{"report_id":"02a5dbe4-a7e5-4399-8489-ee61414440da","version":6,"status":"done","tags":[],"date":"2026-05-29T10:56:07Z","url":{"schema":"http","addr":"bim-finance.com","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"172.67.170.183","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"bim-finance.com/","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"title":"BIM Finance","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"bim-finance.com","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"172.67.170.183","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-03T10:56:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"bim-finance.com","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":11,"request_count":11,"received_data":3783514,"sent_data":5060,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"bim.finance","ip":{"addr":"5.75.144.203","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":3238879,"first_seen":"2026-05-29T10:56:08.440635Z","last_seen":"2026-05-29T10:56:08.440635Z","alert_count":1,"request_count":1,"received_data":489,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"bim-finance.com/","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"3433c9d3e9b7e8e5b34ed72e309db572","sha1":"d53d7df082088749c1df6b08330ee9b9e4076932","sha256":"1d96fa9904e3743570bccd5be90e83fd91975299f374093cc6f723673d582dd1","sha512":"ffd0e047331871f21738643968b7eb7fa045ee0e45346a9ea986c4b8a3e745dd310542c6b2734f6d244408bba6548ec66f5cd7662c69485b5e59e3b9432cdff2","ssdeep":"","tlshash":"06f04245bd825a24d35670ddc41f978cc53690dd91491c4cbb64ece1de94c2cdfc6534","size":585,"data":"","first_seen":"2025-08-01T04:16:24.219641Z","last_seen":"2026-06-04T13:34:26.844261Z","times_seen":3102,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"5c3eba13abd184c00355a9437a6bbcff","sha1":"ad5ee821ef5b137078c72770eeb42c00d1f43151","sha256":"fe52bd93b820c71e1c44a765289045b1b75e4a5fc8a07c1396eb3600c367de11","sha512":"e71a63d85c73be833710743bc62c0dccc5338f6d69363005ec555391a7f36574b16ff91d0b033ca1f4184a63fc73eefd13c15aa1e1448710a49f3cc918817161","ssdeep":"","tlshash":"f8e0203851790531c57301885369a3c77e5408936cca7203346ccf450fc63e62a70da7","size":347,"data":"","first_seen":"2026-05-29T10:56:13.383673Z","last_seen":"2026-05-29T10:57:03.216916Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/app-9d2f5e8a7c1b3456.min.js","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"63e973e9ab2ddc2cc2fd8e534fc64f05","sha1":"2f00f04b1639845273bf90e69fb1224a22722bcb","sha256":"d211ed311a3364621faa19e0524585e4855c22ac549ae473b949081491856923","sha512":"764bc02ae1909c718348eacbedc0376209295145e4ee1df429d92f9da1bc2d4ef96246235f9f850bc0b4e8b3cd6163981fc1555a1564ee3d9da9770d82185e4b","ssdeep":"1536:coWDSlQf+tDU0QSO6vdkkMaJQnAK2hfRedQuL:coWDkZVU0ByoJQnAWQuL","tlshash":"85b36fd6590bd4ea8e1511cdd437ec08e52849a3cdadf193ba2cddc2b42ef26844727b","size":117369,"data":"","first_seen":"2026-05-29T10:56:13.366161Z","last_seen":"2026-05-29T10:57:03.212811Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"1a631c5076a73d1b8ac8f6de8cbe93b9","sha1":"e5499f7663c1ae731438ca398e0fe7daf9ed7440","sha256":"ff3b1e6cf273714830efc850c816e44e20cf7beaa45b44b4437b7ba17bab9243","sha512":"6f41157a92fbfa57b48c223090962d097727c8dd7d74ed7f84f6c3969543b35d5005fc898f7018df474948c5798cd26573ac5bfe99b56df275eb7df07dfb1b95","ssdeep":"768:vXH+GcyXoqHYdDo//l+EHWhE8Fn2/NbMQKxb06x4UY0gxgcOcckWY32EHKcqc2o0:Roq4Al+Eh8J21oQs4U9Q7k1fegIL5Ou8","tlshash":"afb372d5990bd4e58e1121dde437ec05e52849a3cdadf1a3ba2cddc2782df22848727b","size":113044,"data":"","first_seen":"2026-05-29T10:56:13.384596Z","last_seen":"2026-05-29T10:57:03.220005Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"76244d8526da359429886b03a7ada498","sha1":"90415cd87cc2f928fc8e16b7740dfb09f7e5bc10","sha256":"3f699786f5f750c5ee9696bce7941003b51f5e5628b55aa6ca59917195d8b490","sha512":"3ba24210155df81c4378587bf70fa4a66f8eb44e60d01deca3b32a8ccdd092d350a1fd870334d90469b750c2fc86822743811cba384e7baa95635291061c3adb","ssdeep":"","tlshash":"dcc0125970206966048e787d4ccf088ebe268412a20849c999dcd8547fb1e6c42e484c","size":184,"data":"","first_seen":"2023-09-20T06:28:52Z","last_seen":"2026-06-06T13:04:43.498154Z","times_seen":1752,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"297a907d4e5b4c2198915e66274d9c9a","sha1":"e0f98af49ab0f7a270e2d739436181f924449098","sha256":"0fdbc26d9d5bd7f6a4bc38acfb91fc663c57463d43a08447f1386b3354cd84de","sha512":"48487cbd59e60a259a5836fc0315243da500d617e94e06b3073f79bb834bd141c9e5cfb59c42a3c2086c920c21be5996e589d4658513cf31d95bfc5757a4a44e","ssdeep":"","tlshash":"1371bc3beb00173bdc8fb9fdced5b4c02e62497262496560691ce102b16cd7087bed88","size":3741,"data":"","first_seen":"2025-08-14T22:39:51.132287Z","last_seen":"2026-06-03T14:16:15.147553Z","times_seen":3139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"f278e1582a6b32d6a9a05328bba73b0f","sha1":"02780b645a044990e49787663d3dba06626b1e3d","sha256":"07317dc90130ec69ed8e07a8362168074f9067473354101f361449cff37110aa","sha512":"08463b63ba1654bf203117d8f0c0a2ce4b5d92914ffba7c8ac3d942ff1a812c86cc61d9e840e5f3422c2b22d1b71b1a06b9a6d40d4e4259b32fd8cd40cc8357f","ssdeep":"","tlshash":"55319948a43216904242e8f1c676abeeabe774080574446d349cbec7eff8447e521678","size":1529,"data":"","first_seen":"2025-08-01T04:16:24.221852Z","last_seen":"2026-06-04T13:34:26.862791Z","times_seen":3066,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-06T20:09:50.134309Z","times_seen":362340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"bim-finance.com/bim_logo_light-1.png","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:45.410Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"GET /bim_logo_light-1.png HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bim-finance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 29 May 2026 10:55:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 1718\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 21 May 2026 19:22:45 GMT\r\netag: \"6a0f5b85-6b6\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iYV2sw7Gykm60ISkH0CTEShpEkZBOsooZvOO8ck3DOkCsLm8%2B%2Fwbs8aEC8rg9XzflOdmi%2FzoqTG2AA16DrgUqeZeVDsjbCs3fq%2FLf%2Fz8H5yPRu7mN%2FwbHypg1g%2BSLSTM0P4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f7f4deaa56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1718,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 128 x 51, 8-bit colormap, non-interlaced","md5":"74508d2cf845a930574b25c6cf62482e","sha1":"7a2ff2abb8794693132438a9ef106377c6dfcce4","sha256":"da5ab62a4e5ca85b4eb461a936cef8dc59fb3049a02f930531375b1ae0204575","sha512":"21bf9aef123d7a181297d18a152ee2c5f159eb96094197b967514544b9d3942c67c25f50b2cb7a5d2f70eef3d8ebfcd28c6d54ccdd1e8adeb3dfc612df206ccf","ssdeep":"","tlshash":"b131b62631489a68c8d38955c87f7b44842d9e2a551b853103b2b8da3db73b62f5e1c9","first_seen":"2026-05-29T10:56:13.364971Z","last_seen":"2026-05-29T10:57:03.21047Z","times_seen":2,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":182,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/app-9d2f5e8a7c1b3456.min.js","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:44.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"GET /app-9d2f5e8a7c1b3456.min.js HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bim-finance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 29 May 2026 10:55:45 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 21 May 2026 19:22:45 GMT\r\netag: W/\"6a0f5b85-1ca79\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GFSgD5IZX4%2BNcfmvPzjanZauJzUnG9uqX5c8EBRfRH9jbrvK7mrA1tjqBWRbx8Lm%2BRaiHpAYDgfKNdKBNtMOM%2FdTyT0%2Br71Adek42ycIMlYngpJ4HGp0Whf4rx4CJGy4fso%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f7f1797556b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":117369,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"63e973e9ab2ddc2cc2fd8e534fc64f05","sha1":"2f00f04b1639845273bf90e69fb1224a22722bcb","sha256":"d211ed311a3364621faa19e0524585e4855c22ac549ae473b949081491856923","sha512":"764bc02ae1909c718348eacbedc0376209295145e4ee1df429d92f9da1bc2d4ef96246235f9f850bc0b4e8b3cd6163981fc1555a1564ee3d9da9770d82185e4b","ssdeep":"1536:coWDSlQf+tDU0QSO6vdkkMaJQnAK2hfRedQuL:coWDkZVU0ByoJQnAWQuL","tlshash":"85b36fd6590bd4ea8e1511cdd437ec08e52849a3cdadf193ba2cddc2b42ef26844727b","first_seen":"2026-05-29T10:56:13.366161Z","last_seen":"2026-05-29T10:57:03.212811Z","times_seen":2,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/background_dark-6.png","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:44.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"GET /background_dark-6.png HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bim-finance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 29 May 2026 10:55:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 87458\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 21 May 2026 19:22:45 GMT\r\netag: \"6a0f5b85-155a2\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=XC12vhUNxCFpMi8ScoZeYZfoSK8tvd1Cx0lKBVoYxx%2B1S0LKAQ8zG6DDuXEjIxJGYA7vBz0y0TExD4y6XK4fuPoX8OCOO6cnpq0MzXVFbv7Xc6VHF4aL4KHFaUYU9zD%2F%2Bko%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f7f1798156b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87458,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 1080, 8-bit colormap, non-interlaced","md5":"95ef3b05af8f39a1084a0b40657f9b75","sha1":"4b394f6aa8957ecf10485635b9bdd9e2ea840594","sha256":"6885d0bd49ff6f6768d93c6568f4695d0f1d2acd598d454fc07a32ff62573076","sha512":"a1aed5ee89a1cfc47bec3b24b3f7f4b8c0af93834e36c47ea4b8a1469fb5d2de39c45321b21cde9e43cc2eefb38184a22958b8849ef0ec4043ee066b6a179582","ssdeep":"1536:u9jYQfq994OowE9OUnmtSaHPMHD3vPgmGKxxCN98uS5Hnnjv+92hzFj1/3JiPP4h:wj5w4wlULvPgmVTCNGuKHnnYGNG41VkE","tlshash":"628312f290f19131e6a950bfc113132616f53f73d8c69aa742aadce5e069c61f40c9f6","first_seen":"2026-05-29T10:56:13.367082Z","last_seen":"2026-05-29T10:57:03.214073Z","times_seen":2,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":200,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:44.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bim-finance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 29 May 2026 10:55:44 GMT\r\ncontent-type: application/javascript\r\nexpires: Sun, 31 May 2026 10:55:44 GMT\r\ncache-control: public\r\nvary: accept-encoding\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PB620ut7p0zNqpfuOnVbE3KLq34UqAA8vNT8JHlpJ6Zff90udEqn7bvEZNE1zszVupz10r0YX%2Fo%2FZ18IYsAx9ohkc6gO9Y5L4h%2Fi4cjnLih6oy9IISjM2NT9Rzjzp9s%2F4io%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\nserver: cloudflare\r\ncf-ray: a034f7f1798856b7-OSL\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-06-06T20:09:50.134309Z","times_seen":362340,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/ecosysteme-1.png","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:45.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"GET /ecosysteme-1.png HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bim-finance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 29 May 2026 10:55:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 18188\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 21 May 2026 19:22:45 GMT\r\netag: \"6a0f5b85-470c\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=S8G%2BuHjK16uX3tLNPeiRSh1LIETXm9GF8RGe1kDRizSWOwtPZ0caX9sTpQ7wN7OILKRkgmm%2Fpgor9HISTcZuf5lfXxF2YXhOS8Zl3JiBKksJpz52d8hquny6UE531ObB0uY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f7f4deb056b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18188,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 640 x 418, 8-bit colormap, non-interlaced","md5":"a0d5bf8e72322e5dbf27371c294ac648","sha1":"db9d6a9b4733c9771c174b7ca97a6ccc2f6d8c0c","sha256":"8ffcafd995e8510a560bd5a44ceb3899400a56f872c0ec658facd2c1efb28596","sha512":"ffc084ac2cf51ba4978dfd1a4ae2bc039040d2883b3a0fac659511ba459ca81a38cebd512cd010ed9381b0f78c38e01b887ec6ddd6c0624b6eb655d92c1dbfe7","ssdeep":"384:ecnO6FUJD3xqBV9p/pjipYFuDmaD1pAw4RJMPoTE+9yrA0w:eJqUpEP9p/pkYFkmqWrV4uyrAj","tlshash":"4282cf7842c6f0de842367539f27112cd9a3c77fd912212c43f6a8c51d25788a6bf5e5","first_seen":"2026-05-29T10:56:13.375715Z","last_seen":"2026-05-29T10:57:03.211145Z","times_seen":2,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":198,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/null?e=jscdn/getFile","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:45.427Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"POST /null?e=jscdn/getFile HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bim-finance.com/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://bim-finance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"dsr1lckrik7yiysszvl7\"}"}},"response":{"raw":"HTTP/3 405 Method Not Allowed\r\ndate: Fri, 29 May 2026 10:55:45 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncf-cache-status: DYNAMIC\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=akShDGspzd0W%2Bi1ql%2BqdH9PU2BZEAe2v1YxOeMZcQNjWu%2B56wknr4G7gHPdk28B6RxBJ1kdEOxX7rmmkB64OzdAGetBw3qC2zA4L%2FLmT70%2BWtwyCc5xUhTD6yK2C8Y6HKGM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f7f4eee156b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"405","status_text":"Method Not Allowed","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":166,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"cc1936e6c20f6a866226130b869d9953","sha1":"65d15aaa085d0c6292e27fecd97ce7c90deb4ee6","sha256":"11f4864b57acc22316998d012efc32274ea8c3f3230acab7bc8ee576c594b203","sha512":"29d5ff85814c6470cd6665b01d1f2b4b9f2303605c922f6f685375875ad1aeb23d80d386497164fc8cdc713968557cbe55b55b8c571ae27dff53c55790f382d6","ssdeep":"","tlshash":"7dc08c6e271b3c48c6a321751ac3f4b0c29da2a284f847006844005331c32169acbb51","first_seen":"2023-04-11T14:00:01Z","last_seen":"2026-05-31T21:05:16.725468Z","times_seen":922,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/croquis_jeton-1.png","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:45.421Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"GET /croquis_jeton-1.png HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bim-finance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 29 May 2026 10:55:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 41737\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 21 May 2026 19:22:45 GMT\r\netag: \"6a0f5b85-a309\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=4,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rVm1WBe1lZt0b2sbLK%2Bi6cRqdWSuMuZG31GyNU4q4ewfG8PfLCswY7SK8YAvHS9eXXsb171GiUcS%2BorSP9ToxG%2FFi5Yuwf1Xp6uc3TqnzNRphxxtZ%2Fy58x1kgcxQmDA7Pbw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f7f4deb556b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":41737,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 640 x 613, 8-bit colormap, non-interlaced","md5":"b923ebcabff8a7f37636dc618e82b596","sha1":"c288a099043680cba22f4749a4f4556a41a905cc","sha256":"69fbb44d30e811c3ac1eccf7b41b55dd1d3680e564f0e4e0938326a2865ed2f6","sha512":"931535a7a064dbdb2bb210489be167b66670f52d848a670923d87dc56b0f85d35e35914c52f42e74b400b29e179cb2f4a7bd55d851852d76082891bcd76418ee","ssdeep":"768:4tmBjjOggHEJShHaXBSKXW2QLjmRpGLJeFLjva935LFyxG1zV1SY+f4S:4tcj0iSZaXBDmrLjm3koFH2ZFzzOYI","tlshash":"8713f199f1d2750d4352aeeb0037f2347be8654858af322e945a13b2bda7e178440edf","first_seen":"2026-05-29T10:56:13.377591Z","last_seen":"2026-05-29T10:57:03.211821Z","times_seen":2,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/secureproxy?e=jscdn/getFile","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:45.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"POST /secureproxy?e=jscdn/getFile HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://bim-finance.com/\r\nContent-Type: application/json\r\nContent-Length: 37\r\nOrigin: https://bim-finance.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":37,"data":"{\"permit_key\":\"dsr1lckrik7yiysszvl7\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 29 May 2026 10:55:46 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\ncast-mode: default\r\ncontent-security-policy: frame-ancestors http: https:, frame-ancestors http: https:\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization, Content-Length, X-Requested-With, Accept, Origin\r\naccess-control-allow-credentials: true\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding, origin, access-control-request-method, access-control-request-headers\r\nx-content-type-options: nosniff, nosniff\r\nx-xss-protection: 1; mode=block, 1; mode=block\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B1JYzkmttDqTQ1uGq0%2Fmzq2AI7zrDxXPABF73QYRb717fxtdlnc8EM5LRNASa3Ztf0inVQnyT1AJ16xP%2Fv8jxoQcHve8sWN8%2FTmHRrMPLaQgEaQrwJmSf8kOpdYC20sKnwYHUeQ%3D\"}]}\r\ncontent-encoding: gzip\r\nalt-svc: h3=\":443\"; ma=86400\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\npriority: u=4,i=?0\r\ncf-ray: a034f7f618b256b7-OSL\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3412246,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"29df87d9b314b851aee1f3eac3bd47fd","sha1":"8875643c86da04afa1999207dc77fd641f96a96e","sha256":"cf5b089f9132b1e9782adb8657e9098fa947dbda370a06c28491ad418c2ca014","sha512":"6257dbf60c2c918a1025f43870b89e6dce6c9237ac985205c3bcccf89d80131ba746748e85d472ad16439ff4fe5478d5211521998df154afbdf7ab64f4ef7fbd","ssdeep":"24576:89TxV8/8Yae0PgGswPpBroS7InwbjtsJshJuEbdNzv63zz:89Tx7OwPEZJsDSH","tlshash":"79252380bd57e96b8f0c66a6b4bb6d0795404f4349cc60dfe926e8c022f877581da71f","first_seen":"2026-05-29T10:56:13.378373Z","last_seen":"2026-05-29T10:57:03.215298Z","times_seen":2,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":446,"receive":423,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-29T10:55:44.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 29 May 2026 10:55:44 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 21 May 2026 19:22:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vIOJx5NUq7KWZg%2BfvPu76wwO6NaBrBmUUkfuPxOnLirU3vtXC0GOH%2B3JrGd8sxeLXB9gXPN3l%2B2GX2LEzfC2vpgvPz1z33F6RVmMTBS3XATzeJkhlSV8FaklRuhyl%2BqW4Q4%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\ncontent-encoding: br\r\ncf-ray: a034f7ef2a2c120a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29664,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (18187), with CRLF line terminators","md5":"b4bf3241722e8949b40e13a1a89dde5a","sha1":"4d465370a890bad1a9b0906c5a19bd4c97436a2b","sha256":"73581e18842ef355233c27ce15564ae4ddd6fb1812a5c75f46ec0a8dfdc6bd51","sha512":"d7873b4f4618776ef73118ffeb370fc91990f534a7e34cb75abe4ab735b32e83f7089224883f63efa8fb7c0e0420f70263fd50aed1111e1eca740118852f973a","ssdeep":"768:uoy/L6NRZRTR8RkR1RwR6RMyErRB2R2TRqcRwnRyKHzLYNTDBGdRq+ImO9vzoCx:uJ/eNbBGyD+suyQS6Nin7HZW+0vzoCx","tlshash":"5ed209b26300193f962bc6ecea60f36db057515add0b2424f5fc41a2f3d9da9c933698","first_seen":"2026-05-29T10:56:13.379217Z","last_seen":"2026-05-29T10:56:13.379217Z","times_seen":1,"resource_available":true,"data":null}},"time_used":259,"timings":{"blocked":31,"dns":8,"connect":1,"send":0,"wait":197,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/f92a69931f9fc9a3.css","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:44.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"GET /f92a69931f9fc9a3.css HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bim-finance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 29 May 2026 10:55:45 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\ncast-mode: default\r\nlast-modified: Thu, 21 May 2026 19:22:45 GMT\r\netag: W/\"6a0f5b85-81d7\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7EoMxaOATIS1%2FdXv5Em3%2BqR9RTgkI1R96UL3ofTGSCeILbSoJlVwDGmULJbu6JBoE2l1hAhnqJ6VBNBISvZgWLpBv8ic28YrK0%2BOFSFyDtg%2FQ1atquX852fE7pFJXFQOMRw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a034f7f1797b56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33239,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (31119)","md5":"83e49f1bf346168383badcb4a24b1525","sha1":"f2c7addb1286d66d02dd44366c323edf17e7ca37","sha256":"a4257eef365a653f5f67ab756b3c569b249d958411b5b69a5d063c373814718f","sha512":"37c69726aa0527d93be61962d2f8ec495059a0c40923ffc9aa05f1c7bf5536455998551946654d253953084f0f02704c1e0bb8cd242a47d15991fe204465edc6","ssdeep":"384:Clw8kblY/jofiYLoan0469fGJPpzSeuLSFXjSERJOfZj6AabrDS:CuBfiYLoan046EA6Xj1bnAabrDS","tlshash":"12e28454a326c97fec3364be639cf41c6219b086ce6557e8fe13222286c77f11962728","first_seen":"2026-05-29T10:56:13.38043Z","last_seen":"2026-05-29T10:57:03.213386Z","times_seen":2,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim-finance.com/favicon.ico","fqdn":"bim-finance.com","domain":"bim-finance.com","tld":"com"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:45.388Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim-finance.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 21 May 2026 18:28:39 GMT","end":"Wed, 19 Aug 2026 18:28:38 GMT"},"fingerprint":{"sha1":"C6:9B:C2:43:55:A9:CF:73:8D:5E:08:63:A1:3D:50:49:36:53:0A:95","sha256":"65:09:17:D3:66:C7:AE:F8:F2:7D:11:55:CE:D4:B8:DE:38:A6:53:DE:B3:12:72:42:56:3F:C2:77:20:C1:B9:F7"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: bim-finance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bim-finance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 29 May 2026 10:55:45 GMT\r\ncontent-type: image/x-icon\r\nserver: cloudflare\r\nlast-modified: Thu, 21 May 2026 19:22:45 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncache-control: max-age=2592000\r\ncf-cache-status: MISS\r\npriority: u=6,i=?0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JvPhpp%2FJqyHzSZmjMuBR7GIWtlgAJ%2BgZz%2B8uxDzqcv4T6yhqS7xlyHuSE8v%2F6wlmGmqkwRtT12JskBZDExd%2BRn%2Fuo0%2B35%2Fp0tT2Te7JvkrdIk4kDUWweyXdEt8e%2BY3GlWy4%3D\"}]}\r\netag: W/\"6a0f5b85-76d7\"\r\ncontent-encoding: br\r\ncf-ray: a034f7f4ae5d56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":30423,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"cfe17328481abb68d590a21c19fd50e4","sha1":"a2f484793de86fcadd97a90262566e4344b6c606","sha256":"8662cb530f9198fe676f4fc5b416cfd1809d322667cc0eab559807098e8ac2ee","sha512":"4249a39e5567e0f1a03667e626822e8155b773033768f621942e8a79b2be143bb622c5ec2b6b87f7d5bd664aabf689daa7abad9c75b3865fe60c52884747fe2f","ssdeep":"768:J8Q41BedP0auzsQCvpSwEl23RuwkXTTZa3BSs8IXw9Sv:FP0auzJCxP3OTk3BSz6Pv","tlshash":"99d2e061c42546547f9334ebaa3422a2442d76107f3f23a4c97ee332d7a6216ff6e44b","first_seen":"2026-05-29T10:56:13.381362Z","last_seen":"2026-05-29T10:57:03.209654Z","times_seen":2,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim-finance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bim.finance/public/logos/favicon.ico","fqdn":"bim.finance","domain":"bim.finance","tld":"finance"},"ip":{"addr":"5.75.144.203","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://bim-finance.com/","date":"2026-05-29T10:55:45.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bim.finance","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 09 May 2026 12:50:14 GMT","end":"Fri, 07 Aug 2026 12:50:13 GMT"},"fingerprint":{"sha1":"EA:D7:AD:68:CA:49:5E:FB:73:F2:DD:E3:B9:21:16:61:A3:2E:8C:DB","sha256":"5B:39:73:9F:88:8B:AC:9B:FD:F2:9F:B5:7F:42:68:A6:B3:6B:2E:B9:4E:22:60:43:25:3F:72:64:50:11:7E:58"}}},"request":{"raw":"GET /public/logos/favicon.ico HTTP/1.1\r\nHost: bim.finance\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://bim-finance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nalt-svc: h3=\":443\"; ma=2592000\r\ncache-control: private, no-cache, no-store, max-age=0, must-revalidate\r\ncontent-encoding: gzip\r\ncontent-type: text/html; charset=utf-8\r\ndate: Fri, 29 May 2026 10:55:45 GMT\r\netag: \"yvzvwucz0sli7\"\r\nvary: Accept-Encoding, rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch, Accept-Encoding\r\nx-nextjs-cache: HIT\r\nx-nextjs-prerender: 1, 1\r\nx-nextjs-stale-time: 300\r\nx-powered-by: Next.js\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-06T20:09:47.269697Z","times_seen":16189918,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":79,"connect":32,"send":0,"wait":40,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"bim.finance","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}