{"report_id":"01bdbe4b-7bb7-4564-b7d0-dbc82b8aa814","version":6,"status":"done","tags":[],"date":"2026-04-15T05:14:38Z","url":{"schema":"https","addr":"benqi-fiupdates.live/","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"172.67.165.191","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"benqi-fiupdates.live/","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"title":"BENQI","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"benqi-fiupdates.live/","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"172.67.165.191","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-20T05:14:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"benqi-fiupdates.live","ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-04-15T05:14:39.105109Z","last_seen":"2026-04-15T05:14:39.105109Z","alert_count":32,"request_count":32,"received_data":3829881,"sent_data":14488,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"benqi-fiupdates.live/mustache-4.2.0.js","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"62417c60d482a6321a6d121d5e84c7b7","sha1":"4a00fd8a814b9d62771379341d447a231bb0b515","sha256":"16de697d916d108c72d270b9f26767fb9d2dad35363dea2998f8df0793868fdd","sha512":"5d4764ce179186b1a38c961e1f8cc360eccbe2cb28c49fa07ae3d864f0ac55e5f0c0ee871aac488b8262c8ed3f04458083b8f161e28e025d05724ab8a7046b34","ssdeep":"768:pTsGYc4NY0XrrCkmzjHIDjyb8Yni9dc/+C7rW9k1i5c6Wc8OKn5lc157H:IYyCQvojPCd","tlshash":"dc63a5d56946d4e18e1260cdd433f909e4648913cd7cf1a3aa3cdee1b86df26848b27b","size":70846,"data":"","first_seen":"2026-03-27T13:16:11.521955Z","last_seen":"2026-04-15T05:17:13.792329Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d0d6ee4a07afbdd0eb60f2d160ca3d03","sha1":"ff91285d0251f194843116ec84b58a49eca31f60","sha256":"1517fa0de19fc64d116c4ab519a78194d0f6f3ed89e32c55c555c4b9fc6c5bcb","sha512":"f9c48ffffe60104f401bb4288bc5d38c4e0314021b9882c3a55e1db37661bf1ecf0d829cd96c40e4b9f9d023e2bba24857071e04e304636eb1749e9e9268b0d6","ssdeep":"","tlshash":"831104f9f3586b7104eb733624aee6a43db61066f4054c108b2fc8940d7cc415931cf8","size":905,"data":"","first_seen":"2026-04-15T05:14:45.0088Z","last_seen":"2026-04-15T05:17:13.803973Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5e766b1254d7f4c0739499653130064b","sha1":"0e0fef2183c5ca3d80f59c8306dbf17bd6b68700","sha256":"e291641155974a6abb8dc3fd61e963cae874ab3fc310445334bf9a114d5961e4","sha512":"e7f8e0fe54e284cf84c90adf69232661898ecf0ca84be5eca2f41154c1c72ffc971fee01e46fd03cd04e09b8aae83e965ccef7baf55a0e7e161f46d3a22e2fa1","ssdeep":"","tlshash":"6c2183893313383bd287534ad684430c3239846f6c0b42943f3ca85c4e7185b07be769","size":1334,"data":"","first_seen":"2026-04-15T05:14:45.010731Z","last_seen":"2026-04-15T05:17:13.805231Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"303b9f4295ec8d11d31c0a4a7df56feb","sha1":"95696741be025e40ba7d6e475e9489aa07b20eb4","sha256":"9b411cbe85361f233327d705ffbf228e5d79094cb3d60239dfe016115a082f90","sha512":"a05c851f28f0b99b9fca7719dc3e7500d64d6a2e9a47e2673ceda64612ddcc42c221ed48b214dd5ad8beb1dc9616a6b763018dcb5ec29069519af036a0d6086a","ssdeep":"","tlshash":"6e41b731721c187b56e717f7265dd2dd3f2e301fa952c00a191888a81ad8f0ac29aff8","size":2194,"data":"","first_seen":"2026-04-15T05:14:45.012705Z","last_seen":"2026-04-15T05:17:13.80768Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"297a907d4e5b4c2198915e66274d9c9a","sha1":"e0f98af49ab0f7a270e2d739436181f924449098","sha256":"0fdbc26d9d5bd7f6a4bc38acfb91fc663c57463d43a08447f1386b3354cd84de","sha512":"48487cbd59e60a259a5836fc0315243da500d617e94e06b3073f79bb834bd141c9e5cfb59c42a3c2086c920c21be5996e589d4658513cf31d95bfc5757a4a44e","ssdeep":"","tlshash":"1371bc3beb00173bdc8fb9fdced5b4c02e62497262496560691ce102b16cd7087bed88","size":3741,"data":"","first_seen":"2025-08-14T22:39:51.132287Z","last_seen":"2026-04-23T02:44:36.463064Z","times_seen":3069,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"benqi-fiupdates.live/ignite.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /ignite.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-1560\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ePhPINdOhwELaaWr8DbDT34%2BF%2BbspkyUmavYHal%2BgTegvpue%2BEcoABs%2F5DuwHBC696fZw8dBNWB4PwsW8EYat3NUEN3371Rkv4DUr5BD5Jhk9aqj7baJL3ppp2VYyKM3el1LY81Kvw%3D%3D\"}]}\r\ncf-ray: 9ec876d7c87456aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5472,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8b261803ae862b5d48e65090ec9f0e38","sha1":"b99fbd9fcbc636699f9507f43b171be521cce4a9","sha256":"a8e352e8068674a6673bc1c20411abafb9a6b39f903c8aa360d89c5a5d521141","sha512":"888834e2ef9b56587601edddfcec5cfb93de4ae5aa6fa3ea2ab35d07ecc4a5751216d2be365e74540c825db7837a52803dc37a0071c222ce8d722c472562e7b5","ssdeep":"96:FVdpuLs4/QYgRirc7CYENcg/D4WpXhVEpZpyQfcErz:Fw1QTErpYENB7bVEty8","tlshash":"0db1a5efb2749cead881c2edda914458124f50b65481c260c9adff1e78b68c8dc1f6c2","first_seen":"2026-04-15T05:14:44.930563Z","last_seen":"2026-04-15T05:17:13.760205Z","times_seen":2,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/anchorage.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /anchorage.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-44e0\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B0%2FhvZH1ehNux0IXK5usNZsgsvRfAT5EqM7w1r%2BC41yLUJqOIp29irNaNVdXe5VqfVcmbXP0b77qtn3PiVy11%2F8rAwXogjExQd7MvoCE%2FCqui3%2B7Fbx41nDwdO%2FyrXXG5z1gb%2FI3jg%3D%3D\"}]}\r\ncf-ray: 9ec876d7f87d56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17632,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6ef053ad44aa2c8598897c22b07154f9","sha1":"d777e1af0fd4af8c9a0e77aeca1cc0e7d0342b35","sha256":"9ffe4445c7ae510f1eac925bb2ba7f00ad7c336cd6df951bc8c9404b48ad4e63","sha512":"b26bf8afcef6df9337c532cbbc27069ccab6a188d3454fa4981b6acc5a860f7654c7a633a9e60dd61f1af70ba1290e0a412b9970611c6b86662271795aff90d3","ssdeep":"384:UaMJnjF7npuklPDQ64lDZ53dE0/LcJkpSeQXP6n:UaMrnb2NE0AJkpSFk","tlshash":"ae82e7de3b55a3e0e007f3f9ed120469ba1f28feaec1c374c79a5e49a58205d8945cc2","first_seen":"2026-01-28T05:20:06.619975Z","last_seen":"2026-04-15T05:17:13.765823Z","times_seen":3,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":232,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/tvl-coins.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.352Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /tvl-coins.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-1b3c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=m6zHzppmcxh3RSfCxlJXPdITAOO4DfN0dJQFUvrVFmSjFQnQaDHvS%2F5ZKJ%2Bj9IApgnC85UgPMIlHbrtavGw3XqMU%2BM%2B53EWGxPzVvcY1QS%2Br4rc%2FuwmV1%2Fz9u3aMNyKSNuXgM4Tk%2Fg%3D%3D\"}]}\r\ncf-ray: 9ec876d8088656aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6972,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"eaa7cc083b50111ab6fe7649e25ba348","sha1":"aa48eb2b4be367aa881de8429c064c12bea98871","sha256":"a7335b5d7d2af6c70f251ed78c5dd3a1a20f19b417ca6449bd7dba2f770f75a8","sha512":"db1499f4a1dca886d5b65321db6eceef3695922ba696f90772588c3948caf3af6e580b008704ad5806d7cdc84bbb57d32e4afff547acfef6ea8991491e5d0f8e","ssdeep":"96:51k4eELPcyS8K3L/zJrMtzawRuDJj00NZdUFdIV72vWZ1ipcvcyLw4dExIMojFL0:HTql7rJwYDJjMJeLLLxdEGMo92fv","tlshash":"3fe197a6d3bc1739dd8a87288230449171da69af7051d2dcf3bf8f06a619df108a4d78","first_seen":"2026-04-15T05:14:44.938072Z","last_seen":"2026-04-15T05:17:13.782979Z","times_seen":2,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/savax.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.354Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /savax.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-2253\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1K1L%2FeVmBkZKnhbrvYvwi%2Fh7RW7q2ssaikzQJPsv6knXu0StabYc%2FYX%2FOPsb8rhhDs2jzN%2FD3edch1fOnoeTS41nBi78cKqq931mgIb4VYzHBAlpKr2nsNRY4k%2BwhZgkOFpiLxrKag%3D%3D\"}]}\r\ncf-ray: 9ec876d8088756aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8787,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a8b512ced33cea3a387c1bcc06ac5960","sha1":"7941e1bed5701f70bdf70353bd096a8ffc83be4e","sha256":"24b8be96008df08db8d654c8929df564896fa4dd7493ef8ba597e74e8e45f24a","sha512":"3d3a0b3ba2768a3cc3319733e266d5fa0e6ef432a068cd39ac29eb9977aa278dd630cb97619313390c673cb23439410e1795e3f500a7047b66096f68022c486d","ssdeep":"192:h5wBxp9UFG9D3Y4BbYJOJ1dvPKen+zefRhIUuBomtbaB:h5c8G9osbISd3KbD7bW","tlshash":"130273ec76b25ccfc9dc42d77f8065f931068277a5298d0cc85c4f6e25648ace8366ca","first_seen":"2026-04-15T05:14:44.939045Z","last_seen":"2026-04-15T05:17:13.780891Z","times_seen":2,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/logo-white.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /logo-white.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:01 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-5a8\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jtEEY83xX9ATy34krKm2qLoMXAEO3J3g%2FLvIKmGY33vHQ1T%2BzmWJo7IbnPDocwyhKvYacarhkSyOwD7rSMA2xzM866GxDeEsJwNguIMOsRhaYYZaXrvYN7YguKBVcUQE5c79EFE0lw%3D%3D\"}]}\r\ncf-ray: 9ec876d7c87156aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1448,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a233cf361d6b4b340580748b152e104d","sha1":"85e77b9c0a85dc2b385e869c8aea2b51a11d37cb","sha256":"7324696e5d0aa479ffd6b1a03acf4b0cfe9b36f968e3d18c6e57c1eff54b4299","sha512":"ade70facdc1f361ebae5311047157179f37f7c606c88aa772133e380360994abd6319e49642035d9a3b525eecaaef1f1d7c30be5c8a87d51b6c381937a13c1bb","ssdeep":"","tlshash":"ef3196b02b54973a4dc0433c87ce5999645e568ff4b015ecbbaa5583e4241df06fc24b","first_seen":"2025-06-21T18:52:51.028965Z","last_seen":"2026-04-15T05:17:13.758437Z","times_seen":6,"resource_available":false,"data":null}},"time_used":1338,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1338,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/lending.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /lending.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-1bc7\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mBpRdChn3MlNLJTP8wwiMNmBNMT7M9gG0X4odh9LwMCsB7iJLfB7yrFlvkQmAhQg%2FMj5mcoCblwjjelVlG%2F0hJpASu0KYe6Aj7NsQnBnuDfhAcx1Ll6vbkwg3pym35QahRAcOibVjQ%3D%3D\"}]}\r\ncf-ray: 9ec876d7c87356aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7111,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1f0229232521f1ea121732ba02cc69fe","sha1":"32633708fec08d62e7803ccd391d39e48ad5ae86","sha256":"1c48207c5ebbe30cd8e54df6a4afe9f76e1dd6f65240f59f9e7905aa696c435b","sha512":"5d1357f50857abfe76fd100293edb5ee7e6931e6ccb4a6f8d9fe6384eebc341df52d688dc81e5ce2605471f28ef73ccc4943f1c834a33b6e97f75ecd1b95c5ae","ssdeep":"96:lPjLrnC0iAzPMoQ8PWHTnRcEqFor1Ou/v4JQXj+hLuc2AZE0BfzNOEnc6CN:FCYzP3Q8WVqFEOhqXCAc2h0BLN4","tlshash":"b7e183ee73658cb6d986c2dcef515058225bc0f6a4c08b74c66cae2e38214d6ec1fdd2","first_seen":"2026-04-15T05:14:44.944123Z","last_seen":"2026-04-15T05:17:13.788015Z","times_seen":2,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/immunefi.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /immunefi.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-e5a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Am9ofBHFntN41bXOR8kIDkUAaDheGo26Y68mh1O19RKwyaIGRg%2BZPv%2Fi3yQh7%2FSsqQA13E5Y3jWoP8gkZNfdPf4SkuriYABETIfJ9Up8AvWM0QbCnYleTocoHo3TUluikSl3ZSdLbw%3D%3D\"}]}\r\ncf-ray: 9ec876d7e87a56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3674,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c2f3814be67b949bb29fde4fdc712f9b","sha1":"47ed98e0d84a0668de6d46d1fc55051be81972c0","sha256":"2398a6b2c5553c0817994a6e7ab19ab7619a830e0e66ae56fb7c7bc8c64204f3","sha512":"dda6185faf4033f661b789ac27f2bfb176aa2b57330c5a65a2379dc602aa6eb970a2e8dc5105579a04c9b54fdadc58793c57bc0f0cb70fe4eda7020bc7611680","ssdeep":"","tlshash":"9571a475d779207af1024ff4cdb3106a317e20ff2124c149a104bb6a92b9dde2ed8ab4","first_seen":"2025-06-21T18:52:51.030676Z","last_seen":"2026-04-15T05:17:13.79633Z","times_seen":6,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/zellic.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.337Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /zellic.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-130a\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=auOp1q3w2ujIEvJRD5xPy4GHWuPt%2BBO4r%2FYbmK6xfb2n3np1UWzuyze9Ez23IdYHYcvkWQoFdnh4XBny40DMPHWgWzxgtSMp9t6X8qR4W7RIRZwt%2F%2B%2BhV7vTsQUGe0Wcnd3KN%2FcGIQ%3D%3D\"}]}\r\ncf-ray: 9ec876d7f87c56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4874,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4af5ed8fddbf1efbbc72a6a7f3735174","sha1":"984de3a9fd1003034641f9bc1e7732f779b1c794","sha256":"8ce8945125165a9b8d9d0dad0f9a898928ca187883fa741458f625b82b9fd0fe","sha512":"df550207c6916834d3a9f4dec08aebe8f88ed927dac48e3aa74a7fa07b8ae4c2ebac100e501885035944c4da6d5b3d98a91d6d3594438c6cb47a30974bc14898","ssdeep":"96:o+q4n88L71wuG2vkNDHUhzsv2bHahtYyYH2WsXmvoCW7bZySO2ms+:ofSwGkpKzM2bH+YyYH2p2voJ7IV2G","tlshash":"9ca1a7de534c96b8d5cab3fc9a0a5439be22b8f5fd85d56487443e1a78a00dd4c68cc3","first_seen":"2026-04-15T05:14:44.947727Z","last_seen":"2026-04-15T05:17:13.755022Z","times_seen":2,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":206,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/chaoslabs.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.344Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /chaoslabs.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-1956\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CFd0P4GInaiyT9U5z9iuUoVjC8LLEUuf6wjc5cnyStOD0ZJNiIapRrBZixrQaV6FlAYav6EnZ5A7pnW3KG8WNaL1pwFHeNkNhWrbqRdxluF8UlaGsmviKMsHz%2B%2FeYhZL25ulwzMxlQ%3D%3D\"}]}\r\ncf-ray: 9ec876d7f87f56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6486,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a801d35809a42a8449fab5e67d13cc25","sha1":"353efad60db038e98f5a7e4035abfb25f17a61d7","sha256":"351bdbddf14123189557963f9fc4c536f833fd73eb6e401a0f50f9398e6dbb51","sha512":"fa527452d21919b41ac350116c3b08595669201cf749a83568471b54399fbcf1e7fda2e45c0143908e2a43a7a822013ca2abefeb8a800df5cb7f776094623144","ssdeep":"192:f9JmM1sdlH+XKGY9IANTeGSDtMCG5urTwSDbMUG5PrzLm:fx1s7CKGCIiTWD2wDAY","tlshash":"42d1fe56032c93b87ad74c199d30a0d33b9998dbe3a9f1eceb638612d9476f14038d38","first_seen":"2026-04-15T05:14:44.949079Z","last_seen":"2026-04-15T05:17:13.767614Z","times_seen":2,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/nodevoting.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /nodevoting.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-2228\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CV853cfYRRsNeOnkmasCCLm8wrRkQMKvykLouFpJPglKYD3pSuyms99LEYlUm8ey%2Beynp3%2BDK1BbSIugHdv1TTG2l%2F8l6Rs7MzEMZ5MuHmjuiQRq2I27V%2BbEYmIau5lsl02WNJ62iw%3D%3D\"}]}\r\ncf-ray: 9ec876d8188a56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":8744,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8669f9b09fc8010a7f07a60058fb3667","sha1":"fbaf57d7ed71c3f927a3d0d963cd0cb00b583bbf","sha256":"6719063bf0fbfe27950715c25a50334f27c54d74280249f4002f1644759417ab","sha512":"383fccdc86b7c47d7bd093f0ae0841a14d67cc5bcc137c21d1a48b3852d9cc60fec6e6a6b6272ae8172757113d8ef35c08f71be541229022b7ec8bd7ca2fe8e3","ssdeep":"192:h51Q3rG10puwHrB/jTQKHNOmXF1BQnH9gm+FS:h56I0pnlTPQmVQUFS","tlshash":"050284fd6fe01cd9dec983c3ff8158a9351e803ba5558f18c45c9f0e214689ce8a6ad6","first_seen":"2026-04-15T05:14:44.950324Z","last_seen":"2026-04-15T05:17:13.794564Z","times_seen":2,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/ignite-1.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.356Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /ignite-1.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-da7\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EjXVJ6KRCEgFkNslVHlX3AX4ocxbEYLyJwnI7QmxOrwK%2B9n5K0VBNYCu8DzueNBkdmzcORZXoU3pbWfap37Yzag4%2BwmCXVE%2BcMktabn7%2FgrpdRvHhx28b8JouIcyvcH1LJRYoIeVWw%3D%3D\"}]}\r\ncf-ray: 9ec876d8088956aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3495,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0adda13d8b41fab005d577a1870dc6a8","sha1":"95a798625f673bd1ba2be5eb0ffd7826a49a7fa8","sha256":"13f800e0a5ad1b525222ed72e09b56ab878a1177e815c6f1b196c0fd87599829","sha512":"8ec53a4a6be9211cf1593f35ad58349b9b46d1e9d31c180676a037411d00abf4ef613bc7b2d4088f4963f170da8d0fbfdd9dc2193946f56d4e08ace56ba35393","ssdeep":"","tlshash":"3c71c7ed32907c5dd38e0288ebc06c24264c9073e2578a99cc5d7e1780729cce97fad8","first_seen":"2026-04-15T05:14:44.961047Z","last_seen":"2026-04-15T05:17:13.785633Z","times_seen":2,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/mustache-4.2.0.js","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /mustache-4.2.0.js HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\netag: W/\"69d19774-114be\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\npriority: u=2,i=?0\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FOYYQLgsrbc2rGGZdqBdeUZR%2Bjv%2FmI59hhdFoIY2%2FP8otNGeht70d%2FRyO3P2p%2Bo3EXLbukQNnKw1yzXd2auuaLYZ4zBTtvB4OVkC1N6K3YhONjtCq6TUKtzydnWMGSZl%2BBPFhhnoZQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9ec876d7a87056aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":70846,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"62417c60d482a6321a6d121d5e84c7b7","sha1":"4a00fd8a814b9d62771379341d447a231bb0b515","sha256":"16de697d916d108c72d270b9f26767fb9d2dad35363dea2998f8df0793868fdd","sha512":"5d4764ce179186b1a38c961e1f8cc360eccbe2cb28c49fa07ae3d864f0ac55e5f0c0ee871aac488b8262c8ed3f04458083b8f161e28e025d05724ab8a7046b34","ssdeep":"768:pTsGYc4NY0XrrCkmzjHIDjyb8Yni9dc/+C7rW9k1i5c6Wc8OKn5lc157H:IYyCQvojPCd","tlshash":"dc63a5d56946d4e18e1260cdd433f909e4648913cd7cf1a3aa3cdee1b86df26848b27b","first_seen":"2026-03-27T13:16:11.521955Z","last_seen":"2026-04-15T05:17:13.792329Z","times_seen":5,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/liquidstaking.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.295Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /liquidstaking.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-2a02\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lsizkCdeX4jXF3ZBnbpx9vc1%2BDgfWSRsS3lV7Crb1b5bSxOytpcPwMJ18Nm%2F2wr2IjVPDmmjmZT5EneasPJvrb%2BqRw1rR6DJ%2FEOm4mfNsUH4YrkkAKrjinUNym6JkSmn118kz99nIw%3D%3D\"}]}\r\ncf-ray: 9ec876d7c87256aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10754,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"40ab353a66a6c171cdb716baf865ff79","sha1":"aae74602469058a5d66fa7f4269ecbfb36c8e288","sha256":"c0320d0fdb23faa011b90dc2553a10539cc11000ca0ea75a87a3399e4c67d747","sha512":"92d000c7c6854cc5fac0ccec6a1ff7d7916717d9c38f9a671e27273d38e935a73a57673faecdf8f2435122f63c379ab6496adbe7f816103b8061d50c4195ac79","ssdeep":"192:uFMywW2TcIVWxNK/pmljl72TmcO+0SYCXOcRqZ+3NYtaoTF+ytBg:uFMywW2c7N6Algmc4dRZoYasDta","tlshash":"3d2298ffab648ce9ec8693deff514098250ed1bb65908b10c65c6f1d24a18d8dc1bf81","first_seen":"2026-04-15T05:14:44.963776Z","last_seen":"2026-04-15T05:17:13.775686Z","times_seen":2,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/zeroshadow.png","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /zeroshadow.png HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 13637\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\netag: \"69d19774-3545\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=tSxclXIGw2lNIvB%2FeyY2Cyi%2FOZ3uN4zqnADT81eJTkJvWFQM7BsbVVwOSttduY14sH5EtsNrLsKh5DuI%2FklYRJ%2FUk95PQWvOWWasAm58JyZJ7IF5H9YFRRB29HSp3Qd1CQAjoG9FPg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9ec876d8088556aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 256 x 63, 8-bit/color RGBA, non-interlaced","md5":"8950c8cca136bbb375990b140d8b2027","sha1":"f5f38e123134aea604ab5048a9d4f7473e3da4c7","sha256":"1b1704dc5aea61d1c495d5694194df299516de7d5e16a16d31de6dbca1b315bf","sha512":"959eaed5bb2ddfd71ec1483d9bd0188b78ab7fe9207fb3b6762aac8dc9445b47d39db1e3dde0b3c64ea5c0c070689772e0584bd3053b6fd044325bd4a10cd6a9","ssdeep":"384:lM6G3+L2okkMf5qY4Ghwppvtw7jGKw5wMwH:q6GzkU4GhwAiNC","tlshash":"8f52bf05ebe157cad4e16abddd121f4d4b8125a7783680df9222d218e9cb06b22e1ec2","first_seen":"2025-06-21T18:52:51.037553Z","last_seen":"2026-04-15T05:17:13.79392Z","times_seen":6,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/favicon.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:01.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /favicon.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:01 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=6,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-f51\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F8RPWxejsrdGEjG2mDwR0Kr78%2BgqyKEMN0NlMp0%2Bz6uOHqYhz48i5MxMRgMy9CI7IfGr%2FiMwe6F78JVFOx59ZZ0eGTwFlvDHZNZ0kznIO%2B9DNNa4LIioSlqkI8w6X%2BMMRCrHAbqO6g%3D%3D\"}]}\r\ncf-ray: 9ec876dd68b856aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3921,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"73063eb05d54581f723aeab0d7d94b92","sha1":"04a163aa9e5182520718e56d0ae405a8c509dd6e","sha256":"0ceb9312b2197c2f638b8cee7a739c5054f9cc2475dd8bf31c004aece319de53","sha512":"ca3c3d3996e7a17d43c0d8f3f11121ad0535f8c86991468499a7c54d5f2ae40b89912e2a38fdb1705a2c6dbc0302e804413315b0837440ffaf5394b8018c1998","ssdeep":"","tlshash":"4781127096ac8df7e55ec25aece030098b0a64e763528344fadda29e7f251d1c70b794","first_seen":"2025-06-21T18:52:51.010686Z","last_seen":"2026-04-15T05:17:13.80211Z","times_seen":6,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/40fc9188adbf8091eab2.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.792Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /40fc9188adbf8091eab2.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-8ee\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DC8ix11GJJffIjNBlq9EXJG0NqDJLg04cpIHOOopTlPcd%2BXeF5le3iDkVUny4x5nBbmKo7M0%2BMgOiLMDmJRKFsnuhCkq0y3BVVCl3N6j8AZXi4Aqk5TKBt%2FHxoZkHLEjaoE0eDjs6Q%3D%3D\"}]}\r\ncf-ray: 9ec876dae8a456aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2286,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"95c57abc2ea6954414bfb2e3a52c3d07","sha1":"3f321d06407fed2014b2b9437ceca547806a4cc6","sha256":"9a7aef608e067942ba8ac62aaf12891c34feb7f2158073f3ecce7b14b7569fc0","sha512":"5e09b6d4e0a32e4fec222c56b0c12586ea0aff5a0fcb039831bcd2caf1afb8d38893f7932bd8f5a507c3e6c4571547ab820e75367ebe90021aaf92917231cae6","ssdeep":"","tlshash":"74414ceb3618842845721314dbeda542805cd6bbc6de0da637205f8b3c992ff97cc6c8","first_seen":"2026-04-15T05:14:44.967312Z","last_seen":"2026-04-15T05:17:13.774494Z","times_seen":2,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/secureproxy?e=jscdn/getFile","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:01.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://benqi-fiupdates.live/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://benqi-fiupdates.live\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"iauk68k9babwu4kb8zt8\"}"}},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:01 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c6S7XwM8xfQHqLe7gzx4aldUqlqYLg9KaL7rmD%2BIjZoHN7g2ViuPbPPYqxwiPw0X0XmypmZVCB41fDDAGdVvQIZPNeNyuXdMULz3zyobZQNogL2%2FxvYCaifI4VzXcj34JbUyeyw%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: 9ec876ddb8bb56aa-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3305388,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d06da599a5fd2ef0734bbf0ab8ade02b","sha1":"a7d28a990f2e0207ace38ca55a1b5ead286578f3","sha256":"df2077fa26ad10d7f8db3cb9b41f2a1995f2abf99d09a0c553e7f773586584dd","sha512":"fa6dbcfe0770f906eef9ee9d5513b96b3684ae2266be043468f44b96e76edd71353722024d673d073556ceb4f7036903c115a119655c2930cf4f968e3e596675","ssdeep":"24576:vb/YWmLkwsOukzMSPbg+lsVo5/Cr0OSzcfUjeSfa4o3:DGkwdNZngk3faN","tlshash":"522523e32f5ab5788f6c59d5726b0c0f2c444c13148866b6fbd6e8c73589ba042ebd78","first_seen":"2026-04-15T05:14:44.969634Z","last_seen":"2026-04-15T05:17:13.795434Z","times_seen":2,"resource_available":false,"data":null}},"time_used":634,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":286,"receive":348,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/lending-1.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.355Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /lending-1.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-14ea\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MryiT2Jdu%2FNLKHRzJnVBLAI2zfk0WJSKKMq3pN%2BA5L%2FwHQyEb80%2BYo%2B3XqqbvZb0pB2ivMvMSpl6lKDJsYIu9YnEknLxzsqE8qLFlmAwgS8RzGZyy4VGY5f%2BGsVJbNOq%2F%2B6xYY3CEA%3D%3D\"}]}\r\ncf-ray: 9ec876d8088856aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5354,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f1e1d417a833781181fdb9ca3ba7835c","sha1":"2d53a3b7a61339834b8b9ca0432369c0dc15fede","sha256":"721b22b0b9e68ec2c1197e4382365306953d36eb3121aacbc03f1a4086884ae0","sha512":"eae2e8e0481a25453ab1901b55a98f494d2ce70bad419aebf4ac2dadc2afcbec6e40cc606e23fd902f847f447b4bd56b3556a37b863e007819acefa56502c2d1","ssdeep":"48:NV5BntPGywF1LALEash9QSKzdGsSeia/uRSChSfFRchV51rXp7GtO5Y+7OxXm+Gy:h5W3cJSYdCctWh50hfmP1WZK4hkXy","tlshash":"66b1b6fe27904cdeea8903c2fbc06874220f9177d1168a09c45d9f0ba46198ce57bbdd","first_seen":"2026-04-15T05:14:44.972058Z","last_seen":"2026-04-15T05:17:13.78392Z","times_seen":2,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-15T05:13:59.586Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KRG25p01w4mctRN%2BuUusf%2B%2ByUKuQIg7k4T%2BMdAcuj7%2BQ%2Fwb0NeUOUAO1TQYqni4CwWg1m9RbtJbNSNBwixsWTXmdHuKv4W0p8lqL2p%2FzFQNjiou2Ft0amLnhw%2BRumosvev%2FUV5OzcQ%3D%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: 9ec876d588d156b9-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":239980,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (46612), with CRLF line terminators","md5":"46dd8bf169deb9d538e3da1f84219ead","sha1":"42d0b68ce16456dd0ae8dfe73f1e211211ddf9c7","sha256":"1cea5b29cbb64d0ac62b06fb2e323c48c7dd35908495cab20716d8e7b9dd7e4c","sha512":"a4cf32fa47225c7fb798596a15ddeca27ecc320ec08947b770817e807c1ef77373d0f41d7d8984ea899cff6c30f9ab8e6ab1a2611a06b055f6f337bbab16e127","ssdeep":"6144:jL++ZLsRc3P3LicT7B19+/eAN59qG4YMW1g1oxw1aPoS2L/qJXfZU3Y:fnsR4LicT2N59qG4YMW1g1oC1aPoS2Lm","tlshash":"1534d9798c0c362e77330d6ed78b26be6a4a62df761140cf688ef1d8c77a94543a0d64","first_seen":"2026-04-15T05:14:44.974157Z","last_seen":"2026-04-15T05:17:13.76997Z","times_seen":2,"resource_available":true,"data":null}},"time_used":871,"timings":{"blocked":341,"dns":332,"connect":1,"send":0,"wait":183,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/chainlink.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /chainlink.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-17f5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0AnGuLeoj%2BgG9PMBM5xn7bh6SfLzwVC8z57o7A3hEXHYHkmiYDGUuMCkEENWvQ6IEPy45e8lyDoBV%2Fed%2FigmWDkump9sk8TEuEuiX3BUDsJIvMLkP2XSyohpuzItrLhUYcR4oErttQ%3D%3D\"}]}\r\ncf-ray: 9ec876d7d87656aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6133,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"657a5a3410feba530239c53db1e9135e","sha1":"1dadef2d2b1a274a919823ca669c7439c4eb6d1a","sha256":"cb51a0177ec5d9a16b6a9a9eec6551a67349dcc79b56ab14b05e4d0e90413e3f","sha512":"f433e48c5afaacd4822d5431f0faaea5fdac8b38385bc3baae33c0c823acc02d28e2e3787beb3ca4d0afe95830dab1f7dab5d3e5dc55eb421d875390e755804f","ssdeep":"96:4td8Ktn4s8qfVf5Bk8cGd09oyo0uiZZA6KvICac03DqGLljyM8cXfJ:4tdb8qxkssVo0uii9xHGLRyM8cXx","tlshash":"e3c1a4d622d9b3f0a507fbd88315a471bf6b74f89666c978c3902e85fdc186c9884cd0","first_seen":"2026-04-15T05:14:44.977085Z","last_seen":"2026-04-15T05:17:13.763093Z","times_seen":2,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":204,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/fireblocks.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /fireblocks.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-19f3\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S6uR8Uw2%2B%2BVolpr6ZrOGfYrRZPLj9MWE6frnp3NnRphkgE7NPXm3uFd6RJh0Kgikf9zgXA6aJI336qaVp3SMw1AL%2BwrHEkTf7iU6a36M6X7wiU6UiMlsGh8ciMqscxE0e%2FwlQiI5gg%3D%3D\"}]}\r\ncf-ray: 9ec876d7e87856aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6643,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"dafb1b5c09357450c888a2b86891750f","sha1":"3ff773e70f6f79d9c48bcf1420c2d64660d34626","sha256":"09896473af5c6d8eff52625856dcac1005acf8f8740c8989295ea07321caf3d1","sha512":"b910df68fb5ab8968ff12310e8a3aeea23aa029cd30469c60e79009373c0289867bf9280353ab820e7e5554c755f8150cb33d42e7560010e0233647b4d560f0c","ssdeep":"192:l4sVqOJQ4HlF7+tM9zyPa8QXGuN5dLvtuU5:6shPF7eKmtu72U5","tlshash":"8bd193dcaba8a3a2b481e7c8d5a5743db62f28fd7b99ce48c6448ed8b4450dddc54cc0","first_seen":"2026-04-15T05:14:44.979192Z","last_seen":"2026-04-15T05:17:13.790438Z","times_seen":2,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/hexagate.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.347Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /hexagate.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-1729\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=asrSeleO4%2BQWPTotUQ3867LTgqSqjbNEMQ4v3JPD4ZKDra%2FECH0jg7CFSpQ9lU4M4PdV8r4tTjBWWtXLVF9kmzcYjRcD3M4NVN0KKUq%2FULEzyhCVJBF4NALFIHARHVhiBcTNXDeViw%3D%3D\"}]}\r\ncf-ray: 9ec876d8088256aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5929,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0978df2fbcdfd1bf49b2d8df6128e8ab","sha1":"f85bfcccfe2174264ae3a52d9f846c631a27bfe8","sha256":"9e8bf8bea644ac4cd1f3f3b059aae78ee2bbd3b0a73d77626d967c69b5620fbb","sha512":"86ed0b26d2267ff51741bde5a903358bbe7dec8e046806ba6312633e843dd557f32966a22bfa8bce0041fc24176219d49f6d2b721683f0ecbab47bd9338b7797","ssdeep":"96:rxEJ7Xf9d3k5L89dZWkzYwMrJ2nI+LyRZN24r1TO4UFnk4wZHN1:rqJpNLWkvMJ2n4FDuwN","tlshash":"c3c1fc439244db2e8c82c35cde7a90d6318598d3e1fab0ece8f75b16954b8b4e418ab4","first_seen":"2026-04-15T05:14:44.981334Z","last_seen":"2026-04-15T05:17:13.77322Z","times_seen":2,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/halborn.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /halborn.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-66d\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PsRva5xbMu%2Fdi4BkV5sKA4rgK%2F80Cd1MRU6UiVIMGG9piNc4qmkxZttum7pyZl%2ByGhufPhzT05a451ftmojqwF%2BQcXeOv0T3WmL6WPIzz1q3idhtGeGjohvifRetNi7it4Kj%2FpXgIw%3D%3D\"}]}\r\ncf-ray: 9ec876d7e87756aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1645,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"63235a5784f25e7c6964f2a4937ab3fa","sha1":"d282b2185d624a145c25fa0df814eed9bad58816","sha256":"39b69a1417a0bf81db72db8a124c7ae5dba8407d4d8c796e58513bed13530516","sha512":"120e6baba3c86f081595b71a04d80c6a6c5cbcf000c32ea6198080892be419803cbcd4dc58e929b78d33bf8f9f0ba50445a5b789d95cc2c8bc7bea14b5e80e0a","ssdeep":"","tlshash":"db31a2e597869479d80197ef1728caf163d5408bc222738dfef70fa09fd5c650a460ea","first_seen":"2026-04-15T05:14:44.983294Z","last_seen":"2026-04-15T05:17:13.796971Z","times_seen":2,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/cyfrin.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /cyfrin.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-1210\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G79HrAF3FKbAL3vGFabaw5ommvbdouYSrbYqMTbljuAAiG%2FhzR7ig0cYyvlQH43QE5Xei9EEPcuu5pzKqxAA3YgZoQFcVxa4C2%2FzNvNZhb%2BKjc8ufCtcqYaHMq7NZtStu0ajYtbtBQ%3D%3D\"}]}\r\ncf-ray: 9ec876d7e87956aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4624,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"39a5aff6c13a602dd1a66e06cbd4eaf7","sha1":"9bf767d43c22624529d04d30bac0ada3ddd3c869","sha256":"1977b82461fdc3e17552f2b4effa8720a29b9abe727f8a59a71cccf161e3f1c6","sha512":"3a19c220f79cc8af34201d5745311ffc066573618391161c9addf00c967df685967d1cb1be3366bfd106f5154b6073e10008e77ebd02fdafdf7a912b896b39cd","ssdeep":"96:M5FVzUP4XmHCJc+5PDPqGU/3SDRO8cM+Sv43vuOdA0NrRaFCm:qVzPXmHCDDyxSRvc2v43vuSpA","tlshash":"5091a3fd27b49ae05fc492f7bf6110ac752784f7ea148f28c15c4e18788ac9da854bc2","first_seen":"2026-04-15T05:14:44.98545Z","last_seen":"2026-04-15T05:17:13.777886Z","times_seen":2,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":237,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/code4rena.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.342Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /code4rena.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-155c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sl%2B4erSZQrp36cfTNFw%2B515u9aGR7EltVT1tYPXCzfX4joUmVUFZoxyvp1u1NCdK53yMKUn7u1Dv%2BVoKxFS9c9yWXv0W8M6ZbmoFCIhEO9VXYb3CyCFbL%2FEWrTf0zq55H5sR9SPY6w%3D%3D\"}]}\r\ncf-ray: 9ec876d7f87e56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5468,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"454674f16b1a20d6e21c90321c5eb856","sha1":"ef3f04b70c02cc183867c074f906c914e2de61ef","sha256":"5895110e14eadcb508724d9342232c9360fb6ad2486bcaad4ecc11ef44619c41","sha512":"e051d1021b59ac65af108ff1428d15677651bf25ed0e6fd8c79b369dff753f9c1e9711031ac272112a9e2eedcfd2ae89ca0369a176339388549ccb2cd11864c9","ssdeep":"96:qy1Ii4CHBjlOBqgWuEmRfUH0WoOVSUVnO1zNN7H070iU5NPsKNeYC:XxV/gWgTDCqBNT0oPJPC","tlshash":"24b1b9ee77980aa4dc4ad6fbe727409c720bd4e786954960c24caf4ebcc543dcd494c6","first_seen":"2026-04-15T05:14:44.987762Z","last_seen":"2026-04-15T05:17:13.776809Z","times_seen":2,"resource_available":false,"data":null}},"time_used":254,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/dedaub.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.345Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /dedaub.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-a78\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EUDL6KMsLVBZpRt3uGYZY9UaiVlcuj2NDi2kGXvdHNFA2G%2Bw8kk1E678VhXXFNvOqU7eNul44yrrpeN%2B9DgDRmLfQ7MMHZUpw%2FXU6kbQ4lsKe7dB3cZhfUrAkORTRHTr6zv5CwhmMA%3D%3D\"}]}\r\ncf-ray: 9ec876d7f88156aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2680,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"4934ee27a7ad3856bbc614ce1d97aa62","sha1":"1277a8ed24bdea95cccbd2754846cc4ba54f31d6","sha256":"b224126eea2e5d5f7919a2d08718b2d6664672ee78a448d53e27ccb3ccc3686d","sha512":"2c555e4b6d0ea552ec77352dbe77c56efbef2b3f8960ae5158abd32dbc25f7d78d739ab5a0b645db072c2153fe95cb9fc0e4ef79127437dc4d60e9a9b9cbc1ff","ssdeep":"","tlshash":"e65186f5b67f12e56842d7ccaa7f543650be3cfd7b9002acc2694c45b2623855c80ac4","first_seen":"2026-04-15T05:14:44.991626Z","last_seen":"2026-04-15T05:17:13.791402Z","times_seen":2,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/3fabab01d26603b90fdb.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.708Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /3fabab01d26603b90fdb.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-a6\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Kgdtb47QHzyF5h%2BlfTHzQIPIbUvehhKtatK1i5ycEjnIw0kwqLXkga0NGbYuq52X5DnInDH%2ByU0LY%2FsGZZ1KiORH2utqqeLocaw4xDDmimL%2F3VVCC7%2FgE%2FV38sNEmNEFTxAl1Bo6cg%3D%3D\"}]}\r\ncf-ray: 9ec876da689c56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":166,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"9a6e90e01fb34694f6d116e84ef8bdc0","sha1":"f566c091afdc4be5c27348e187dc134dd7f29a7a","sha256":"15b0485dd6c1c82644ca3e3d9940c32074a180c80a026522acd7ac3dc74a29e4","sha512":"c9982f682619d125a80a96016cadb1e3624572ac4a029428df11e02f15acd6fa4282ea53309d998f24f2fa3599194cd6653bae8e54f8b7470377c260b598d252","ssdeep":"","tlshash":"81c08c39a19d8919c750c119522fb34e32f6a1d5524a0169f6922a42f6126fff8c83a8","first_seen":"2026-04-15T05:14:44.994413Z","last_seen":"2026-04-15T05:17:13.786927Z","times_seen":2,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":167,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/delegationvoting.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /delegationvoting.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-29e5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c5KjaE2ZZQyvg7v1b2anU4Zo5vhcgb%2FW4YBMLZzJ7AGjZc9NjDqahZFpdbO5sP12b0ar9l29%2BeTN8ztd7GRlybdljR%2FofvuJJYJZjRugdrggQAv7dJpnpOySpcZ%2BbkrlzwIy9iH4hA%3D%3D\"}]}\r\ncf-ray: 9ec876d7d87556aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10725,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fde27d58a186090378a24febd7aea06d","sha1":"4a874c8cfd7eeac902c5f52186db32c4404f8081","sha256":"cae58402749c7ae9916c18a1e3730e5d1c5d78f723d6b6ae0968ceb5f9981ac8","sha512":"80760f9dfdb19c5c009ee849bc0754657d78631dfa874e6f02223a9ef461c873fdf7dc160b1e711dd3a863fbef780eb1f41983083944908f49b8c966dc67b405","ssdeep":"192:3WODLSmdfrjJBDI35sOSdZAg7Qozy8Tljbkc20vi:GODLr5v7DIpsIozywkt0vi","tlshash":"b122f9dc3b79d6b9f482f2e9de1734981a0e50f6624085b8c7791f0ea02a4e1df1b8d4","first_seen":"2026-04-15T05:14:44.997123Z","last_seen":"2026-04-15T05:17:13.78942Z","times_seen":2,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/bitgo.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /bitgo.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-bdd\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JMXW2zJXuSI87BUnYT9WXzcRIuH%2Blqf90XAxri5qWxD1jk6uU%2BWlyNdcG0igJf9i8tYv8DlqRr%2BuO2kGn0oTG%2BrhkWOFTCibMSMT1Pu4LuTEdqUnOAWyT%2FEzTvnF%2FJNDsmh%2BSfhOsg%3D%3D\"}]}\r\ncf-ray: 9ec876d7e87b56aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3037,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"fadce417d3a170f3045ef4bce7bc7575","sha1":"87be322527d7e64f902462e856c597df0d5046ff","sha256":"0317293a755c088558a0c9689ff18bb4686306abb161077d6a75490e4d8405eb","sha512":"7c305b1274c61acaf82be899ac0e86b361ca7d304568f489b34ed0a8c0d564aa047d24f0161e1395c535d097c48f7f3f141fa278e8f9768d5cb49e3117185428","ssdeep":"","tlshash":"3351a7cdeae827d4ddcc03ddae9020d9280a54f79a858674f71edf557bc58dc8a410c8","first_seen":"2026-04-15T05:14:44.999672Z","last_seen":"2026-04-15T05:17:13.771823Z","times_seen":2,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/certora.png","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.349Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /certora.png HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/png\r\ncontent-length: 18180\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\netag: \"69d19774-4704\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XNNNUlGP2Yk8B6zI2JeVldg2tCoEcdKtHafxI7C2ysIARIScvYtQdlI9YAljFhO9GAo%2FfE5MONYiKJAMXe8cE2CNcyGagBwZMZnL06QHGUv7J4GoHA9uVAHObXzbXTGG17rPaRSg1A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\ncf-ray: 9ec876d8088356aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18180,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 174, 8-bit/color RGBA, non-interlaced","md5":"57e01fe7c364053cd14d9be3324bd4b4","sha1":"f3fb4c8a7663029b27ea642ba701b67f56ac83dc","sha256":"9cf119339ec14f5399e297dcd836e1d11ec31db2402015ba1680ce182337d0b3","sha512":"7e145cd9f3d638cb4bc54b2d690e74bea00ef3777f0278542acac5b97cd6a475d2f0f30108be92bda663819cd76c88811d54260e0b7945c8177cbc6b8ef4ac61","ssdeep":"384:3NdJcJ8NyWns+DvQQ2fpJO622h0/psoX062G8L+HwN:F2YxnTDCqv/ystTHi","tlshash":"1e82d00fc5a969215d36d73378f3b940eae680b3aac0983da90c7d0d54967f57243a2f","first_seen":"2026-04-15T05:14:45.003076Z","last_seen":"2026-04-15T05:17:13.778849Z","times_seen":2,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/codehawks.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.350Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /codehawks.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:00 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-11f3\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1mhTu2kueiZbJxwwiZy7MJ7wMLhYM5UGpbrfFFaW%2BUIpD7XXLsbxsgMn7zuOB9sTKF2mI%2B79EcYeD4wmfqAsfRj7vm8Qtvp5iyTSo0ZDJhEq3wodpJiEcq9NtnP6eXHnU0H22LfaMQ%3D%3D\"}]}\r\ncf-ray: 9ec876d8088456aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4595,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"dc69f51f82964e383f28e544a594b7b3","sha1":"b822a0962ab221e26836a35c91ac8df6deab4e54","sha256":"b24d38516369591b22dfb78b980d1b8571004154c9780ecda165af33dd57fe4d","sha512":"b59a953879df2334f05429a60a8b28e0cbc24b4c6d248c06a3301749660bc3eefb7c3c454e16cca980eeda4873ecdf4a435f55a56ba8e696cfba9defc144c98e","ssdeep":"96:kxDJTzRFpDEMQqyE8YYyhJIABvZsvWAeEcGs0eX7HoCx7Ah/j1Bk:kRJTzRww80RpZuWA7YX757Ah/A","tlshash":"cf914592d398977c9d85834de77444e439e648ceb1b3d3fca6ff85617402af04464d64","first_seen":"2026-04-15T05:14:45.005579Z","last_seen":"2026-04-15T05:17:13.793013Z","times_seen":2,"resource_available":false,"data":null}},"time_used":198,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"benqi-fiupdates.live/ceda9e75aa2ed7b4c272.svg","fqdn":"benqi-fiupdates.live","domain":"benqi-fiupdates.live","tld":"live"},"ip":{"addr":"104.21.89.230","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://benqi-fiupdates.live/","date":"2026-04-15T05:14:00.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"benqi-fiupdates.live","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 04 Apr 2026 22:14:59 GMT","end":"Fri, 03 Jul 2026 22:14:58 GMT"},"fingerprint":{"sha1":"AD:FF:51:3B:7F:6C:1F:AC:67:BA:4D:A7:58:24:CF:25:12:06:94:D3","sha256":"40:8B:94:20:82:49:13:43:A9:B7:B0:29:B3:2F:4B:B6:51:37:B9:7D:26:CC:94:BC:B9:F5:51:C0:A1:C5:AC:53"}}},"request":{"raw":"GET /ceda9e75aa2ed7b4c272.svg HTTP/1.1\r\nHost: benqi-fiupdates.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://benqi-fiupdates.live/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 15 Apr 2026 05:14:01 GMT\r\ncontent-type: image/svg+xml\r\npriority: u=4,i=?0\r\ncast-mode: default\r\nlast-modified: Sat, 04 Apr 2026 22:57:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: br\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\netag: W/\"69d19774-c8e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=y3W1bQjQsPqT5knsmfpBVOJYNPpnareC57X%2Bur%2FafKz5JrdEw%2FLYhD94vu14vNXR%2BSt%2BVHOWeztO3h9HvIlMGPjQhHLqIDZeJg6w%2B7%2B1lNqyIhQbINtuDayhNepBPd70Tus2nn6N3w%3D%3D\"}]}\r\ncf-ray: 9ec876dae8a356aa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3214,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0d30cbbd030a822fdad3023eeb63add5","sha1":"d8d3c90648c1b8a55785702517feb58cdb3d33bb","sha256":"cf53fbe1828df6497232530c49ee0d31332aa715b0ff5d89065126e18ff6bee8","sha512":"b90048e2676d7bb48d5ee3e1906a3fa54b14698ec7076afbfc91a4c3a1c95024ad9ef5b1bbc29a1a1c0abe0601dc6b90770a2f3c50e541422cefd419317a00dc","ssdeep":"","tlshash":"83619afdfb954db2d9d8e2d9fe1150a8f04f207781c15220c09deb2d74a58dad42d8c6","first_seen":"2025-06-21T18:52:51.02342Z","last_seen":"2026-04-15T05:17:13.782331Z","times_seen":6,"resource_available":false,"data":null}},"time_used":257,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":257,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-15","alert":"Sinkholed","trigger":"benqi-fiupdates.live","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}