{"report_id":"6a5a1849-b44d-43db-843b-3b9a120c80b7","version":6,"status":"done","tags":[],"date":"2025-10-08T14:29:35Z","url":{"schema":"https","addr":"www.verification-mitosis.org/","fqdn":"www.verification-mitosis.org","domain":"verification-mitosis.org","tld":"org"},"ip":{"addr":"104.21.31.162","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"www.verification-mitosis.org/","fqdn":"www.verification-mitosis.org","domain":"verification-mitosis.org","tld":"org"},"title":"BankID Felsökningsverktyg"},"submit":{"url":{"schema":"https","addr":"www.verification-mitosis.org/","fqdn":"www.verification-mitosis.org","domain":"verification-mitosis.org","tld":"org"},"ip":{"addr":"104.21.31.162","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":["soteria"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-12T14:29:35Z","useragent":"Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36","referer":"soteria","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"www.verification-mitosis.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"www.verification-mitosis.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.verification-mitosis.org","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-14","domain_rank":0,"first_seen":"2025-10-08T14:29:30.50452Z","last_seen":"2025-10-08T14:29:30.504521Z","alert_count":4,"request_count":2,"received_data":9703,"sent_data":1118,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":1222,"first_seen":"2012-05-23T12:49:49Z","last_seen":"2025-10-05T22:15:09.164871Z","alert_count":0,"request_count":2,"received_data":254143,"sent_data":1198,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.bankid.com","ip":{"addr":"141.226.253.224","port":443,"asn":48851,"as":"Radware Ltd","country":"Germany","country_code":"DE"},"domain_registered":"2002-04-29","domain_rank":1251743,"first_seen":"2013-08-20T20:23:56Z","last_seen":"2025-10-08T06:29:16.944244Z","alert_count":0,"request_count":1,"received_data":11912,"sent_data":550,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.verification-mitosis.org/","fqdn":"www.verification-mitosis.org","domain":"verification-mitosis.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3db8c49fe83a3f3ef7f1dd3539ec1f86","sha1":"47d07841dd16fa7db35508434f9fc8810196ac3d","sha256":"4f6bc3f7ac27945bee7dbded5751526e9bf97223d5c1ae4baf4182d1539ff09d","sha512":"0d624fc03e5934391caebd7b72db5a6572636facc00dbfbc229412e22858b17b26a16636f54336543268db02c2514c7701adfb836eaed46f64db1bb9473e354d","ssdeep":"","tlshash":"6441c0663cb2097146ffa27d06cb96493631510338c2ce997f4c46219f9afd055b79dc","size":2147,"data":"","first_seen":"2025-10-08T06:29:20.865667Z","last_seen":"2025-10-09T01:29:13.125602Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"www.verification-mitosis.org/","fqdn":"www.verification-mitosis.org","domain":"verification-mitosis.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-08T14:29:14.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"verification-mitosis.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Aug 2025 19:15:57 GMT","end":"Mon, 10 Nov 2025 20:12:04 GMT"},"fingerprint":{"sha1":"1F:4D:10:48:6E:A6:5C:9B:15:9B:D9:22:70:32:B9:DD:65:C1:B8:D7","sha256":"10:C6:4F:E6:65:35:30:42:86:CD:9F:CD:9C:14:11:A9:11:36:DE:51:04:3F:B5:FC:88:DC:4D:FA:F0:0C:3A:0A"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.verification-mitosis.org\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 14:29:14 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-powered-by: Express\r\ncache-control: public, max-age=0\r\nlast-modified: Sun, 05 Oct 2025 20:21:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=obvw1BOQR806z63ojo4cOT2NsDbebvBdq%2FZIoJ2JR6Foe01%2BO6nX5WT%2Btc73mPNrfPTRi%2BWzH8f%2BLkWasxSbCneyCzAmp3vRTmcavAPsNeT2J7P84Py%2FlI%2Bk\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98b6544c0f5a569c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":8142,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"cad4613bdf747bf8e977ee4300c86074","sha1":"466c5a0929e61390135da775d7b60bd6b3e29c83","sha256":"ed717f09bdf25dbc37fd1dad8c20c66105647609adac83ac11b193c2c5d04d4b","sha512":"2273038b04d969b55b18342916fd624e3221914f7ec9a10ccbe0cb2e0dc969d6b6bed23a4100b1c101c52ad4b7427ca3d6dbb3b4641af1b309866d7479da63e9","ssdeep":"192:5p93I70yvyf9uFtAxLKqh1UgMYJpxp/repbDI4GROmYlunE:r93ItUpvkbDI4PyE","tlshash":"aaf1721668911846553bc3b87ba38b4df7a28013d6428a567fad53834fb2a80c5b7fcc","first_seen":"2025-10-08T06:29:20.845275Z","last_seen":"2025-10-09T01:29:13.1177Z","times_seen":73,"resource_available":false,"data":null}},"time_used":461,"timings":{"blocked":198,"dns":1,"connect":1,"send":0,"wait":58,"receive":0,"ssl":200},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"www.verification-mitosis.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"www.verification-mitosis.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.verification-mitosis.org/","date":"2025-10-08T14:29:14.608Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.verification-mitosis.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 14:29:14 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 18752\r\ncf-ray: 98b6544e3f360b59-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"6421d693-4940\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 69940\r\nexpires: Mon, 28 Sep 2026 14:29:14 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=1XKBohrIAg3CAtJn0ggN9qOmB7QnYozQ3P30mSy2ROxQ%2Fhkxnuyrt08m8Lu7FbFAXLXRiTfmpEzCNfOJTHyijmI2%2BZvOi1nzCpoE9L6eUIixFmIAWmvGlMXoHx54RC7ZlPJMXJvA\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102025,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (52276)","md5":"ded1c367363e8b20bdc6a19b8350a737","sha1":"8c06d82739d14b094ff6d9036021a252bd1d985d","sha256":"1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf","sha512":"89e71d2e66ac925ec2564aa45cd43f647fd72e5bd664e2728fb632eed71e9e6a43d72a404a8ce9993fc4d223ed985201e3a66676d01cf5e341bc7d07fd9a6207","ssdeep":"1536:OwMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuZprfZCl:S709gMGFiyPGuZpfZCl","tlshash":"2ea3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-06T15:05:25Z","last_seen":"2026-04-04T11:34:57.217118Z","times_seen":41835,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":1,"connect":1,"send":0,"wait":13,"receive":1,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.bankid.com/assets/bankid/logo/BankID_logo.png","fqdn":"www.bankid.com","domain":"bankid.com","tld":"com"},"ip":{"addr":"141.226.253.224","port":443,"asn":48851,"as":"Radware Ltd","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.verification-mitosis.org/","date":"2025-10-08T14:29:14.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bankid.com","organization":"Finansiell ID-Teknik BID AB"},"issuer":{"commonName":"DigiCert EV RSA CA G2","organization":"DigiCert Inc"},"validity":{"start":"Thu, 03 Apr 2025 00:00:00 GMT","end":"Thu, 02 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D2:D5:20:D1:F9:79:09:A5:9A:FE:F3:CB:0D:E7:99:C7:CF:49:3B:B7","sha256":"BA:CF:DC:36:65:BF:56:81:95:8F:39:D8:2B:8D:75:1F:4E:5F:8C:2B:E5:C6:C9:CA:81:9A:33:D7:EA:C6:4E:4E"}}},"request":{"raw":"GET /assets/bankid/logo/BankID_logo.png HTTP/1.1\r\nHost: www.bankid.com\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verification-mitosis.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 10603\r\ndate: Wed, 08 Oct 2025 14:29:15 GMT\r\nlast-modified: Mon, 06 Oct 2025 13:45:31 GMT\r\netag: \"68e3c7fb-296b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-security-policy: default-src 'self' https://bidwa.bankid.com https://status.bankid.com; style-src 'self'; script-src 'self' https://alert.bankid.com https://bidwa.bankid.com ; media-src https://cdn.bankid.com; report-uri https://csp-reporting.bankid.com\r\nreferrer-policy: strict-origin\r\npermissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), geolocation=(), gyroscope=(), interest-cohort=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()\r\naccept-ranges: bytes\r\nrdwr_response: allowed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10603,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 620 x 515, 8-bit/color RGBA, non-interlaced","md5":"002592fab3f40c4a3e8b40f55e3d0e99","sha1":"86db102ade0a84c7e063e931774ef22b308f7baf","sha256":"c6c9e6cbaf054fe9c3080f8392ddde394a69b180390ae2402bf39aac79b9ebe0","sha512":"a4c9dcd0a14eb6b3698a73be19fe7adb28289f6b4d99b4b4c6ed290e578f1daf4e287838d4cef60eb8dcd8239f2aece816b652b7fec29d553f398e7e9d50b312","ssdeep":"192:TSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSR:TSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSx","tlshash":"1122d4d851fc8330ca78b6281b56d9f80f3ba5a99c97fc42e58f6814803446ffac911e","first_seen":"2025-10-08T06:29:20.846975Z","last_seen":"2025-11-05T10:26:10.310277Z","times_seen":88,"resource_available":false,"data":null}},"time_used":693,"timings":{"blocked":87,"dns":0,"connect":19,"send":0,"wait":487,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.verification-mitosis.org/","date":"2025-10-08T14:29:14.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdnjs.cloudflare.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 17 Sep 2025 19:09:23 GMT","end":"Tue, 16 Dec 2025 20:08:48 GMT"},"fingerprint":{"sha1":"E5:FA:6E:21:DA:AB:92:8F:E0:CB:31:C2:87:D4:E2:CE:9F:23:BF:C1","sha256":"E8:C7:D4:A8:29:E6:45:C0:C5:E3:AD:6A:90:36:30:4A:D7:2E:7C:F7:8F:57:44:E8:3B:2D:AF:F6:80:F7:4B:46"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.4.0/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.verification-mitosis.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdnjs.cloudflare.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 08 Oct 2025 14:29:14 GMT\r\ncontent-type: application/octet-stream; charset=utf-8\r\ncontent-length: 150124\r\ncf-ray: 98b6544eefd40b59-OSL\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\netag: \"6421d693-24a6c\"\r\nlast-modified: Mon, 27 Mar 2023 17:46:59 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 91341\r\nexpires: Mon, 28 Sep 2026 14:29:14 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=rdISJfLuEIVbddq6Yw15AnC0IWcQ6isfHrG8X1OLdFkgCNvwPZb9ETqJO6BmT44fDXi7cdtjVtXZ9HtRj7%2BUPxf5HEVs7QN8huudhVcMs1QJKaFEZDW92HMIAI9lEBalRlKMlrSp\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":150124,"size_decoded":0,"mime_type":"application/octet-stream; charset=utf-8","magic":"Web Open Font Format (Version 2), TrueType, length 150124, version 772.256","md5":"c64278386c2bbb5e293e11b94ca2f6d1","sha1":"6b99aa650bd12a36caa14e0127435d8f4cd3ba73","sha256":"7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880","sha512":"0ccdc1515510d902c0b4a48b863c48bad86e1f766b1f9c890a64e28d91ee7c6d488241c531fc094d15b29c211da71e092587a987e24ee8e67ef8ea99c284e821","ssdeep":"3072:7sCbk7w0ZXdkN6iMjif3Lr7x7wAtf+D7gDk1feXDLnurWHqrNIuv5n0:7sCbkFZXdC7MaLr9w2mIY1feXXurWyNW","tlshash":"28e3123cf2c6d486735f5aeadb79636894fd0a2e74ecc67d26b982112048f828174d1d","first_seen":"2023-04-09T20:30:06Z","last_seen":"2026-04-04T11:34:57.221063Z","times_seen":30380,"resource_available":false,"data":null}},"time_used":19,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":9,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.verification-mitosis.org/favicon.png","fqdn":"www.verification-mitosis.org","domain":"verification-mitosis.org","tld":"org"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.verification-mitosis.org/","date":"2025-10-08T14:29:14.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"verification-mitosis.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 12 Aug 2025 19:15:57 GMT","end":"Mon, 10 Nov 2025 20:12:04 GMT"},"fingerprint":{"sha1":"1F:4D:10:48:6E:A6:5C:9B:15:9B:D9:22:70:32:B9:DD:65:C1:B8:D7","sha256":"10:C6:4F:E6:65:35:30:42:86:CD:9F:CD:9C:14:11:A9:11:36:DE:51:04:3F:B5:FC:88:DC:4D:FA:F0:0C:3A:0A"}}},"request":{"raw":"GET /favicon.png HTTP/1.1\r\nHost: www.verification-mitosis.org\r\nUser-Agent: Mozilla/5.0 (Linux; Android 9; SM-G960F Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/74.0.3729.157 Mobile Safari/537.36\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.verification-mitosis.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Wed, 08 Oct 2025 14:29:14 GMT\r\ncontent-type: text/html; charset=utf-8\r\nx-powered-by: Express\r\ncontent-security-policy: default-src 'none'\r\nx-content-type-options: nosniff\r\nage: 4\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MnOi6MzjVC8OviyPlujb%2FVKT1AZ9Dj56soMjtukT%2BVNqgEXPvU2mIsvcF4agO1p94lb7JuzB3PCeM9qRUD1QSpB3ZCmIN5%2BP1mw69TA5gJR1Uw%2BAxDtANR1ohEU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: 98b6544fdf261a30-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"fa4b6e9aab03d8282b894133270a718b","sha1":"0ed6615357d58d701ba596979ba172bfd944d91c","sha256":"15787f7c6368f93fb349aec122182cd8779652207c84faddf77e83f39ef3f78d","sha512":"c8cde6b1fd833d2f64c0d11e23ce5323431b575a21ee3e74ec000f0ea1ac97938659b5c3022fb700dfadc9f60e7d95883f86fa3b19c8e80a421fa01a9ad813f5","ssdeep":"","tlshash":"2cc02b9e110022010b30c7443ec13254349b3bde2ef78500bbc3e027ece4a17d9c7288","first_seen":"2024-01-30T10:38:15Z","last_seen":"2026-03-28T12:07:00.284033Z","times_seen":159,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"www.verification-mitosis.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-08","alert":"Sinkholed","trigger":"www.verification-mitosis.org","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}