{"report_id":"eba343af-4ca0-40e8-a178-3a6dc0d142e8","version":6,"status":"done","tags":[],"date":"2026-03-09T06:50:23Z","url":{"schema":"https","addr":"refundsolana.fun/","fqdn":"refundsolana.fun","domain":"refundsolana.fun","tld":"fun"},"ip":{"addr":"45.148.103.220","port":0,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"Belgium","country_code":"BE"},"final":{"url":{"schema":"https","addr":"refundsolana.fun/","fqdn":"refundsolana.fun","domain":"refundsolana.fun","tld":"fun"},"title":"Get Your SOL Back Instantly | Recover Rent from Solana Token Accounts","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"refundsolana.fun/","fqdn":"refundsolana.fun","domain":"refundsolana.fun","tld":"fun"},"ip":{"addr":"45.148.103.220","port":0,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"Belgium","country_code":"BE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-13T06:50:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"refundyoursol.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"refundsolana.fun","ip":{"addr":"45.148.103.220","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"Belgium","country_code":"BE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":5,"received_data":218535,"sent_data":2277,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"refundyoursol.com","ip":{"addr":"172.66.43.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-01-13","domain_rank":1581560,"first_seen":"2025-03-09T19:34:42.882492Z","last_seen":"2026-02-22T15:53:44.829049Z","alert_count":1,"request_count":1,"received_data":27756,"sent_data":446,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"refundsolana.fun/","fqdn":"refundsolana.fun","domain":"refundsolana.fun","tld":"fun"},"ip":{"addr":"45.148.103.220","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":true,"md5":"65286a33e137a8cfc97edf24d96412d4","sha1":"e58a5d99a456664bdab095dda5a27f263a03c28f","sha256":"e852558298aaea2d408555e7f67ab6bba2894923d639e477ae6fa2d8029954fc","sha512":"e0d78bfd57f9691f219a3c16f53423a6cf862eed78ada11d523ae833c16e5cd207ffabbe744fc64829b3b1e06001d2c287954b42f646771ce4f287ce60c1fea7","ssdeep":"","tlshash":"69c0c040ea6ccf761dad00d7203857c0711078ad08e2a0c9c3becfe6549dd450b4c634","size":187,"data":"","first_seen":"2026-03-09T06:50:27.464229Z","last_seen":"2026-03-09T06:52:01.106641Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"refundsolana.fun/favicon.ico","fqdn":"refundsolana.fun","domain":"refundsolana.fun","tld":"fun"},"ip":{"addr":"45.148.103.220","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://refundsolana.fun/","date":"2026-03-09T06:50:05.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"refundsolana.fun","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 12:10:01 GMT","end":"Sat, 06 Jun 2026 12:10:00 GMT"},"fingerprint":{"sha1":"21:1C:AC:66:AE:42:2F:28:25:4F:C8:49:6E:00:70:E6:66:B2:08:F3","sha256":"68:18:5E:7B:56:DD:39:54:26:9A:2D:32:49:AC:F2:49:25:B0:77:95:28:3A:80:11:0B:24:57:4B:07:C2:34:98"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: refundsolana.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://refundsolana.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 09 Mar 2026 06:50:06 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 8749\r\nLast-Modified: Sun, 08 Mar 2026 13:14:58 GMT\r\nConnection: keep-alive\r\nETag: \"69ad7652-222d\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8749,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 2 icons, 32x32 with PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, 48x48 with \n- PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"80219e408d1d2e9553dae9291b2f3568","sha1":"fc8c547b36496ce5080e2c86dc041d9982c3fdf8","sha256":"223c41781bc0c1d94fb9a3ba143e137bfa3aa96640f566d72eadadaa94aa5295","sha512":"e8b9d407590538b7a90f5fc721392a0998608f2490957814632563e7952c1dd5a9d99c169845e6bcc50f52e952d20de2d7c9aae02e10c5eca1be4560cd4200ec","ssdeep":"192:RYkpHDTb1v9b2kxi3sHl1xPEHjpKOWkYl8FD9/:SkpjTRv9bpYsHl1x8HN+iFDN","tlshash":"3602b0d745d19ecfd81a5817063087bf0eb1016fc8474494c55b6196cfe950d7f405b1","first_seen":"2026-03-09T06:50:27.448294Z","last_seen":"2026-04-30T20:19:13.682106Z","times_seen":8,"resource_available":false,"data":null}},"time_used":1155,"timings":{"blocked":168,"dns":0,"connect":0,"send":0,"wait":823,"receive":1,"ssl":163},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"refundyoursol.com/assets/logo192.png","fqdn":"refundyoursol.com","domain":"refundyoursol.com","tld":"com"},"ip":{"addr":"172.66.43.39","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://refundsolana.fun/","date":"2026-03-09T06:50:05.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"refundyoursol.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 18:13:38 GMT","end":"Mon, 11 May 2026 19:13:35 GMT"},"fingerprint":{"sha1":"4F:D6:B7:04:E4:A9:EE:2A:D5:B7:EE:E9:12:CE:FC:BD:F5:38:53:E5","sha256":"93:19:AD:3C:21:5E:75:8F:2F:E8:B4:B1:62:6D:0E:AA:E1:11:EC:1C:73:2F:64:D4:58:19:A0:B5:11:27:1B:36"}}},"request":{"raw":"GET /assets/logo192.png HTTP/1.1\r\nHost: refundyoursol.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://refundsolana.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 09 Mar 2026 06:50:05 GMT\r\ncontent-type: image/webp\r\ncontent-length: 26864\r\nserver: cloudflare\r\nlast-modified: Sat, 21 Feb 2026 02:38:49 GMT\r\netag: \"69991ab9-a333\"\r\nexpires: Sun, 21 Feb 2027 05:04:21 GMT\r\ncache-control: public, max-age=31536000, immutable\r\naccept-ranges: bytes\r\ncf-bgj: imgq:100,h2pri\r\npriority: u=4;i=?0,cf-chb=(74;u=5;i=?0)\r\nspeculation-rules: \"/cdn-cgi/speculation\"\r\ncf-polished: ok, orig_size=41779\r\nvary: accept, accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 1388743\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NjHiVz2m3C6J3gKvwh20p7VTtwD%2FJjbm74DrAJT2kQAMoYCGmIdfTdru5atEV8mkS5oQZfUev9TN0o6N3U%2FJFATVKpWi1KhhxJqQQjfUSnY%3D\"}]}\r\ncf-ray: 9d9824b6e853c272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26864,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2305280bc801a1b7cbf5c23eaebe4735","sha1":"f882cb0dee25168f39d7f3325be3b49b37204af9","sha256":"87f583b718a5beae80960761a695610d5af42d70be910155fbd4621afff041ec","sha512":"b5fc3c50231f37a2a124b3db1d32f0327b917c492ca65dd19ee34aff721b88233da45be05d775f10dfac791f6c0f207d4472dae0ded338158d4fdd7d593f340e","ssdeep":"768:+M6Q4pb8JNf7xAv4xVqbL/JAqfXhCTiEIKiUQZs5G:+M6HBvQqbL/h/hCTAK6sU","tlshash":"8bc2f159f1808b5b122a02f11d3671b6f1e0d47e093da2887f69e0183d53f43af0867e","first_seen":"2026-01-24T14:02:42.021853Z","last_seen":"2026-04-19T20:10:49.679603Z","times_seen":13,"resource_available":false,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":64,"connect":1,"send":0,"wait":16,"receive":3,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-09","alert":"Sinkholed","trigger":"refundyoursol.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"refundsolana.fun/","fqdn":"refundsolana.fun","domain":"refundsolana.fun","tld":"fun"},"ip":{"addr":"45.148.103.220","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"Belgium","country_code":"BE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-09T06:50:01.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"refundsolana.fun","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 12:10:01 GMT","end":"Sat, 06 Jun 2026 12:10:00 GMT"},"fingerprint":{"sha1":"21:1C:AC:66:AE:42:2F:28:25:4F:C8:49:6E:00:70:E6:66:B2:08:F3","sha256":"68:18:5E:7B:56:DD:39:54:26:9A:2D:32:49:AC:F2:49:25:B0:77:95:28:3A:80:11:0B:24:57:4B:07:C2:34:98"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: refundsolana.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 09 Mar 2026 06:50:02 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 11748\r\nConnection: keep-alive\r\nLast-Modified: Sun, 08 Mar 2026 14:04:40 GMT\r\nETag: \"e93c-64c83c47053d9-gzip\"\r\nAccept-Ranges: bytes\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59708,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (53885)","md5":"b592e6fdd9d8fa9a232d9d2f5f8dc245","sha1":"1b2262909f4849e7558ec6a6110b5468ae4046dd","sha256":"e21845f6e69cfe784ed38abb3fa5fe2fca2f8c2cf9e1e02a9b5f2f2810ce5a46","sha512":"03bad85df06b0f3d38ff5045805f64d8a9e72866d2c029fbc25a95fc42e84bbe1164139e77b88186e166d2ae64a5d48d4f69f0b2bca8a00416ef9a37afa610d8","ssdeep":"1536:pmzkogYwIcnQTQN+QE7V6yKIO5KXKP6d7uk0tbxWFW54B1J:4LwRQTQkQAB1J","tlshash":"d643a67193c11a7f21638bf1f562bb3cf1ead189ee17885de7ac42a1538ad56e813340","first_seen":"2026-03-09T06:50:27.454695Z","last_seen":"2026-03-09T06:52:01.098495Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1616,"timings":{"blocked":689,"dns":47,"connect":386,"send":0,"wait":231,"receive":1,"ssl":258},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"refundsolana.fun/main.82386c36.css","fqdn":"refundsolana.fun","domain":"refundsolana.fun","tld":"fun"},"ip":{"addr":"45.148.103.220","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://refundsolana.fun/","date":"2026-03-09T06:50:03.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"refundsolana.fun","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 12:10:01 GMT","end":"Sat, 06 Jun 2026 12:10:00 GMT"},"fingerprint":{"sha1":"21:1C:AC:66:AE:42:2F:28:25:4F:C8:49:6E:00:70:E6:66:B2:08:F3","sha256":"68:18:5E:7B:56:DD:39:54:26:9A:2D:32:49:AC:F2:49:25:B0:77:95:28:3A:80:11:0B:24:57:4B:07:C2:34:98"}}},"request":{"raw":"GET /main.82386c36.css HTTP/1.1\r\nHost: refundsolana.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://refundsolana.fun/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 09 Mar 2026 06:50:03 GMT\r\nContent-Type: text/css\r\nLast-Modified: Sun, 08 Mar 2026 13:15:01 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69ad7655-1d955\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":121173,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (63263)","md5":"317e130d6258b1a4c38f7549c59a64c0","sha1":"27a3e40da21dac45cbc2171d8fab2727cc584601","sha256":"055610d87c026e58de3513dc7e35ddabbc22c9070910ececad543c802b307bcb","sha512":"b21f1275b336c70b5565bac51e3d6c75ae7921bdd36b584e812ae6d036507e9973c971a09beffd417560d0f72ba3336b94a1e4faad6212f92a8a9e437d968a33","ssdeep":"3072:GF8luexTIhRRwtGNs9yQ7UduDsHAbr80nkzWteuJ6LJHsxIQ1:GF8luexTIhRRwtGNs9f7UduDsHAbr80H","tlshash":"83c345ba5ae0207bbc13f1e5d298757df91af2d8de3a1299e881510877f23f61c5ad00","first_seen":"2026-03-09T06:50:27.457525Z","last_seen":"2026-03-26T14:50:37.797343Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1736,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1734,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"refundsolana.fun/logo-hero.png","fqdn":"refundsolana.fun","domain":"refundsolana.fun","tld":"fun"},"ip":{"addr":"45.148.103.220","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://refundsolana.fun/","date":"2026-03-09T06:50:03.072Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"refundsolana.fun","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 12:10:01 GMT","end":"Sat, 06 Jun 2026 12:10:00 GMT"},"fingerprint":{"sha1":"21:1C:AC:66:AE:42:2F:28:25:4F:C8:49:6E:00:70:E6:66:B2:08:F3","sha256":"68:18:5E:7B:56:DD:39:54:26:9A:2D:32:49:AC:F2:49:25:B0:77:95:28:3A:80:11:0B:24:57:4B:07:C2:34:98"}}},"request":{"raw":"GET /logo-hero.png HTTP/1.1\r\nHost: refundsolana.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://refundsolana.fun/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 09 Mar 2026 06:50:04 GMT\r\nContent-Type: image/png\r\nLast-Modified: Sun, 08 Mar 2026 13:14:58 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69ad7652-14c7\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5319,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 128, 8-bit colormap, non-interlaced","md5":"daccb7981d7b4643610aefaadaa5d51f","sha1":"1bd91fa53875438dd7dcf8d7d962f678c63dd466","sha256":"a652a6baa66b36b8e02db877d268e8b31c7a6ca77d7e646b7a2bae118843a622","sha512":"9f2424d2b16aeb21f19bfc75240943806c6fa147ec6d0af2f930a2d67b9a08b41bad85d1d8a19960420546908c2027a1865a43e6b5e0657819f95ff203edfecf","ssdeep":"96:wvGBOWPbB0d+8HeJ/k4D81tQIf347RxSmJ7gDZ3MPK1EorlXGFfr3X3:wvGBlXkO81tdfo7jSjCHor2fz3","tlshash":"57b1afee05138e90ed1a41978d8501f9794b0f507fcdb69996adfc7380f4588c821759","first_seen":"2026-01-24T14:02:42.017875Z","last_seen":"2026-03-26T14:50:37.79824Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2345,"timings":{"blocked":1733,"dns":0,"connect":0,"send":0,"wait":611,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"refundsolana.fun/spacegrotesk.woff2","fqdn":"refundsolana.fun","domain":"refundsolana.fun","tld":"fun"},"ip":{"addr":"45.148.103.220","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://refundsolana.fun/","date":"2026-03-09T06:50:04.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"refundsolana.fun","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 12:10:01 GMT","end":"Sat, 06 Jun 2026 12:10:00 GMT"},"fingerprint":{"sha1":"21:1C:AC:66:AE:42:2F:28:25:4F:C8:49:6E:00:70:E6:66:B2:08:F3","sha256":"68:18:5E:7B:56:DD:39:54:26:9A:2D:32:49:AC:F2:49:25:B0:77:95:28:3A:80:11:0B:24:57:4B:07:C2:34:98"}}},"request":{"raw":"GET /spacegrotesk.woff2 HTTP/1.1\r\nHost: refundsolana.fun\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://refundsolana.fun/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Mon, 09 Mar 2026 06:50:05 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 22288\r\nLast-Modified: Sun, 08 Mar 2026 13:14:59 GMT\r\nConnection: keep-alive\r\nETag: \"69ad7653-5710\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22288,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 22288, version 1.0","md5":"87c506d88b9f587f0e2292bc271f5083","sha1":"c0781ea2f29013826dc1eb8db40f4d400d9df710","sha256":"0640890476fc1198ab4de571fb658de443c4d85b66466ec09534a8737ab1ce9d","sha512":"25171eb14ce4c75ccfdb6f1c2a7de82182fd8d3d79cfa108df2d0e015e4ac84678ad97fdf90cff2ac2f24934531fcca3289343129687f176f21964ce5cd01b02","ssdeep":"384:TB/NWnO5qgQvU7gd7EeEX5qPOJO4FqaCEuAsCyzvDfxPdjuHsrC:TBlo1vUsvZqO4MAsCKrxxuMrC","tlshash":"8aa2e15b3f6bde211a27aebf4fc957b0a3ac6c1db2dd2712c198b104408962cc5d5ce6","first_seen":"2025-09-05T05:08:09.568652Z","last_seen":"2026-06-13T16:57:00.766288Z","times_seen":19443,"resource_available":false,"data":null}},"time_used":1079,"timings":{"blocked":306,"dns":1,"connect":124,"send":0,"wait":405,"receive":61,"ssl":179},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}