG+cm9aZG64LcAD+JZMdxDVp2F9QYM+BdP/BujaRS48eck6rI+MvG3+fk/COawOhna7WCfx7P93UInWtpP7SkTozZGQUMsb+m5RpsHOOZiiI/+MTz5tq6rsUjn/KaWBxwJhVZ8LV6AMxjOwaSn+UdtD50TwXU2YA6sFfI0wBAV7VHj1xXRYay4Lqr12VgmnZsi69BrogP7J6kX55oAJYeu9wlMEikYqxVzswNwhlwVV8UkdlKRn2IafuFhwCOej0Q/0kS2O+pGiBwx3qkxLnzdmQOdpqG4wy9oQjtMn2xcrcyA36pHIQQymNG6hLvIw5ST; bm_sv=0680E2E59E2F6B65C88EEC6D3959BE3B~YAAQJ08kF/qmfk2dAQAAWFR+jh9QvKEiHhjHX5J2okmvR5KPdj+tGwDTGcsH4LkSImyKbyq8B/ZzTH2mFtLyYDTl3VIaJLbNHJFD3T/6PiCoR0kIr/r5umxKH0OUxbPyTWh7OUZ1G4XdJtn4b2PRQFqKmwwdqgodmAAt0/G/Ta33k5htwAH+O6KDm019Wzoh1Tc5VR3JXOG5TdFWWmZy7pvu61D5+x5T6R0LXrSTvQ/ik1sYZZlDA+4qRISRCczVKoYirtI=~1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 502 Bad Gateway\r\ncontent-type: text/html\r\nserver: Microsoft-IIS/10.0\r\ncontent-length: 1477\r\nx-edgeconnect-midmile-rtt: 76\r\nx-edgeconnect-origin-mex-latency: 27\r\ncache-control: max-age=86400\r\nexpires: Thu, 16 Apr 2026 00:15:37 GMT\r\ndate: Wed, 15 Apr 2026 00:15:37 GMT\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T09:23:21.870352Z","times_seen":13929305,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/favicon-16x16.png","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://marinamessage07apr.wasmer.app/","date":"2026-04-15T00:15:37.170Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 15 Jul 2025 00:00:00 GMT","end":"Tue, 14 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"78:3E:C8:F6:C4:4E:39:59:15:CF:9F:93:12:3E:72:D3:5C:5D:3C:D8","sha256":"6E:26:72:45:79:05:34:94:73:39:41:1B:68:A0:48:2E:93:56:2C:A2:1A:AC:A9:6D:93:67:92:48:8D:CA:A0:3E"}}},"request":{"raw":"GET /signin/favicon-16x16.png HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://marinamessage07apr.wasmer.app/\r\nCookie: akaalb_Digital_ALB=~op=~rv=34~m=~os=~id=3918bd2801fcd455114d1b276bd73f04; ak_bmsc=43C2044C48DC5BDF2891DEED90A3DA25~000000000000000000000000000000~YAAQJ08kF/emfk2dAQAAKlN+jh+DTthyG9ynN2sCXZyxbuP8ib7GoAdGJu8Mg3ILrcmbcpyYr4ylkj3YMpYG+cm9aZG64LcAD+JZMdxDVp2F9QYM+BdP/BujaRS48eck6rI+MvG3+fk/COawOhna7WCfx7P93UInWtpP7SkTozZGQUMsb+m5RpsHOOZiiI/+MTz5tq6rsUjn/KaWBxwJhVZ8LV6AMxjOwaSn+UdtD50TwXU2YA6sFfI0wBAV7VHj1xXRYay4Lqr12VgmnZsi69BrogP7J6kX55oAJYeu9wlMEikYqxVzswNwhlwVV8UkdlKRn2IafuFhwCOej0Q/0kS2O+pGiBwx3qkxLnzdmQOdpqG4wy9oQjtMn2xcrcyA36pHIQQymNG6hLvIw5ST; bm_sv=0680E2E59E2F6B65C88EEC6D3959BE3B~YAAQJ08kF/qmfk2dAQAAWFR+jh9QvKEiHhjHX5J2okmvR5KPdj+tGwDTGcsH4LkSImyKbyq8B/ZzTH2mFtLyYDTl3VIaJLbNHJFD3T/6PiCoR0kIr/r5umxKH0OUxbPyTWh7OUZ1G4XdJtn4b2PRQFqKmwwdqgodmAAt0/G/Ta33k5htwAH+O6KDm019Wzoh1Tc5VR3JXOG5TdFWWmZy7pvu61D5+x5T6R0LXrSTvQ/ik1sYZZlDA+4qRISRCczVKoYirtI=~1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 502 Bad Gateway\r\ncontent-type: text/html\r\nserver: Microsoft-IIS/10.0\r\ncontent-length: 1477\r\nx-edgeconnect-midmile-rtt: 76\r\nx-edgeconnect-origin-mex-latency: 33\r\ncache-control: max-age=86400\r\nexpires: Thu, 16 Apr 2026 00:15:37 GMT\r\ndate: Wed, 15 Apr 2026 00:15:37 GMT\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"502","status_text":"Bad Gateway","fingerprints":[{"name":"IIS:10.0","description":"Internet Information Services (IIS) is an extensible web server software created by Microsoft for use with the Windows NT family.","website":"https://www.iis.net","common_platform_enumeration":"cpe:2.3:a:microsoft:internet_information_server:*:*:*:*:*:*:*:*","icon":"Microsoft.svg","categories":["Web servers"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-19T09:23:21.870352Z","times_seen":13929305,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":137,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"marinamessage07apr.wasmer.app/","fqdn":"marinamessage07apr.wasmer.app","domain":"marinamessage07apr.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-15T00:15:32.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 15 Feb 2026 16:03:14 GMT","end":"Sat, 16 May 2026 16:03:13 GMT"},"fingerprint":{"sha1":"D7:0C:10:A8:62:E1:78:E2:19:9C:E3:06:90:C5:00:76:34:5C:B5:BC","sha256":"92:14:FC:44:C7:7C:76:1D:61:EC:9E:A9:FF:1C:A6:BC:37:AE:71:4C:50:F3:20:7B:0D:EB:A4:38:E6:D2:BB:0B"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: marinamessage07apr.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Apr 2026 00:15:35 GMT\r\nx-edge-region: de-falkenstein\r\nx-powered-by: PHP/8.3.21\r\ncontent-type: text/html; charset=UTF-8\r\nx-edge-app-version-id: dav_nkPI5tdubQbQ\r\nx-wasmer-request-id: dc690187-3de1-42d5-bf39-306bd7dcf2c4\r\nx-edge-rty: w\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.21","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":5055447,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (65536), with no line terminators","md5":"122c90c1efb0345b4bd47005c2142dbd","sha1":"3466e942fa98b6861347aa6922197eeedfdac738","sha256":"d00b463ef507d97b7e78e5108fb602241496dbc8d6854a2df726202bd13442eb","sha512":"a8c990013eed9242817e13594a784b17c1118880c55a41cc7961c9b2adb0d4e3a8e59141a073d03d947e56e23f22afa0fc0fec393eab0f859e8c4919468b42e2","ssdeep":"1536:lL+ijtnw1wNz8ikMO3cRwcuyk71nSODgmagQlG0ddSzd6WOOGekx6l6l62HHp4ta:f","tlshash":"6e2552779202e57d682398fffebc6ee110e0ed5edec95a4700ad841e67e1dad3508086","first_seen":"2026-04-03T00:11:13.685183Z","last_seen":"2026-04-17T10:56:14.310795Z","times_seen":18,"resource_available":true,"data":null}},"time_used":2945,"timings":{"blocked":115,"dns":39,"connect":33,"send":0,"wait":2714,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-04-15","alert":"Phishing Block","trigger":"marinamessage07apr.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"marinamessage07apr.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}}]}