DNS/CDN/frontend hash drift

Multipli's assessment for RD-F-105 — scored green on the v1.7.0 rubric. The evidence below is the curator's reasoning for this score.

Evidence summary #

Applicable: multipli.fi is the official frontend domain. T-09 phase-2 signal, Tier-A (instant grade flip on unscheduled drift). Official domain multipli.fi appears stable per public DNS resolution. Impersonator mainnet-multipli.fi (documented April 2025, PCRisk) is a separate domain registered by threat actors — this is NOT a change to the official domain's DNS/hash and does not trigger RD-F-105. No CT log entries indicate SSL certificate change on multipli.fi. No change-management allowlist breach found. The impersonation finding is Cat-11 F161.

Sources #

URL
Multipli official homepagemultipli.fi homepage — accessible and stable as of 2026-05-17retrieved 2026-05-17
URL
PCRisk — Multipli impersonation domain mainnet-multipli.fiPCRisk documentation of mainnet-multipli.fi scam domain — distinct from official domainretrieved 2026-05-17

Methodology #

Detect whether the hash of production frontend JS changes versus the prior published hash, or a DNS config change is detected.

See the full factor methodology and distribution across all protocols →

rubric_version v1.7.0 protocol multipli factor RD-F-105 score green collected_at 2026-05-17 11:48:35