{"report_id":"7016da52-e4b4-49c5-8bb8-cae01b11407a","version":6,"status":"done","tags":[],"date":"2026-04-28T13:24:54Z","url":{"schema":"http","addr":"defituna-app.org","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"defituna-app.org/","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"title":"DEFITUNA | The Premier DeFi Solana Platform","dom":{"size":25730,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1979)","md5":"2d5c067bb9c1bf915cf3d3843d284b81","sha1":"bec499b4cfd9e2071e9448d59c7dd94a176e2d10","sha256":"f5f69f95f9b69cea53e8ccd4f5c96631f28e6bfbb5ea071db32de54f052618b8","sha512":"6ce9ecd909074eb548e7bc030932d269cc4da8a422cadea7d63b82328e62a3f05aa4da9311d797d195dac256bec2fa0af5fee6da50a5cf65fe5b9735d96e9658","ssdeep":"768:42gyLqr3MFEi7DS+6GEc6wh7Ti+6GUxpaV1:42j7DS+6GCwh7Ti+6GQw1","tlshash":"d0c2b43128880fbe155342ea657132c9a5bfcd75f716c0daf5bf421027d3ca1a633aa6","dom_hash":"domhash8d7a2da1487a9824859b0d8d1f11ac05","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"defituna-app.org","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-02T13:24:54Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"defituna-app.org","ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-02-05","domain_rank":0,"first_seen":"2026-04-28T13:24:55.96072Z","last_seen":"2026-04-28T13:24:55.96072Z","alert_count":24,"request_count":12,"received_data":2824751,"sent_data":7549,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.1.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"defituna-app.org/static-assets/app/_next/static/css/21bbcf2bbef83169.css","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /static-assets/app/_next/static/css/21bbcf2bbef83169.css HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 21 Apr 2026 16:33:49 GMT\r\netag: W/\"69e7a6ed-8a37\"\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35383,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (35335)","md5":"616a618d3b037056a63d4b2c0b5fe1aa","sha1":"5ceeb142c165c8f8b73565ad2bf2ac15b181b2f6","sha256":"3da6bf9c93b916b42f3bc4b42f5a570789b3fee1d59df5def5f31b1718225032","sha512":"8c57c057ef26af9629e920427cecbdd5e55ebc804c63c4126da84840e1c48c38a2b984299b203f198e78353e6ad46ff7dbcc1897670215505cfbb9330477205f","ssdeep":"192:Yc53C121OX4D4sX57eiCQw/n5KTlO9EMrjIByCmYxeb2xC8mHcpspapMpmpfpaFW:vCs45K0nbF4eXbppHXHZLpIkcvBtEi","tlshash":"e9f2a876a651b23cfc2bac1c439995ac4664d601ee0b2ef5b921682687c37f3067317f","first_seen":"2026-03-06T11:33:11.733473Z","last_seen":"2026-04-28T13:28:09.535479Z","times_seen":7,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/static-assets/app/_next/static/media/poster.ff25224b.jpg","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.517Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /static-assets/app/_next/static/media/poster.ff25224b.jpg HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 21 Apr 2026 16:33:57 GMT\r\netag: W/\"69e7a6f5-126b\"\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4715,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7d2ad0568dfaedcabd6e6b74b36247c0","sha1":"0e4445e7d1d63b230e6f8bcac9f4b75157f54560","sha256":"23f88f237a4c480d8cb166ba9fba1922c201f4e6b1c38725873e417656ecba48","sha512":"f5c84740ea3468c491c29ee7db3dc07e6447b60ff7ed8ab23754bda2955fcf741b24a021c2cd115785129c5ecde07df78f32cbb99fc1eeb9a0e913a2aa74c268","ssdeep":"48:Rv/tst8rGyE8+FjA7cTy7+jwZ/5R59u6bzedsOoxM0SFH+ixYkATKqf5ipmYytZf:F7rI8+FjAIErWHoxV/K9+I/d3yYAA+2M","tlshash":"eea1de8e57334212a4d3abaae7ef6a5921e48003e84bcd3cbfde1178cf841105d42b8d","first_seen":"2025-07-01T22:26:06.862741Z","last_seen":"2026-04-28T13:28:09.527331Z","times_seen":69,"resource_available":true,"data":null}},"time_used":59,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/static-assets/app/_next/static/media/WiseSans-Heavy.4bf7de7a.woff2","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /static-assets/app/_next/static/media/WiseSans-Heavy.4bf7de7a.woff2 HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/static-assets/app/_next/static/css/84d094f7a1b77744.css\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 54124\r\nlast-modified: Tue, 21 Apr 2026 16:33:49 GMT\r\netag: \"69e7a6ed-d36c\"\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54124,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 54124, version 1.0","md5":"aa6dedf688ea383edbd9dc5958a346dc","sha1":"70e5a63fa9c4e2d97c6b1f11088617bc7aa6f0c0","sha256":"837adcb3f4c474f3181d08c28ed1c78bedea3e7fc71f76316bf42aebeb0b89ee","sha512":"ce6c155f7f5e5d49a1b0fb493293d3b80acb36b15a5f73ede19af3cd5056bf0dd62c48f033081f3cc56a5eb55fa949604897e2e2050e641f6239c5fb68ea5988","ssdeep":"1536:AuCP8VMkUSSWjicXwSVpjRHAem4b5CWEYMfO:AuRVESbDbp1c4tCvdfO","tlshash":"1e3302716fa0a20f3afaf2f42eb3883279516552c3cb1975b0517398116c1a2e7f4e1e","first_seen":"2023-12-03T02:45:50Z","last_seen":"2026-04-28T13:28:09.533068Z","times_seen":62,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/static-assets/app/_next/static/css/84d094f7a1b77744.css","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /static-assets/app/_next/static/css/84d094f7a1b77744.css HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 21 Apr 2026 16:33:49 GMT\r\netag: W/\"69e7a6ed-18da11\"\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1628689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (61673)","md5":"9d5cd7305163bbc7f05a9f9dd21f525d","sha1":"7f261cc4c9e83706ae70bd9e1babb2d3d7579c1f","sha256":"24f114565b2333024a93fa28dc85847dddaf03d9cfe5bcf33100733303edb3f6","sha512":"8b58bbc5a53be6dc090f40bffb02037cb00275b3dec5bdf082fa88157ac14e29d437fab54594eef793133411cf842f8607016cd8e6d1877401f6759585c26029","ssdeep":"6144:p61tHmbCV2YnQ0fGYpM0lUjJmtN6wwJCDDVhPKINa4TiV/oF45gINaVYNrE:utVM0iBINJoqUgINcYNE","tlshash":"e0250898f550b2796c27d12592e4e6ad5b14a042fb321ffbfe06a1018bc66d70373f29","first_seen":"2025-12-07T16:49:32.415777Z","last_seen":"2026-04-28T13:28:09.529467Z","times_seen":14,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/static-assets/app/_next/static/css/982aeaf6fda37547.css","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.512Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /static-assets/app/_next/static/css/982aeaf6fda37547.css HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 21 Apr 2026 16:33:49 GMT\r\netag: W/\"69e7a6ed-65ce\"\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26062,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (26014)","md5":"412f9cb637aa1cc286771c06b170fafc","sha1":"0bd60d952bb5c2fa48edd1e1704f78f4873f35bf","sha256":"d9f80458107d7e8ea87ae231aa99ed9a5bed95805b7fced602e55ef9c951901e","sha512":"a82b1377dfb579102660fad6684a985c9522f8403068cd64bbcee28bad5134ce76d9a5fb4a9404649ddbbc90ba744bb12c7b2133aefdab30d35dca66432b4422","ssdeep":"384:Ffsum+6HrGCJgYk7Lk4m0sR+cGyFUaDepeVfZiH:Ffsum+ptYk/kXLGyFUGfZiH","tlshash":"5ac284b5f2d0a37c6a27d23953dce2dc1135d542d8120ffdba16a1694bc3ee702b216a","first_seen":"2026-03-06T11:33:11.741208Z","last_seen":"2026-04-28T13:28:09.530528Z","times_seen":7,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/favicon-48x48.png","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.516Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /favicon-48x48.png HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 2938\r\nlast-modified: Tue, 21 Apr 2026 16:33:49 GMT\r\netag: \"69e7a6ed-b7a\"\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2938,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"470debc8da97d5850716aaeb3d1d48d5","sha1":"3ebba458fad56662172181d8009fcfbb6ae0f94e","sha256":"126698894962fa061d4a49061dec49ca80831f87cfa401174abae780ae8002fe","sha512":"7ce9591b6326ceeaaf8379f987dc1a0f36cb8ff1963348cc671745ef999ecf6d76f7d50bcd581477fe96b616ff9d466dc96490d31b61ade6e71d5165cb5efc39","ssdeep":"","tlshash":"da513ae0e528d173c8393329dd788521db239bccc73e8096a5f79fd2160aaef0087588","first_seen":"2026-04-28T13:24:59.966987Z","last_seen":"2026-04-28T13:28:09.524028Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/static-assets/app/_next/static/media/3d-globe-72a5cb0edcbe31cf385aa34558b1c435.webm","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /static-assets/app/_next/static/media/3d-globe-72a5cb0edcbe31cf385aa34558b1c435.webm HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: video/webm\r\ncontent-length: 977639\r\nlast-modified: Tue, 21 Apr 2026 16:33:49 GMT\r\netag: \"69e7a6ed-eeae7\"\r\ncontent-range: bytes 0-977638/977639\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":977639,"size_decoded":0,"mime_type":"video/webm","magic":"WebM","md5":"9a3f43eec883cd26491adfc71d16c250","sha1":"ff23bacbbc3a4bb51c454bde7d2e27a96d291253","sha256":"6a7794a53fa714cd47e36fc98693eabe1b303976cf9ec00a83dfbebb1106b53c","sha512":"e9e4580e0315be292b646bb5bfc659c9f1062dbb1a32fbb7d91efc1ef0bcb5b2b9805069e1aae17b9e3d0fdae16e24a64709702771d39a13433ba19bc56be3e6","ssdeep":"24576:AsXsmUMnduY1FcEpXHq++nRa2JHu8QG3M2SI:jXXzduYxXHq++IB8QGWI","tlshash":"d32533aafb6416d6c815623a3d3a38d9b9e63891009dd758b11bddf1f3d18212e01ff8","first_seen":"2023-08-18T01:01:41Z","last_seen":"2026-04-28T13:28:09.531391Z","times_seen":35,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":176,"receive":227,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/apple-icon.png","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /apple-icon.png HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: image/png\r\ncontent-length: 13624\r\nlast-modified: Tue, 21 Apr 2026 16:33:49 GMT\r\netag: \"69e7a6ed-3538\"\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":13624,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"b28af0de1a29cfa92f76809a20feba9f","sha1":"9f1217fec1c7b90e4d733951c0a0337513f984d9","sha256":"f29c32bb43663e2b2e1c3b411a143b9822262bf6f147f5552a5b84b99dff557c","sha512":"2f2671d29d614e3cc229d33d83d3b05ee9cfa0c17eb8eab615154ac8c9d97d47a37425a969f1d5ceb6fa403f9ea9685411182d8718ed60459d6a3cc862e564c9","ssdeep":"384:k749Hv3zOzAQpVlRSWn059viagdOet6HXdn:k70Hb4p3RSgagdOLd","tlshash":"e152c0ca26a2dabcc706c65185c1cca023df976bb17e605f8299852d4f0994eb0ff807","first_seen":"2025-09-03T14:20:41.337764Z","last_seen":"2026-04-28T13:28:09.526113Z","times_seen":9,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":19,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/icon.ico","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /icon.ico HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 9662\r\nlast-modified: Tue, 21 Apr 2026 16:33:49 GMT\r\netag: \"69e7a6ed-25be\"\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":9662,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel","md5":"3baa016a41449666772d0f5de661db9b","sha1":"a0fce97d791ff14c29595c94523b3915a01cf5ca","sha256":"4da9d95bef5fe410ab88cf19a79c2a27a5058e6330ed102ba717724755eecb87","sha512":"4f224e6efe64bc9cb66635384b7f6df2d0b5655d63a92fcb1a37f35596375686dcad24343e3aac4543c76357e95589b1db93c7f017f0b79c057ff80323d3c0ed","ssdeep":"48:9QxKF4tDHbPb245zu9nuZXDaX0xQMdsuwCaCmdbyf+OqCK2VrgSSejP+Z5cgt0UJ:9QxSkHGwa8ZR3aZM+3es5hHfvA4","tlshash":"b4122cc3964e193bfae116fe8b9e7355b24283d28a535fad57c0e2db401104eb057ee8","first_seen":"2025-09-03T14:20:41.339573Z","last_seen":"2026-04-28T13:28:09.532224Z","times_seen":8,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":20,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/static-assets/app/_next/static/media/poster.ff25224b.jpg","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.835Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /static-assets/app/_next/static/media/poster.ff25224b.jpg HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nlast-modified: Tue, 21 Apr 2026 16:33:57 GMT\r\netag: W/\"69e7a6f5-126b\"\r\nx-cache-status: HIT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4715,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"7d2ad0568dfaedcabd6e6b74b36247c0","sha1":"0e4445e7d1d63b230e6f8bcac9f4b75157f54560","sha256":"23f88f237a4c480d8cb166ba9fba1922c201f4e6b1c38725873e417656ecba48","sha512":"f5c84740ea3468c491c29ee7db3dc07e6447b60ff7ed8ab23754bda2955fcf741b24a021c2cd115785129c5ecde07df78f32cbb99fc1eeb9a0e913a2aa74c268","ssdeep":"48:Rv/tst8rGyE8+FjA7cTy7+jwZ/5R59u6bzedsOoxM0SFH+ixYkATKqf5ipmYytZf:F7rI8+FjAIErWHoxV/K9+I/d3yYAA+2M","tlshash":"eea1de8e57334212a4d3abaae7ef6a5921e48003e84bcd3cbfde1178cf841105d42b8d","first_seen":"2025-07-01T22:26:06.862741Z","last_seen":"2026-04-28T13:28:09.527331Z","times_seen":69,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/static-assets/app/_next/static/media/inter-latin-variable-wghtOnly-normal.40c45725.woff2","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://defituna-app.org/","date":"2026-04-28T13:24:33.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET /static-assets/app/_next/static/media/inter-latin-variable-wghtOnly-normal.40c45725.woff2 HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://defituna-app.org/static-assets/app/_next/static/css/84d094f7a1b77744.css\r\nCookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; _token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; _subid=1sjos4f.5d.4ufd3\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 37924\r\nlast-modified: Tue, 21 Apr 2026 16:33:49 GMT\r\netag: \"69e7a6ed-9424\"\r\nx-cache-status: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37924,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37924, version 1.0","md5":"e08be6d5d433944f7ad52902e4d24db5","sha1":"e2600c1d60d12d397b3ee44411a021231d71e974","sha256":"450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e","sha512":"9c8de3a1e131cffd6ac63691e6a514d35d978570b9ce63a6861e1ccdb34d3621bfedcd2337ba3854df0f636e5b3d8c490f126e81641cffd20eaa23a976e39f06","ssdeep":"768:tbpjfMGDIjzNlfatl8U5N8ZXJHTXSA3ZOeWBHcmcgGYop2Q71e+go:tbl9DIHjaL13sGQLmcgGxDp","tlshash":"ff03f1d0e429659aed75cef805cab066285f3c433ad49d626f0dec85227e2ae01098c9","first_seen":"2023-04-06T21:06:35Z","last_seen":"2026-04-28T13:28:09.528423Z","times_seen":2923,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"defituna-app.org/","fqdn":"defituna-app.org","domain":"defituna-app.org","tld":"org"},"ip":{"addr":"130.12.180.128","port":443,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-28T13:24:33.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P384-SHA384","protocol":"TLSv1.3","cert":{"subject":{"commonName":"defituna-app.org","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Tue, 21 Apr 2026 16:05:06 GMT","end":"Mon, 20 Jul 2026 16:05:05 GMT"},"fingerprint":{"sha1":"8A:81:FF:61:8F:A0:3D:FD:2E:9D:A4:B3:57:D5:FE:E1:3A:CF:87:4D","sha256":"88:C9:94:DF:4F:76:6C:E3:CC:5A:7F:72:A5:6B:CB:BD:64:97:E8:5C:87:92:9E:9E:44:F4:98:82:B5:D9:B2:B3"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: defituna-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Tue, 28 Apr 2026 13:24:33 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.1.33\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=33ddaa32f5bb05c45282d0089bfa4391; path=/\n_token=3dgb6cagej4a7.1777469073.8.28fb022c16da90e0323dc51afbd91c82; expires=Mon, 31-Aug-2026 13:24:33 GMT; Max-Age=10800000; path=/; domain=.defituna-app.org\n_subid=1sjos4f.5d.4ufd3; expires=Mon, 31-Aug-2026 13:24:33 GMT; Max-Age=10800000; path=/; domain=.defituna-app.org\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:8.1.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25808,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (1979)","md5":"56da7216e82fbb08cf3f955529023c6f","sha1":"cd715d3a710cf8a8594ac4e0762dc85b9c50608f","sha256":"646ccecc1d23122ade749edfc1efca30cd94826d5daffb35c471ecf850265493","sha512":"37432ddaf52b91fd1047a069b944eff49cf3108ee4507a500c8e0bcab2cf55deea72fa1513d034d7d48c4601e57b2cadfe0a1d99970dec5873ff58a3abf9e2cf","ssdeep":"768:44gyLqr3MFEi7DS+6GEcswh7Ti+6GU67a6l:44j7DS+6G0wh7Ti+6GDrl","tlshash":"4ac2a33128880fbe155342ea657132c9a5bfcd75f716c0daf5bf421027d3ca1a633aa6","first_seen":"2026-04-28T13:24:59.980615Z","last_seen":"2026-04-28T13:28:09.533879Z","times_seen":2,"resource_available":true,"data":null}},"time_used":352,"timings":{"blocked":50,"dns":0,"connect":19,"send":0,"wait":250,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-28","alert":"Sinkholed","trigger":"defituna-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}