{"report_id":"64347a40-4fc6-48ea-b4a2-370b37421efb","version":6,"status":"done","tags":["suspicious"],"date":"2026-05-28T12:28:44Z","url":{"schema":"http","addr":"on-notification-emessage.wasmer.app","fqdn":"on-notification-emessage.wasmer.app","domain":"on-notification-emessage.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"on-notification-emessage.wasmer.app/","fqdn":"on-notification-emessage.wasmer.app","domain":"on-notification-emessage.wasmer.app","tld":"wasmer.app"},"title":"Navy Federal Credit Union - Our Members are the MissionĀ®","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"on-notification-emessage.wasmer.app","fqdn":"on-notification-emessage.wasmer.app","domain":"on-notification-emessage.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":0,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-02T12:28:44Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-28","alert":"Detects file containing Telegram Bot API","trigger":"javascript.write.md5:aaaa3ec4fa075d8056717e124ad2c502","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"on-notification-emessage.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"on-notification-emessage.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"on-notification-emessage.wasmer.app","ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2018-10-16","domain_rank":0,"first_seen":"2026-05-28T12:28:45.397461Z","last_seen":"2026-05-28T12:28:45.397461Z","alert_count":7,"request_count":3,"received_data":1263535,"sent_data":1648,"comment":"","tags":null,"fingerprints":[{"name":"PHP:8.3.21","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2026-05-24T22:36:44.337416Z","alert_count":0,"request_count":1,"received_data":32003,"sent_data":496,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"digitalapps.navyfederal.org","ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"domain_registered":"1997-03-24","domain_rank":93913,"first_seen":"2020-08-13T16:50:55Z","last_seen":"2026-05-24T12:27:19.366114Z","alert_count":0,"request_count":4,"received_data":3232,"sent_data":3243,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"md5":"aaaa3ec4fa075d8056717e124ad2c502","sha1":"6f69cc985b354b4379a06b381f948b803964d0f0","sha256":"55a29f33215444e9dd110fac9fcc83f4481b8c8eca997ce5dd7bd4d7c86443d8","sha512":"c5ca59d75228ee3b8f63075aad8839481b1dae93b478992428cab18727f8d7637e66bb40421f54c740d782d44cf1e20d0aa59525606e634a00ee1c003ad0b7e7","size":104683,"token":"8024091175:AAFhIEvrWfP6y6x5rh8itUiJWV5FP8DpS8o","is_revoked":false,"bot":{"token":"8024091175:AAFhIEvrWfP6y6x5rh8itUiJWV5FP8DpS8o","user_id":"8024091175","username":"Waxzy25_bot","first_name":"WAXZY","last_name":"","chat":{"chat_id":"8756734121","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":1}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"on-notification-emessage.wasmer.app/","fqdn":"on-notification-emessage.wasmer.app","domain":"on-notification-emessage.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"fdbdda8ba2c19026b3be4f21dabaead0","sha1":"e5866f91b02f122b8390d6e59d4b16265a4e347b","sha256":"83d610e902af1f6598beed35f3269d6d4f8fbb370c44ba85bf2ec84e7d175c94","sha512":"fa1e2d575586ef222c91b7044e1da7213fc632a7644ba9c0406b9c4cc61884fb8ed052185360078dc1b0b9c8b2de5613b1bb4b50fcfb49c15ea2d2fea762b9db","ssdeep":"","tlshash":"dc01ce3d6a75253081fb012233fbf7002e7733a22511b1049d6cdc4ea82cc82156b8de","size":765,"data":"","first_seen":"2026-03-30T20:42:40.808698Z","last_seen":"2026-05-28T12:28:48.267944Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"on-notification-emessage.wasmer.app/","fqdn":"on-notification-emessage.wasmer.app","domain":"on-notification-emessage.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"26a80ec5639e9773605515b0a498255b","sha1":"74debab57680e1a3cc9a26e749e8448222927ae6","sha256":"6c29e34f23b8fe5836cf3d6495f3cc814449a2bab6dc704778be753cf134915b","sha512":"e983855cea8d3bd599fbb86a8fdc834fd0079afb2c5c29668024f7ce71787865853335a16a1a9f44264c79670bf741178af18010d20ddc745c52f2adfec48ddd","ssdeep":"768:QWUfJLQeYPdJxIPdHoHoaDjGNNBTMPz2eYCqHmY6xIGv052bCSYu9E+uLqj+CtjZ:bLz","tlshash":"5764b23cf323c44d99b35abbfcbc1a14a144aec7e9dda6c80c5d42462fe0d6a35186e5","size":314104,"data":"","first_seen":"2026-05-28T12:28:48.26939Z","last_seen":"2026-05-28T12:28:48.26939Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"aaaa3ec4fa075d8056717e124ad2c502","sha1":"6f69cc985b354b4379a06b381f948b803964d0f0","sha256":"55a29f33215444e9dd110fac9fcc83f4481b8c8eca997ce5dd7bd4d7c86443d8","sha512":"c5ca59d75228ee3b8f63075aad8839481b1dae93b478992428cab18727f8d7637e66bb40421f54c740d782d44cf1e20d0aa59525606e634a00ee1c003ad0b7e7","ssdeep":"1536:BV4eoZzx46xJ9DZ3ZFaCvHU0wRQ+G9NQKDOM:N0zx4iNFaCvHU0wRQ+G9NQKDOM","tlshash":"71a3e9e262606c3d00178bdffbe26680727e912fe2561480b1bc55b45bbbc99b70b51f","size":104683,"data":"","first_seen":"2026-05-28T12:28:48.270377Z","last_seen":"2026-05-28T12:28:48.270377Z","times_seen":1,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-05-28","alert":"Detects file containing Telegram Bot API","trigger":"javascript.write.md5:aaaa3ec4fa075d8056717e124ad2c502","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"on-notification-emessage.wasmer.app/","fqdn":"on-notification-emessage.wasmer.app","domain":"on-notification-emessage.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-28T12:28:21.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 15:04:39 GMT","end":"Wed, 15 Jul 2026 15:04:38 GMT"},"fingerprint":{"sha1":"FC:2E:CC:CF:17:11:62:09:49:F9:2C:CD:FA:5C:6A:56:31:D5:D6:9E","sha256":"20:90:3A:BF:BF:97:9E:DC:D3:28:D1:0E:2B:A6:C1:60:AD:76:68:57:DD:5D:26:A7:1E:58:71:E8:A8:5F:61:43"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: on-notification-emessage.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 May 2026 12:28:22 GMT\r\nx-edge-region: de-falkenstein\r\nx-powered-by: PHP/8.3.21\r\nset-cookie: PHPSESSID=ro9jd70qvj2a43on3c432a8fdf; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\ncontent-type: text/html; charset=UTF-8\r\nx-edge-app-version-id: dav_nBBIbtruYWMB\r\nx-wasmer-request-id: 0bc4f4de-524f-457d-9ad9-1af0d4a2b953\r\nx-edge-rty: w\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.3.21","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":1261942,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (63361), with CRLF, LF line terminators","md5":"aea0a85d57e06e31d45f1a8fb0476aaf","sha1":"1485b184bb04722a0796b5c457eab4a79c011bcb","sha256":"9f11082235c30e3687af846818bd789a9b729467765fa2ee4acb26d86d32fd59","sha512":"e050699066590a1136f705467d0e3e9f282b39c3e0f2f7c9ac4fa88ced9e296253f1f6d1c9f1bb23a95034fde37a4267f4ddbd192d380ae240cd3e44fd0c9877","ssdeep":"12288:V0SZthg6wLMLHej3eew2b27iPQ23CtDoW8jqCyYdTUD4W8jhn:pZng7w+jOOR/jqHil/jh","tlshash":"27256c3de6f3688c9d630177eded1a606e1c9c83c66cdeb87d1d16444f846a47b28a8c","first_seen":"2026-05-28T12:28:48.264917Z","last_seen":"2026-05-28T12:28:48.264917Z","times_seen":1,"resource_available":true,"data":null}},"time_used":769,"timings":{"blocked":124,"dns":42,"connect":33,"send":0,"wait":520,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"on-notification-emessage.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"on-notification-emessage.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.24.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://on-notification-emessage.wasmer.app/","date":"2026-05-28T12:28:22.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 May 2026 03:46:57 GMT","end":"Mon, 10 Aug 2026 04:46:42 GMT"},"fingerprint":{"sha1":"95:12:1E:0A:F6:69:8B:FC:A0:08:DA:67:1A:A4:D1:9D:87:F5:E9:07","sha256":"F3:4A:39:63:C7:6A:CE:66:1A:B4:62:2C:E9:92:82:9A:81:78:1B:CC:3F:D5:2D:0A:6D:D6:89:D9:F6:66:7B:BC"}}},"request":{"raw":"GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://on-notification-emessage.wasmer.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 28 May 2026 12:28:22 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 5631\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.01,\"max_age\":604800}\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"5eb03e5f-7918\"\r\nlast-modified: Mon, 04 May 2020 16:10:07 GMT\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\ncf-cdnjs-via: cfworker/kv\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 1283574\r\nexpires: Tue, 18 May 2027 12:28:22 GMT\r\naccept-ranges: bytes\r\nstrict-transport-security: max-age=15780000\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FDAuoQoR878G94yNNfVQKZFsUS7e1Wz%2FzujtB08a33CEN38rvHzU5Bwfh%2FZ9wFtnFkiFi5elm6RAcYqmXHQKr1VINgE%2Bt95hOmfMDftFN%2FHZVDLtxgtOHmG68qx18gdWILj0jBJk\"}]}\r\ncf-ray: a02d42426a53120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31000,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (30837)","md5":"269550530cc127b6aa5a35925a7de6ce","sha1":"512c7d79033e3028a9be61b540cf1a6870c896f8","sha256":"799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd","sha512":"49f4e24e55fa924faa8ad7debe5ffb2e26d439e25696df6b6f20e7f766b50ea58ec3dbd61b6305a1acacd2c80e6e659accee4140f885b9c9e71008e9001fbf4b","ssdeep":"384:wHu5yWeTUKW+KlkJ5de2UYDyVfwYUas2l8yQ/8dwmaU8G:wwlr+Klk3Yi+fwYUf2l8yQ/e9vf","tlshash":"78d241e8e54c01d66731c48bff81b36862b6fb3dd5854da9f01f290c29d226522c5fba","first_seen":"2023-04-05T03:13:25Z","last_seen":"2026-06-01T07:28:00.719869Z","times_seen":280328,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":8,"dns":1,"connect":1,"send":0,"wait":7,"receive":1,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"on-notification-emessage.wasmer.app/.11ty/reload-client.js","fqdn":"on-notification-emessage.wasmer.app","domain":"on-notification-emessage.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://on-notification-emessage.wasmer.app/","date":"2026-05-28T12:28:22.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 15:04:39 GMT","end":"Wed, 15 Jul 2026 15:04:38 GMT"},"fingerprint":{"sha1":"FC:2E:CC:CF:17:11:62:09:49:F9:2C:CD:FA:5C:6A:56:31:D5:D6:9E","sha256":"20:90:3A:BF:BF:97:9E:DC:D3:28:D1:0E:2B:A6:C1:60:AD:76:68:57:DD:5D:26:A7:1E:58:71:E8:A8:5F:61:43"}}},"request":{"raw":"GET /.11ty/reload-client.js HTTP/1.1\r\nHost: on-notification-emessage.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://on-notification-emessage.wasmer.app/\r\nCookie: PHPSESSID=ro9jd70qvj2a43on3c432a8fdf\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Thu, 28 May 2026 12:28:22 GMT\r\nx-edge-app-version-id: dav_nBBIbtruYWMB\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 555\r\nx-wasmer-request-id: f7948025-788e-45e7-98c9-95b272f270ce\r\nx-edge-rty: w\r\nx-edge-region: de-falkenstein\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T07:31:02.488102Z","times_seen":15993246,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"on-notification-emessage.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"on-notification-emessage.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/static/media/img-BecomeAMember.64255d0d02ef64234628.jpg","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://on-notification-emessage.wasmer.app/","date":"2026-05-28T12:28:22.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 May 2026 00:00:00 GMT","end":"Sun, 29 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"27:BE:E4:91:4D:E9:18:1E:57:1D:DC:46:05:BE:25:6B:37:B6:18:FC","sha256":"57:78:C2:89:73:4C:23:52:DB:27:90:88:63:E7:5C:40:E0:27:C2:56:51:43:BF:D8:6A:C4:86:97:8A:B2:BC:65"}}},"request":{"raw":"GET /signin/static/media/img-BecomeAMember.64255d0d02ef64234628.jpg HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://on-notification-emessage.wasmer.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: application/json\r\ncontent-length: 54\r\nx-edgeconnect-midmile-rtt: 81\r\nx-edgeconnect-origin-mex-latency: 16\r\ncache-control: max-age=86400\r\nexpires: Fri, 29 May 2026 12:28:23 GMT\r\ndate: Thu, 28 May 2026 12:28:23 GMT\r\nset-cookie: ApplicationGatewayAffinityCORS=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/; SameSite=None; Secure\nApplicationGatewayAffinity=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/\nakaalb_Digital_ALB=~op=~rv=18~m=~os=~id=57bddf858eaeba5ec5b456edeef20f95; path=/; Secure; SameSite=None\nak_bmsc=4E9153C83CB59EDB8C30532E370F7CA2~000000000000000000000000000000~YAAQJ08kF4m3HiCeAQAAeKeObh/VMltcvYUNInwp1I8Ulu9YoMayqPMS8v9JI6g8ZHdlWoVHOrefkjMXZpJaQdTFLfqeFU0sIs/vRHT3kSjQzQaRPZEY8G3HLdlO65mtEvmfjU/Lax1H2sw5BoW1+uRQwwCmIrK7yemDSqlZtrts1wxNQG6ujgxEw5sVzeWdJIHwck61eiSicwwfXX8a/rUQYzalHPJ3riw79krXmiI7yhMFvnwWrxm7WGtW2nXN9j7iPGtpYSNXS7olpwe+IIXKAW3RKgYS/sFvP2nOTWZG3OrcLeDt8s2i5Ze5OpXCGiqBt+PKpUtelzBThsAwe/+8AltERdTfNA10ZS4l3DtSvgT4yJGay5t+LuzXvUaD3PvJK6MzQT7IxrJlWmVF; Domain=.navyfederal.org; Path=/; Expires=Thu, 28 May 2026 14:28:23 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T07:31:02.488102Z","times_seen":15993246,"resource_available":true,"data":null}},"time_used":398,"timings":{"blocked":77,"dns":36,"connect":1,"send":0,"wait":242,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/static/media/bubbles.9f2a1919448e1d79ac6b.svg","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://on-notification-emessage.wasmer.app/","date":"2026-05-28T12:28:22.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 May 2026 00:00:00 GMT","end":"Sun, 29 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"27:BE:E4:91:4D:E9:18:1E:57:1D:DC:46:05:BE:25:6B:37:B6:18:FC","sha256":"57:78:C2:89:73:4C:23:52:DB:27:90:88:63:E7:5C:40:E0:27:C2:56:51:43:BF:D8:6A:C4:86:97:8A:B2:BC:65"}}},"request":{"raw":"GET /signin/static/media/bubbles.9f2a1919448e1d79ac6b.svg HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://on-notification-emessage.wasmer.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: application/json\r\ncontent-length: 54\r\nx-edgeconnect-midmile-rtt: 80\r\nx-edgeconnect-origin-mex-latency: 14\r\ncache-control: max-age=86400\r\nexpires: Fri, 29 May 2026 12:28:23 GMT\r\ndate: Thu, 28 May 2026 12:28:23 GMT\r\nset-cookie: ApplicationGatewayAffinityCORS=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/; SameSite=None; Secure\nApplicationGatewayAffinity=0fe1eb12cb825d0abe4ecd3aa94b5eec; Path=/\nakaalb_Digital_ALB=~op=~rv=62~m=~os=~id=2fbcab0c4355068c4857f4d6e1018bbf; path=/; Secure; SameSite=None\nak_bmsc=DBF865FE169393AC184D80BDDD3C78F1~000000000000000000000000000000~YAAQJ08kF4i3HiCeAQAAc6eObh9Q0WgmjEzy4gdnFVfv2Z7egVqTMjwcfYVDMUhNT7ocTUcYDWirK7RxT1FrbhgUthmU9Ssss9BL64+BcBPhB8yH/q3MB2WjM4+uymLytNO9IngaPOesjEVexZQy8QBz2ArWPDcWGXg8PL4oBNYJg2W1RG4xe7wmZ3EUefDKQG27efNb4i0OuZmu9AWgjvrT/as5R2Hr1ytTrDSMi5Pn5tLmaIHMRJWNtpZ5D0FNBzE/SANBKVzhcGdbSLauXSSWbcIyQFJYqkMNohiWvjJqtyHPJbsGg1H0mamXUeTCdDPcew3T1hAN4EtNRA3nVwsn1w1cMfbOwWGviyZnyJqUWZWIUTTjZloS1iZGIqV3Pb25hWK0egrC7NgXOwUD; Domain=.navyfederal.org; Path=/; Expires=Thu, 28 May 2026 14:28:23 GMT; Max-Age=7200; SameSite=None; Secure; HttpOnly\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T07:31:02.488102Z","times_seen":15993246,"resource_available":true,"data":null}},"time_used":359,"timings":{"blocked":61,"dns":19,"connect":30,"send":0,"wait":236,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/favicon-16x16.png","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://on-notification-emessage.wasmer.app/","date":"2026-05-28T12:28:23.393Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 May 2026 00:00:00 GMT","end":"Sun, 29 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"27:BE:E4:91:4D:E9:18:1E:57:1D:DC:46:05:BE:25:6B:37:B6:18:FC","sha256":"57:78:C2:89:73:4C:23:52:DB:27:90:88:63:E7:5C:40:E0:27:C2:56:51:43:BF:D8:6A:C4:86:97:8A:B2:BC:65"}}},"request":{"raw":"GET /signin/favicon-16x16.png HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://on-notification-emessage.wasmer.app/\r\nCookie: ApplicationGatewayAffinityCORS=0fe1eb12cb825d0abe4ecd3aa94b5eec; akaalb_Digital_ALB=~op=~rv=18~m=~os=~id=57bddf858eaeba5ec5b456edeef20f95; ak_bmsc=4E9153C83CB59EDB8C30532E370F7CA2~000000000000000000000000000000~YAAQJ08kF4m3HiCeAQAAeKeObh/VMltcvYUNInwp1I8Ulu9YoMayqPMS8v9JI6g8ZHdlWoVHOrefkjMXZpJaQdTFLfqeFU0sIs/vRHT3kSjQzQaRPZEY8G3HLdlO65mtEvmfjU/Lax1H2sw5BoW1+uRQwwCmIrK7yemDSqlZtrts1wxNQG6ujgxEw5sVzeWdJIHwck61eiSicwwfXX8a/rUQYzalHPJ3riw79krXmiI7yhMFvnwWrxm7WGtW2nXN9j7iPGtpYSNXS7olpwe+IIXKAW3RKgYS/sFvP2nOTWZG3OrcLeDt8s2i5Ze5OpXCGiqBt+PKpUtelzBThsAwe/+8AltERdTfNA10ZS4l3DtSvgT4yJGay5t+LuzXvUaD3PvJK6MzQT7IxrJlWmVF\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: application/json\r\ncontent-length: 54\r\nx-edgeconnect-midmile-rtt: 80\r\nx-edgeconnect-origin-mex-latency: 12\r\ncache-control: max-age=86400\r\nexpires: Fri, 29 May 2026 12:28:23 GMT\r\ndate: Thu, 28 May 2026 12:28:23 GMT\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T07:31:02.488102Z","times_seen":15993246,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"on-notification-emessage.wasmer.app/navy_files/saved_resource.html","fqdn":"on-notification-emessage.wasmer.app","domain":"on-notification-emessage.wasmer.app","tld":"wasmer.app"},"ip":{"addr":"144.76.124.123","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://on-notification-emessage.wasmer.app/","date":"2026-05-28T12:28:22.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wasmer.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 16 Apr 2026 15:04:39 GMT","end":"Wed, 15 Jul 2026 15:04:38 GMT"},"fingerprint":{"sha1":"FC:2E:CC:CF:17:11:62:09:49:F9:2C:CD:FA:5C:6A:56:31:D5:D6:9E","sha256":"20:90:3A:BF:BF:97:9E:DC:D3:28:D1:0E:2B:A6:C1:60:AD:76:68:57:DD:5D:26:A7:1E:58:71:E8:A8:5F:61:43"}}},"request":{"raw":"GET /navy_files/saved_resource.html HTTP/1.1\r\nHost: on-notification-emessage.wasmer.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://on-notification-emessage.wasmer.app/\r\nCookie: PHPSESSID=ro9jd70qvj2a43on3c432a8fdf\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Thu, 28 May 2026 12:28:22 GMT\r\nx-edge-app-version-id: dav_nBBIbtruYWMB\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 563\r\nx-wasmer-request-id: dba5372c-7be5-49ed-986d-e593146aa763\r\nx-edge-rty: w\r\nx-edge-region: de-falkenstein\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":563,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"6fb93d93e03f47ab0462de916115ea4c","sha1":"455c85d6a73fc28069a6b57eb89c7b1118b6170c","sha256":"424f19fb6203f21d253ea011890be5fd70e4193d88f26cc6aa65bd6f323d1512","sha512":"d1f48099c8e60d649785f30d9d9faf448b5196bdaef6fb7291e573278393758c111010349c666da96bc2547658160973ac2746139939e84ecd98505d01494acf","ssdeep":"","tlshash":"d9f0eb1bc3a2210ef079a4e42dc36350731e0262f4204f38bc562e38e05c8b4287bbcd","first_seen":"2026-04-03T00:11:13.691079Z","last_seen":"2026-06-01T04:24:37.489192Z","times_seen":114,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":35,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-28","alert":"Phishing Block","trigger":"on-notification-emessage.wasmer.app","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-05-28","alert":"Sinkholed","trigger":"on-notification-emessage.wasmer.app","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"digitalapps.navyfederal.org/signin/apple-touch-icon.png","fqdn":"digitalapps.navyfederal.org","domain":"navyfederal.org","tld":"org"},"ip":{"addr":"184.25.10.9","port":443,"asn":16625,"as":"AKAMAI-AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://on-notification-emessage.wasmer.app/","date":"2026-05-28T12:28:23.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"digitalapps.navyfederal.org","organization":"Navy Federal Credit Union"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Fri, 15 May 2026 00:00:00 GMT","end":"Sun, 29 Nov 2026 23:59:59 GMT"},"fingerprint":{"sha1":"27:BE:E4:91:4D:E9:18:1E:57:1D:DC:46:05:BE:25:6B:37:B6:18:FC","sha256":"57:78:C2:89:73:4C:23:52:DB:27:90:88:63:E7:5C:40:E0:27:C2:56:51:43:BF:D8:6A:C4:86:97:8A:B2:BC:65"}}},"request":{"raw":"GET /signin/apple-touch-icon.png HTTP/1.1\r\nHost: digitalapps.navyfederal.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://on-notification-emessage.wasmer.app/\r\nCookie: ApplicationGatewayAffinityCORS=0fe1eb12cb825d0abe4ecd3aa94b5eec; akaalb_Digital_ALB=~op=~rv=18~m=~os=~id=57bddf858eaeba5ec5b456edeef20f95; ak_bmsc=4E9153C83CB59EDB8C30532E370F7CA2~000000000000000000000000000000~YAAQJ08kF4m3HiCeAQAAeKeObh/VMltcvYUNInwp1I8Ulu9YoMayqPMS8v9JI6g8ZHdlWoVHOrefkjMXZpJaQdTFLfqeFU0sIs/vRHT3kSjQzQaRPZEY8G3HLdlO65mtEvmfjU/Lax1H2sw5BoW1+uRQwwCmIrK7yemDSqlZtrts1wxNQG6ujgxEw5sVzeWdJIHwck61eiSicwwfXX8a/rUQYzalHPJ3riw79krXmiI7yhMFvnwWrxm7WGtW2nXN9j7iPGtpYSNXS7olpwe+IIXKAW3RKgYS/sFvP2nOTWZG3OrcLeDt8s2i5Ze5OpXCGiqBt+PKpUtelzBThsAwe/+8AltERdTfNA10ZS4l3DtSvgT4yJGay5t+LuzXvUaD3PvJK6MzQT7IxrJlWmVF\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: application/json\r\ncontent-length: 54\r\nx-edgeconnect-midmile-rtt: 80\r\nx-edgeconnect-origin-mex-latency: 21\r\ncache-control: max-age=86400\r\nexpires: Fri, 29 May 2026 12:28:23 GMT\r\ndate: Thu, 28 May 2026 12:28:23 GMT\r\nstrict-transport-security: max-age=31536000 ; includeSubDomains ; preload\r\nvary: Accept-Encoding\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Akamai","description":"Akamai is global content delivery network (CDN) services provider for media and software delivery, and cloud security solutions.","website":"https://akamai.com","common_platform_enumeration":"","icon":"Akamai.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-01T07:31:02.488102Z","times_seen":15993246,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}